This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.mft File: hWL0qJNlk83sba1-Ls8beb9lwFo.mft (raw, json) Hash identifier: D8ppgqwyylHr+piyjKm1lQGS2ZfJArNpJA/u4epL9P4= Subject key identifier: D2:7E:11:6C:27:77:B2:E7:FC:21:E9:27:33:E7:E0:88:33:A2:F7:7F Authority key identifier: 85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A Certificate issuer: /CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a Certificate serial: 019B54F475213FB21D3CBFCD3CB857441A76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.mft Manifest number: 1677 Signing time: Thu 25 Dec 2025 10:01:05 +0000 Manifest this update: Thu 25 Dec 2025 10:01:05 +0000 Manifest next update: Fri 26 Dec 2025 10:01:05 +0000 Files and hashes: 1: AuqfHgJMLbox-SCvoHiOWVRxGtM.roa (hash: xeAvQlAlfgpUCdvO+zQfkKF/6NqDyXiaKSOgk2lfPWU=) 2: hWL0qJNlk83sba1-Ls8beb9lwFo.crl (hash: AvMv82dbdRMjNc0CuaRYefAIwxwpA53PqJdb3p8g9JQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.mft rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:f4:75:21:3f:b2:1d:3c:bf:cd:3c:b8:57:44:1a:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a Validity Not Before: Dec 25 10:01:05 2025 GMT Not After : Dec 26 10:01:05 2025 GMT Subject: CN=d27e116c2777b2e7fc21e92733e7e08833a2f77f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:1d:f1:e7:03:29:8b:3a:bb:53:51:71:8b:4c: 1e:39:b5:bc:de:c0:9c:c5:51:d0:fc:ce:c6:c2:da: 46:8d:e8:93:80:0e:0f:b8:d5:09:75:98:8a:25:22: 86:bc:2f:a7:0f:89:6f:9d:be:0e:4d:d5:59:69:fa: 77:b7:7d:44:ea:b3:fc:95:23:21:a4:3d:e7:6c:c6: 5f:aa:93:8f:12:4a:f4:19:fe:74:7f:89:fc:82:7d: 3d:59:f4:95:8c:36:7f:f8:01:b5:45:64:36:1b:fe: 86:98:c9:87:0b:6c:60:29:34:aa:e4:2b:84:f5:bb: 26:85:3c:aa:e0:f4:b8:71:de:eb:e6:59:6d:dc:3e: 95:12:8c:ff:4a:69:ee:ec:61:68:e9:a3:62:ab:5d: e2:00:6a:0e:49:8b:80:dc:f2:92:4d:83:47:0d:a0: 16:c4:b6:5c:72:b4:36:86:12:03:80:86:d6:28:a1: 77:bb:5e:22:60:0f:c9:64:ae:29:ba:fd:cb:13:d2: b2:ae:72:1a:cc:45:1f:e4:40:4b:a8:3f:f3:51:99: 9d:ef:6b:92:07:12:02:34:e2:3a:2d:6e:47:60:b2: 17:9a:62:3f:51:d6:46:61:33:33:2d:5b:57:af:bc: a1:17:c9:b0:ec:f5:ff:48:05:01:28:37:20:e0:56: bf:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:7E:11:6C:27:77:B2:E7:FC:21:E9:27:33:E7:E0:88:33:A2:F7:7F X509v3 Authority Key Identifier: keyid:85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:59:57:9b:a6:2e:d5:0a:04:31:32:bb:27:33:44:86:bf:6e: 6d:d4:e1:2a:87:d3:ab:7b:54:84:ef:f7:c7:2e:15:c6:9e:c6: d4:a0:f2:dd:d1:ed:18:90:ed:ad:40:4a:cf:fc:cb:34:cf:57: fe:b5:02:c0:2a:51:a2:89:0e:fe:58:c9:c2:fa:d0:d0:75:b1: bb:d2:48:41:38:c3:90:28:72:c3:7f:21:bc:30:f1:37:70:20: ec:ff:1c:d4:8c:a8:63:1f:4b:f5:ca:37:0a:0d:3b:a3:02:f0: 17:e3:29:06:83:d3:59:37:59:46:6e:67:f5:c8:49:81:68:2c: f7:4a:6b:f4:3e:f8:b1:8a:a2:5c:ce:48:98:1e:1c:14:48:1d: 41:7c:d8:30:c2:0d:35:ae:4a:c1:47:0f:a1:31:8b:83:50:d6: a9:91:5f:b2:c5:f3:ab:7d:b9:2c:60:a1:f8:92:34:61:a3:ef: 1d:fe:85:e7:19:ce:10:df:7c:d2:fc:05:d1:93:2b:1f:14:fe: 25:e7:0d:c2:b1:b0:6b:36:73:7b:3b:07:4b:2d:b2:1b:e6:e3: 34:1c:a6:5e:fd:5a:f9:18:1a:05:b9:ba:58:8d:e5:1e:07:49: 76:5f:d5:c5:56:1d:1c:b1:33:cb:9f:49:dd:a5:44:a8:45:f9: 3c:82:58:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtU9HUhP7IdPL/NPLhXRBp2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NjJmNGE4OTM2NTkzY2RlYzZkYWQ3ZTJlY2YxYjc5YmY2 NWMwNWEwHhcNMjUxMjI1MTAwMTA1WhcNMjUxMjI2MTAwMTA1WjAzMTEwLwYDVQQD EyhkMjdlMTE2YzI3NzdiMmU3ZmMyMWU5MjczM2U3ZTA4ODMzYTJmNzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph3x5wMpizq7U1Fxi0weObW83sCc xVHQ/M7GwtpGjeiTgA4PuNUJdZiKJSKGvC+nD4lvnb4OTdVZafp3t31E6rP8lSMh pD3nbMZfqpOPEkr0Gf50f4n8gn09WfSVjDZ/+AG1RWQ2G/6GmMmHC2xgKTSq5CuE 9bsmhTyq4PS4cd7r5llt3D6VEoz/Smnu7GFo6aNiq13iAGoOSYuA3PKSTYNHDaAW xLZccrQ2hhIDgIbWKKF3u14iYA/JZK4puv3LE9KyrnIazEUf5EBLqD/zUZmd72uS BxICNOI6LW5HYLIXmmI/UdZGYTMzLVtXr7yhF8mw7PX/SAUBKDcg4Fa/5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNJ+EWwnd7Ln/CHpJzPn4Igzovd/MB8GA1UdIwQY MBaAFIVi9KiTZZPN7G2tfi7PG3m/ZcBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODkt N2UxNzk0NjYyOThjLzEvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODktN2UxNzk0NjYyOThj LzEvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFlXm6Yu 1QoEMTK7JzNEhr9ubdThKofTq3tUhO/3xy4Vxp7G1KDy3dHtGJDtrUBKz/zLNM9X /rUCwCpRookO/ljJwvrQ0HWxu9JIQTjDkChyw38hvDDxN3Ag7P8c1IyoYx9L9co3 Cg07owLwF+MpBoPTWTdZRm5n9chJgWgs90pr9D74sYqiXM5ImB4cFEgdQXzYMMIN Na5KwUcPoTGLg1DWqZFfssXzq325LGCh+JI0YaPvHf6F5xnOEN980vwF0ZMrHxT+ JecNwrGwazZzezsHSy2yG+bjNBymXv1a+RgaBbm6WI3lHgdJdl/VxVYdHLEzy59J 3aVEqEX5PIJYeA== -----END CERTIFICATE-----Generated at Thu Dec 25 14:33:01 2025 by rpki-client