This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft File: H2fPHKLeoy_NlwLdJRDra_K2hhA.mft (raw, json) Hash identifier: KSoHTcDpOThB6dtprl6IDSq5vY0lFFuFE6jngUlx5fo= Subject key identifier: 53:18:F5:0C:90:47:0C:6C:20:F8:4E:D7:83:A9:B0:EB:2B:AB:DD:5F Authority key identifier: 1F:67:CF:1C:A2:DE:A3:2F:CD:97:02:DD:25:10:EB:6B:F2:B6:86:10 Certificate issuer: /CN=1f67cf1ca2dea32fcd9702dd2510eb6bf2b68610 Certificate serial: 019B3EA3702AC7925F611C89B9BF38E03A12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft Manifest number: 072B Signing time: Sun 21 Dec 2025 02:00:56 +0000 Manifest this update: Sun 21 Dec 2025 02:00:56 +0000 Manifest next update: Mon 22 Dec 2025 02:00:56 +0000 Files and hashes: 1: 39yFNcs_aiMECPSY8yer3c7rqfs.roa (hash: kt8DxoHHJV7b65racNqYI0+ZGEt7nNXcd8uoIQ2X++s=) 2: H2fPHKLeoy_NlwLdJRDra_K2hhA.crl (hash: MydU8PYw/+XOBb955/QyytrbjxKd66IoRNYifZ6SizM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:70:2a:c7:92:5f:61:1c:89:b9:bf:38:e0:3a:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f67cf1ca2dea32fcd9702dd2510eb6bf2b68610 Validity Not Before: Dec 21 02:00:56 2025 GMT Not After : Dec 22 02:00:56 2025 GMT Subject: CN=5318f50c90470c6c20f84ed783a9b0eb2babdd5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:f3:25:b7:74:53:eb:d8:dd:22:0a:9b:04:98: a2:e4:23:8e:a8:d0:77:db:1b:9c:83:3d:76:8a:06: 9e:77:a5:85:96:12:2a:b1:8e:f5:cc:4d:6a:8e:54: f6:12:bc:40:de:d8:75:14:3c:7e:66:fe:69:c2:23: 51:87:6d:c1:52:38:87:28:55:b2:c8:07:50:01:49: 33:51:13:e3:c3:e5:6a:ec:cf:5e:c6:46:c3:ec:72: 2d:f7:83:34:96:31:58:46:71:65:ab:f8:82:32:ea: fb:01:09:92:cd:85:5f:72:0f:a8:0c:a3:0e:71:ba: 4b:25:da:30:6b:a3:b8:12:67:aa:4a:44:81:eb:8a: 4a:0e:c6:bb:76:ce:45:8a:a9:aa:51:3a:ab:c5:1e: 21:7b:21:c6:a1:bb:98:6c:1c:e6:b2:12:2a:3b:80: 65:8d:6c:0e:81:78:ed:34:24:e4:d3:06:f2:45:6f: 67:84:06:38:d1:39:f0:75:b1:7d:c0:2e:a1:84:4b: d2:ab:3d:8d:54:08:cd:47:eb:9e:f6:1c:15:c0:04: c2:39:45:c8:10:db:46:f2:8c:e1:58:a1:11:7f:9b: 1f:a9:6e:61:eb:de:3d:ac:9b:74:3c:1a:63:b2:ca: c4:e2:73:51:16:bb:e7:d8:c1:8b:ce:1f:0e:e4:49: dc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:18:F5:0C:90:47:0C:6C:20:F8:4E:D7:83:A9:B0:EB:2B:AB:DD:5F X509v3 Authority Key Identifier: keyid:1F:67:CF:1C:A2:DE:A3:2F:CD:97:02:DD:25:10:EB:6B:F2:B6:86:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:37:85:36:a3:1f:cc:31:71:d9:be:1a:c8:50:67:c0:3e:f4: d0:23:1b:d3:2d:c2:b6:2f:22:f0:be:9f:1e:d4:b0:79:b0:a8: 1f:c7:2d:41:44:ee:2f:a9:a0:ce:7c:95:79:57:89:fd:e0:eb: 45:c4:73:9b:dc:e9:1b:7e:ec:54:7a:28:fd:f7:11:78:96:86: 29:5e:24:e8:74:4a:22:40:08:23:0a:0e:28:58:b8:8a:65:f0: 01:89:50:65:66:8a:1a:79:e9:7e:30:fe:e5:7b:04:bf:ce:53: 27:79:08:e9:af:74:d7:af:a0:62:d9:b5:fb:2d:98:79:82:8f: 8c:fe:b4:b3:35:3f:31:48:11:1b:c7:e1:d6:ba:80:5d:9d:ed: 9c:cd:bf:8a:8a:3e:1d:78:46:75:b5:0f:3b:49:0d:e6:97:84: f6:f5:bf:07:ab:74:c6:2c:b2:8e:84:5a:a9:79:94:96:1e:02: 9d:e0:af:b3:75:b3:85:65:6d:91:05:83:33:96:db:16:af:57: 62:31:df:94:21:8f:96:cf:8f:b6:a6:d1:5f:b8:89:97:dc:e8: 4c:3d:c9:c3:2c:01:82:56:1a:6c:ac:53:fa:d2:c2:c1:2e:5b: bf:09:8a:5a:19:b1:69:b5:db:bd:20:63:d3:a7:2c:a6:9d:f1: 3e:c8:7d:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+o3Aqx5JfYRyJub844DoSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmNjdjZjFjYTJkZWEzMmZjZDk3MDJkZDI1MTBlYjZiZjJi Njg2MTAwHhcNMjUxMjIxMDIwMDU2WhcNMjUxMjIyMDIwMDU2WjAzMTEwLwYDVQQD Eyg1MzE4ZjUwYzkwNDcwYzZjMjBmODRlZDc4M2E5YjBlYjJiYWJkZDVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vMlt3RT69jdIgqbBJii5COOqNB3 2xucgz12igaed6WFlhIqsY71zE1qjlT2ErxA3th1FDx+Zv5pwiNRh23BUjiHKFWy yAdQAUkzURPjw+Vq7M9exkbD7HIt94M0ljFYRnFlq/iCMur7AQmSzYVfcg+oDKMO cbpLJdowa6O4EmeqSkSB64pKDsa7ds5FiqmqUTqrxR4heyHGobuYbBzmshIqO4Bl jWwOgXjtNCTk0wbyRW9nhAY40TnwdbF9wC6hhEvSqz2NVAjNR+ue9hwVwATCOUXI ENtG8ozhWKERf5sfqW5h6949rJt0PBpjssrE4nNRFrvn2MGLzh8O5EncTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFMY9QyQRwxsIPhO14OpsOsrq91fMB8GA1UdIwQY MBaAFB9nzxyi3qMvzZcC3SUQ62vytoYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zY2I0ZDYtZjMyYy00MTMwLWFlMGUt YmFkYmU4NDA5NzdlLzEvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy8zY2I0ZDYtZjMyYy00MTMwLWFlMGUtYmFkYmU4NDA5Nzdl LzEvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOTeFNqMf zDFx2b4ayFBnwD700CMb0y3Cti8i8L6fHtSwebCoH8ctQUTuL6mgznyVeVeJ/eDr RcRzm9zpG37sVHoo/fcReJaGKV4k6HRKIkAIIwoOKFi4imXwAYlQZWaKGnnpfjD+ 5XsEv85TJ3kI6a9016+gYtm1+y2YeYKPjP60szU/MUgRG8fh1rqAXZ3tnM2/ioo+ HXhGdbUPO0kN5peE9vW/B6t0xiyyjoRaqXmUlh4CneCvs3WzhWVtkQWDM5bbFq9X YjHflCGPls+PtqbRX7iJl9zoTD3JwywBglYabKxT+tLCwS5bvwmKWhmxabXbvSBj 06cspp3xPsh9+g== -----END CERTIFICATE-----Generated at Sun Dec 21 05:38:19 2025 by rpki-client