This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft File: H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft (raw, json) Hash identifier: dnEDIbwYE9AkbS4QHdR8sqjVhXh0TLjDjTroqZa3ZIY= Subject key identifier: 84:14:68:BF:CB:9B:41:F3:91:C0:D4:A6:1B:99:F5:E7:F1:7D:A6:E9 Authority key identifier: 1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2 Certificate issuer: /CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2 Certificate serial: 019B30E9A5689582E60EB328F11BC9B69EA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft Manifest number: 0EF7 Signing time: Thu 18 Dec 2025 10:02:57 +0000 Manifest this update: Thu 18 Dec 2025 10:02:57 +0000 Manifest next update: Fri 19 Dec 2025 10:02:57 +0000 Files and hashes: 1: H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl (hash: 3rGncDLp15x4Fy1IxvMcxOwb1/68up8HpKdXDy6JWMY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e9:a5:68:95:82:e6:0e:b3:28:f1:1b:c9:b6:9e:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1fb4b23a44dfc5ae569e74cfbb0f03e927b561e2 Validity Not Before: Dec 18 10:02:57 2025 GMT Not After : Dec 19 10:02:57 2025 GMT Subject: CN=841468bfcb9b41f391c0d4a61b99f5e7f17da6e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:2d:a9:98:47:a7:64:c4:8f:6b:60:1e:8c:79: 49:76:59:d9:fc:17:ef:65:29:98:57:d3:15:3f:55: be:75:1a:30:b2:41:27:11:5b:5c:23:92:b2:5b:9e: b8:c7:33:dc:d9:7b:6a:b1:e7:f2:9e:6b:60:7d:93: 3d:14:7c:c6:f1:e1:9b:b3:b3:27:0d:40:e3:55:7f: 18:18:61:56:e3:f3:c4:f1:ba:b4:80:cb:af:fd:c6: 2b:24:97:74:cc:4f:c3:aa:61:aa:62:c2:e6:78:92: f8:0c:0e:fe:48:5a:a6:e2:b4:08:8a:be:f1:81:c9: 77:a7:d8:2b:ba:a7:4c:b8:63:7e:74:d6:3f:f4:e9: ee:81:5c:12:6e:c2:36:c3:70:a5:4d:5e:7e:4b:14: e7:42:de:dd:af:01:c1:fa:6c:24:cb:0e:a8:fe:fe: 1b:d7:87:5d:4d:b9:ff:02:25:01:1e:48:e8:75:35: f8:b8:94:37:7b:19:46:f7:c9:12:e4:4a:c4:e4:f6: 91:87:1b:b9:8a:74:bc:d9:8f:3b:83:f0:59:72:ea: 9a:0d:ae:78:2a:17:d7:6d:8c:2a:b7:0d:48:9f:38: 13:5f:bf:f6:15:39:c2:7c:24:b4:51:a7:c2:9d:5b: f3:10:7a:a8:bd:ff:7c:6a:8e:36:16:99:da:08:b5: cb:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:14:68:BF:CB:9B:41:F3:91:C0:D4:A6:1B:99:F5:E7:F1:7D:A6:E9 X509v3 Authority Key Identifier: keyid:1F:B4:B2:3A:44:DF:C5:AE:56:9E:74:CF:BB:0F:03:E9:27:B5:61:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H7SyOkTfxa5WnnTPuw8D6Se1YeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3bde7e-619a-484f-9d6a-49a2542f639e/1/H7SyOkTfxa5WnnTPuw8D6Se1YeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:c0:9e:7e:6d:cc:8b:d3:87:ce:6d:04:35:3b:39:c6:25:13: 0d:82:1d:d9:a2:f2:de:75:bc:d6:a8:6b:ac:14:f1:89:ad:03: 97:c0:ad:d5:65:a8:44:ce:05:48:64:fc:bf:7d:d2:2a:9a:af: c9:fe:86:87:44:b0:4e:e2:ef:b1:7c:30:47:61:b9:08:26:33: 6a:47:47:c6:d2:a3:70:3a:40:60:c0:93:b6:a5:1f:a1:48:24: 6a:fe:57:15:98:03:8c:6c:0a:68:03:7a:b5:27:92:d1:c4:e4: 88:03:f6:0f:ff:98:f2:d2:e3:06:64:0f:bf:1f:02:ba:13:ea: d9:83:b8:c9:bf:d1:c1:bc:d4:2f:03:a8:f5:d3:42:b8:7e:8e: b5:6f:d5:d3:5e:77:f4:f4:5c:3e:40:22:0b:5d:78:e7:d1:d7: 1b:c8:9a:f3:37:12:45:9e:59:70:e3:ec:38:1b:dc:8c:55:2c: e8:03:91:9b:12:68:5e:fb:a1:1a:23:04:05:b3:c9:7a:64:f4: f0:03:23:f0:84:c8:3f:47:31:a4:6f:5f:f1:35:83:fe:4f:d6: e5:6b:50:c4:69:66:1f:d8:0d:64:53:01:c1:4f:f1:f5:96:e6: 43:56:17:41:86:66:9d:c5:9e:c3:3b:64:9f:ed:62:e1:1f:44: b4:18:1f:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6aVolYLmDrMo8RvJtp6mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmYjRiMjNhNDRkZmM1YWU1NjllNzRjZmJiMGYwM2U5Mjdi NTYxZTIwHhcNMjUxMjE4MTAwMjU3WhcNMjUxMjE5MTAwMjU3WjAzMTEwLwYDVQQD Eyg4NDE0NjhiZmNiOWI0MWYzOTFjMGQ0YTYxYjk5ZjVlN2YxN2RhNmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y2pmEenZMSPa2AejHlJdlnZ/Bfv ZSmYV9MVP1W+dRowskEnEVtcI5KyW564xzPc2XtqsefynmtgfZM9FHzG8eGbs7Mn DUDjVX8YGGFW4/PE8bq0gMuv/cYrJJd0zE/DqmGqYsLmeJL4DA7+SFqm4rQIir7x gcl3p9gruqdMuGN+dNY/9OnugVwSbsI2w3ClTV5+SxTnQt7drwHB+mwkyw6o/v4b 14ddTbn/AiUBHkjodTX4uJQ3exlG98kS5ErE5PaRhxu5inS82Y87g/BZcuqaDa54 KhfXbYwqtw1InzgTX7/2FTnCfCS0UafCnVvzEHqovf98ao42FpnaCLXLSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIQUaL/Lm0HzkcDUphuZ9efxfabpMB8GA1UdIwQY MBaAFB+0sjpE38WuVp50z7sPA+kntWHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEt NDlhMjU0MmY2MzllLzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8zYmRlN2UtNjE5YS00ODRmLTlkNmEtNDlhMjU0MmY2Mzll LzEvSDdTeU9rVGZ4YTVXbm5UUHV3OEQ2U2UxWWVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMCefm3M i9OHzm0ENTs5xiUTDYId2aLy3nW81qhrrBTxia0Dl8Ct1WWoRM4FSGT8v33SKpqv yf6Gh0SwTuLvsXwwR2G5CCYzakdHxtKjcDpAYMCTtqUfoUgkav5XFZgDjGwKaAN6 tSeS0cTkiAP2D/+Y8tLjBmQPvx8CuhPq2YO4yb/RwbzULwOo9dNCuH6OtW/V0153 9PRcPkAiC11459HXG8ia8zcSRZ5ZcOPsOBvcjFUs6AORmxJoXvuhGiMEBbPJemT0 8AMj8ITIP0cxpG9f8TWD/k/W5WtQxGlmH9gNZFMBwU/x9ZbmQ1YXQYZmncWewztk n+1i4R9EtBgf6w== -----END CERTIFICATE-----Generated at Thu Dec 18 12:49:11 2025 by rpki-client