This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.mft File: Heds5TXPuOIW7A0k3rV50aTKDgY.mft (raw, json) Hash identifier: 4oFDHsEhz8PA8M0H5cVq1/9oBYu0LPK+1TCLa6rPYcY= Subject key identifier: 18:9C:1A:70:40:AD:E4:8A:0D:07:44:21:BB:05:3E:CC:CF:9A:C2:11 Authority key identifier: 1D:E7:6C:E5:35:CF:B8:E2:16:EC:0D:24:DE:B5:79:D1:A4:CA:0E:06 Certificate issuer: /CN=1de76ce535cfb8e216ec0d24deb579d1a4ca0e06 Certificate serial: 019AF42DFFD6D5446A9C1B537A28DA71FC82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Heds5TXPuOIW7A0k3rV50aTKDgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.mft Manifest number: 0494 Signing time: Sat 06 Dec 2025 15:00:46 +0000 Manifest this update: Sat 06 Dec 2025 15:00:46 +0000 Manifest next update: Sun 07 Dec 2025 15:00:46 +0000 Files and hashes: 1: Heds5TXPuOIW7A0k3rV50aTKDgY.crl (hash: QAS0A5XEfSKhkmEMnKF8GuuFEl6if+ReAJ0UDk6STj8=) 2: Xrjd26KSD1TzQLdbZ0iBnuMSgeo.roa (hash: EiQGdbjr/bLCsj+VsiQM91wVnJzTPBjoFf00fG7D2D0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.crl rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.mft rsync://rpki.ripe.net/repository/DEFAULT/Heds5TXPuOIW7A0k3rV50aTKDgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2d:ff:d6:d5:44:6a:9c:1b:53:7a:28:da:71:fc:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1de76ce535cfb8e216ec0d24deb579d1a4ca0e06 Validity Not Before: Dec 6 15:00:46 2025 GMT Not After : Dec 7 15:00:46 2025 GMT Subject: CN=189c1a7040ade48a0d074421bb053ecccf9ac211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:37:f7:f5:9b:28:44:53:20:a8:9b:f1:fa:00: d9:b0:b9:42:0b:0d:46:21:24:23:07:66:7f:b1:7a: 8a:d2:1d:c8:1c:e2:7f:08:0d:84:c7:ab:ec:53:20: 76:df:e8:a6:eb:96:b8:65:ff:62:bf:17:35:44:e4: 87:71:c0:69:3c:d3:23:ea:b9:5c:00:a7:f5:f2:55: 2f:92:9b:c4:e2:ba:c8:c2:c6:aa:ab:48:ad:3e:21: ef:38:b6:03:bc:70:c8:64:1b:c3:82:32:45:76:58: 6b:47:f3:1b:58:f7:d7:4c:83:36:e4:b1:2f:50:58: 1f:d2:ed:82:d2:0d:6d:57:b2:10:2b:90:5c:e4:60: 31:b4:5e:be:60:45:bf:4b:9e:d5:90:20:87:e3:bb: ca:3b:2b:40:07:d2:ff:ff:9a:84:db:07:85:79:fb: c1:c3:0c:47:28:eb:65:ad:59:77:96:a0:c9:8c:34: 3b:80:2e:06:e8:ac:67:f7:1c:d5:77:0c:5b:3c:46: 76:87:76:f6:74:d4:ed:69:24:c5:27:14:a6:08:c4: 3d:bf:72:a2:b9:d8:f1:b8:39:63:06:e1:f4:4b:9d: 66:7b:5f:e0:e1:b4:30:4e:09:11:52:ca:df:17:59: 94:34:aa:a9:60:3b:10:cc:54:8e:2e:b8:38:8a:c1: f9:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:9C:1A:70:40:AD:E4:8A:0D:07:44:21:BB:05:3E:CC:CF:9A:C2:11 X509v3 Authority Key Identifier: keyid:1D:E7:6C:E5:35:CF:B8:E2:16:EC:0D:24:DE:B5:79:D1:A4:CA:0E:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Heds5TXPuOIW7A0k3rV50aTKDgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/076add-edfa-4f37-9996-66ce9e3a8c1e/1/Heds5TXPuOIW7A0k3rV50aTKDgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:65:25:ad:b6:15:9b:c7:f9:4e:1f:ce:6e:44:fa:87:b5:c1: fb:50:4c:62:d4:ac:de:4f:20:9c:ed:be:27:8b:a2:6a:32:61: 9b:69:02:9a:4e:85:81:b1:76:2f:ab:0a:1c:da:8f:b1:36:09: 68:1d:cd:cc:61:3e:23:86:1e:cd:8f:ea:4e:93:e3:20:5d:14: 9d:c0:e6:92:5f:27:31:e3:87:68:87:ad:c9:74:dc:89:59:7f: 7a:b6:84:63:69:a2:62:a8:cc:6b:97:1d:64:74:03:c4:5e:0d: b6:65:fa:1b:2e:f8:96:50:fb:40:f5:0f:60:95:27:f0:75:64: d3:cb:7c:a3:40:6a:d5:91:95:bc:3b:52:9a:7b:5e:4c:68:e8: 11:05:ae:ec:e8:00:eb:77:3e:c0:92:8b:f8:de:2b:24:dd:94: a6:1a:c6:c7:f4:f3:e8:0b:19:7d:4f:34:c4:94:b3:7b:31:bc: 3f:95:39:0f:ef:78:68:21:f7:f4:b9:ed:8e:1f:e5:26:3c:84: 0f:6d:4f:36:2c:4e:ca:95:17:2a:84:9b:0b:9b:2e:a2:39:14: 59:d2:57:4a:26:c3:04:37:ef:e1:7a:67:53:2a:1c:be:37:8a: 6f:10:1c:18:85:db:35:90:c4:e5:31:9b:f3:ac:b9:a8:79:a0: a6:d8:cd:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Lf/W1URqnBtTeijacfyCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZTc2Y2U1MzVjZmI4ZTIxNmVjMGQyNGRlYjU3OWQxYTRj YTBlMDYwHhcNMjUxMjA2MTUwMDQ2WhcNMjUxMjA3MTUwMDQ2WjAzMTEwLwYDVQQD EygxODljMWE3MDQwYWRlNDhhMGQwNzQ0MjFiYjA1M2VjY2NmOWFjMjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjf39ZsoRFMgqJvx+gDZsLlCCw1G ISQjB2Z/sXqK0h3IHOJ/CA2Ex6vsUyB23+im65a4Zf9ivxc1ROSHccBpPNMj6rlc AKf18lUvkpvE4rrIwsaqq0itPiHvOLYDvHDIZBvDgjJFdlhrR/MbWPfXTIM25LEv UFgf0u2C0g1tV7IQK5Bc5GAxtF6+YEW/S57VkCCH47vKOytAB9L//5qE2weFefvB wwxHKOtlrVl3lqDJjDQ7gC4G6Kxn9xzVdwxbPEZ2h3b2dNTtaSTFJxSmCMQ9v3Ki udjxuDljBuH0S51me1/g4bQwTgkRUsrfF1mUNKqpYDsQzFSOLrg4isH55wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBicGnBAreSKDQdEIbsFPszPmsIRMB8GA1UdIwQY MBaAFB3nbOU1z7jiFuwNJN61edGkyg4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVkczVUWFB1T0lXN0EwazNyVjUwYVRLRGdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNzZhZGQtZWRmYS00ZjM3LTk5OTYt NjZjZTllM2E4YzFlLzEvSGVkczVUWFB1T0lXN0EwazNyVjUwYVRLRGdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC8wNzZhZGQtZWRmYS00ZjM3LTk5OTYtNjZjZTllM2E4YzFl LzEvSGVkczVUWFB1T0lXN0EwazNyVjUwYVRLRGdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFmUlrbYV m8f5Th/ObkT6h7XB+1BMYtSs3k8gnO2+J4uiajJhm2kCmk6FgbF2L6sKHNqPsTYJ aB3NzGE+I4YezY/qTpPjIF0UncDmkl8nMeOHaIetyXTciVl/eraEY2miYqjMa5cd ZHQDxF4NtmX6Gy74llD7QPUPYJUn8HVk08t8o0Bq1ZGVvDtSmnteTGjoEQWu7OgA 63c+wJKL+N4rJN2UphrGx/Tz6AsZfU80xJSzezG8P5U5D+94aCH39Lntjh/lJjyE D21PNixOypUXKoSbC5suojkUWdJXSibDBDfv4XpnUyocvjeKbxAcGIXbNZDE5TGb 86y5qHmgptjN4A== -----END CERTIFICATE-----Generated at Sat Dec 6 21:41:36 2025 by rpki-client