This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json) Hash identifier: NJ2hkF2gbI+D0/2xzkhbuhG94V3MfnTsKbf7MU+/6Hs= Subject key identifier: 72:14:B7:E0:9E:6C:0B:80:45:09:AD:8E:A1:BC:0A:24:8C:32:88:A9 Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Certificate serial: 019B32D7AE643E907A859C278EDB09BEECD9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft Manifest number: 1091 Signing time: Thu 18 Dec 2025 19:02:33 +0000 Manifest this update: Thu 18 Dec 2025 19:02:33 +0000 Manifest next update: Fri 19 Dec 2025 19:02:33 +0000 Files and hashes: 1: g2pmYdtMoiuQPm1G35LS-gM4tuY.roa (hash: CWDorRb0FA7mvx2YHncFLS9iEAAHLTBxgOQlA6dQKII=) 2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: REOck2lc0cG78R2B76EWPqR4zYFn+k6z1bFBizu2PrQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:ae:64:3e:90:7a:85:9c:27:8e:db:09:be:ec:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Validity Not Before: Dec 18 19:02:33 2025 GMT Not After : Dec 19 19:02:33 2025 GMT Subject: CN=7214b7e09e6c0b804509ad8ea1bc0a248c3288a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:4e:10:04:ec:2e:11:43:68:5c:44:bb:94:7d: 5e:fb:81:42:2c:6c:0e:49:24:d4:a1:4b:b6:dd:87: d9:98:91:ed:24:1b:60:8a:01:36:54:ed:18:04:f2: bf:6b:b0:44:68:4f:b0:30:4c:d3:8e:d1:2e:9f:63: 62:9d:fc:86:81:51:22:75:a8:03:f0:c1:9a:d0:d6: de:75:2a:9c:2e:81:22:32:88:d9:84:c5:90:99:1d: e3:b4:2c:6e:21:fd:eb:7b:00:c7:76:d5:43:9e:73: 93:69:b4:ae:13:2d:54:d8:6b:7e:a8:3c:5a:42:28: ad:a6:1c:e6:7b:82:ef:37:b6:76:97:fc:d5:2e:e2: f1:63:69:bd:84:10:fc:50:30:c1:31:3d:0e:25:13: 43:f0:dd:7d:3b:2f:31:84:59:81:d7:41:c7:71:3c: ae:be:3f:b6:32:ec:c7:93:e8:4e:c7:90:bb:9f:15: de:a6:5b:d6:11:ec:c0:01:9a:4c:30:62:c9:15:bd: 7e:4a:d8:81:87:90:0f:75:57:da:08:cf:2e:33:17: e8:46:d9:a7:53:1f:5c:c8:2a:fa:56:77:4b:4e:50: 8f:8b:a4:87:cf:e3:ee:7e:fe:7b:47:79:38:e4:44: e9:b6:31:48:ea:d1:bd:9f:f7:0d:d4:07:ad:6d:41: d0:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:14:B7:E0:9E:6C:0B:80:45:09:AD:8E:A1:BC:0A:24:8C:32:88:A9 X509v3 Authority Key Identifier: keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:55:19:c9:04:2e:19:01:de:b8:07:cd:23:49:79:58:be:e0: 45:87:e8:06:18:82:3a:c7:4d:25:ee:f6:86:c2:6a:61:a6:99: d9:0a:6b:26:cc:64:a3:85:a1:9b:0f:b9:78:0e:b7:1b:b1:30: bc:02:6d:fb:ff:b0:42:de:6d:72:90:b1:b9:67:9e:c1:77:1a: 80:88:ba:b8:c6:e7:1b:0c:57:9f:55:b8:99:73:23:45:a7:5a: c1:be:9a:e8:ca:c6:7c:92:29:a9:04:4b:b9:8a:ea:2f:ae:11: a5:ce:8f:2d:a0:4c:e9:88:3e:55:64:2b:d7:17:e8:d6:fe:63: 21:c5:c7:35:78:55:a4:3d:a0:ce:72:3b:37:70:e0:51:93:a3: 6b:f6:81:9e:73:85:fe:ac:2b:36:cd:e3:fc:3b:51:7b:47:b3: ba:9a:54:9c:d5:3e:9a:82:72:c3:ba:a2:7d:28:f0:67:a4:81: c5:cd:12:67:75:b6:7d:4e:e5:6e:9e:58:44:02:83:fc:dc:51: 58:cc:4c:2d:f6:56:9c:cd:50:58:f5:02:37:82:6b:f9:2a:6f: cb:b5:17:74:21:a9:6b:a6:c5:7b:fd:af:d4:fc:01:79:24:20: 69:65:39:a2:6f:0f:28:ad:3c:12:df:2b:e7:fa:10:aa:7d:a1: 80:b8:a1:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy165kPpB6hZwnjtsJvuzZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl ZjBiZjQwHhcNMjUxMjE4MTkwMjMzWhcNMjUxMjE5MTkwMjMzWjAzMTEwLwYDVQQD Eyg3MjE0YjdlMDllNmMwYjgwNDUwOWFkOGVhMWJjMGEyNDhjMzI4OGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk4QBOwuEUNoXES7lH1e+4FCLGwO SSTUoUu23YfZmJHtJBtgigE2VO0YBPK/a7BEaE+wMEzTjtEun2NinfyGgVEidagD 8MGa0NbedSqcLoEiMojZhMWQmR3jtCxuIf3rewDHdtVDnnOTabSuEy1U2Gt+qDxa Qiitphzme4LvN7Z2l/zVLuLxY2m9hBD8UDDBMT0OJRND8N19Oy8xhFmB10HHcTyu vj+2MuzHk+hOx5C7nxXeplvWEezAAZpMMGLJFb1+StiBh5APdVfaCM8uMxfoRtmn Ux9cyCr6VndLTlCPi6SHz+Pufv57R3k45ETptjFI6tG9n/cN1AetbUHQKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHIUt+CebAuARQmtjqG8CiSMMoipMB8GA1UdIwQY MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgFUZyQQu GQHeuAfNI0l5WL7gRYfoBhiCOsdNJe72hsJqYaaZ2QprJsxko4Whmw+5eA63G7Ew vAJt+/+wQt5tcpCxuWeewXcagIi6uMbnGwxXn1W4mXMjRadawb6a6MrGfJIpqQRL uYrqL64Rpc6PLaBM6Yg+VWQr1xfo1v5jIcXHNXhVpD2gznI7N3DgUZOja/aBnnOF /qwrNs3j/DtRe0ezuppUnNU+moJyw7qifSjwZ6SBxc0SZ3W2fU7lbp5YRAKD/NxR WMxMLfZWnM1QWPUCN4Jr+Spvy7UXdCGpa6bFe/2v1PwBeSQgaWU5om8PKK08Et8r 5/oQqn2hgLihcg== -----END CERTIFICATE-----Generated at Thu Dec 18 23:17:15 2025 by rpki-client