This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json) Hash identifier: hTRyKutEwSMcBmR3rn1RpuN/XBuYUFf8qFYpBE0Jg6g= Subject key identifier: 89:4A:5D:19:A0:F3:92:99:78:FE:88:79:7D:79:EE:A9:55:25:4E:7A Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Certificate serial: 019AF31D626D2EE8DC99DF114344322320C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft Manifest number: 1070 Signing time: Sat 06 Dec 2025 10:03:00 +0000 Manifest this update: Sat 06 Dec 2025 10:03:00 +0000 Manifest next update: Sun 07 Dec 2025 10:03:00 +0000 Files and hashes: 1: g2pmYdtMoiuQPm1G35LS-gM4tuY.roa (hash: CWDorRb0FA7mvx2YHncFLS9iEAAHLTBxgOQlA6dQKII=) 2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: 3StFuQG8gwS/UOTDwYMeDhww1fOgCj5KCyehijcF5rg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:62:6d:2e:e8:dc:99:df:11:43:44:32:23:20:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4 Validity Not Before: Dec 6 10:03:00 2025 GMT Not After : Dec 7 10:03:00 2025 GMT Subject: CN=894a5d19a0f3929978fe88797d79eea955254e7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:dc:94:02:f2:7f:33:23:a4:66:ca:96:f4:19: a0:af:c0:89:f9:96:08:34:25:fc:6c:3f:b5:63:d2: c5:3f:b2:9c:17:5e:76:4b:75:3c:89:8c:d5:13:ab: 29:65:86:26:7d:4c:2f:88:2f:aa:a6:17:31:d5:95: f3:78:e5:a8:f7:4c:82:01:e9:26:af:42:67:34:59: 25:89:f4:07:8f:72:80:c9:0c:d6:cd:e5:75:a5:63: a4:90:95:ec:73:90:4a:f0:cb:a3:a9:54:ef:d2:35: a8:26:d3:7c:63:7e:5a:1e:88:85:c4:ef:5d:7b:47: c4:f8:35:4e:75:da:f6:f4:01:ee:42:33:85:52:fd: 0a:21:78:b7:b3:44:b9:20:d3:ad:2e:de:e8:35:3f: 76:7f:7f:94:59:ea:f3:d5:fc:6f:3e:20:0a:eb:0c: 3e:88:db:ca:30:f8:18:47:7e:2a:c9:22:67:29:78: 59:d2:9b:8a:c4:f2:5c:07:13:d4:aa:da:c8:0c:72: 66:1a:d6:31:b4:69:f4:f9:7c:3c:da:71:59:b6:2d: 9b:3f:f4:8d:b6:cc:a5:81:81:dc:dd:82:1d:9f:b5: db:77:be:b6:45:d8:55:75:fa:06:58:52:07:da:cf: a1:da:88:ed:cd:ee:d5:96:c5:58:c8:4c:31:f9:b2: 57:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:4A:5D:19:A0:F3:92:99:78:FE:88:79:7D:79:EE:A9:55:25:4E:7A X509v3 Authority Key Identifier: keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:4d:d7:5b:f0:cf:00:f4:49:62:d2:ba:72:d5:f5:c4:b3:36: 9d:dd:c3:d7:df:02:3f:d1:3b:9e:aa:f4:40:bd:57:e5:44:7c: d4:f7:4f:4a:e6:bd:b5:0f:94:04:10:1c:4b:39:c9:7b:e2:f3: 1e:3a:60:ef:17:10:c0:70:4a:26:7b:f7:07:30:cc:0f:8f:1e: 67:60:d0:85:35:f4:19:39:75:98:48:df:6f:c5:b1:40:65:80: cf:48:dc:92:00:4b:26:ee:68:0e:f5:06:b3:ec:8b:0a:b9:ea: c8:a6:eb:6b:05:64:92:4d:32:5d:ba:6f:38:ff:26:ff:17:ec: eb:db:2c:5e:ba:4a:f5:ba:91:84:cd:68:92:b3:94:f6:68:8e: ec:82:ab:b2:18:3e:d4:0e:62:ba:00:e9:94:83:63:80:82:7b: fb:7a:8b:e0:c3:66:47:10:e2:f2:94:42:0c:7b:8a:65:9d:cd: c1:1c:f5:ec:01:a4:40:58:83:79:e5:7f:c0:f0:b2:31:37:bb: 0f:bd:32:26:b3:be:ad:45:3c:ca:c3:f7:4a:81:36:46:8f:0d: c5:b7:cb:c1:7d:47:52:f2:e7:3b:06:07:50:04:d6:f7:ad:2c: 12:e2:08:2b:d4:0b:c8:ca:64:a7:81:46:41:26:5d:c5:c1:b2: c5:39:36:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHWJtLujcmd8RQ0QyIyDBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl ZjBiZjQwHhcNMjUxMjA2MTAwMzAwWhcNMjUxMjA3MTAwMzAwWjAzMTEwLwYDVQQD Eyg4OTRhNWQxOWEwZjM5Mjk5NzhmZTg4Nzk3ZDc5ZWVhOTU1MjU0ZTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstyUAvJ/MyOkZsqW9Bmgr8CJ+ZYI NCX8bD+1Y9LFP7KcF152S3U8iYzVE6spZYYmfUwviC+qphcx1ZXzeOWo90yCAekm r0JnNFklifQHj3KAyQzWzeV1pWOkkJXsc5BK8MujqVTv0jWoJtN8Y35aHoiFxO9d e0fE+DVOddr29AHuQjOFUv0KIXi3s0S5INOtLt7oNT92f3+UWerz1fxvPiAK6ww+ iNvKMPgYR34qySJnKXhZ0puKxPJcBxPUqtrIDHJmGtYxtGn0+Xw82nFZti2bP/SN tsylgYHc3YIdn7Xbd762RdhVdfoGWFIH2s+h2ojtze7VlsVYyEwx+bJXgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIlKXRmg85KZeP6IeX157qlVJU56MB8GA1UdIwQY MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANk3XW/DP APRJYtK6ctX1xLM2nd3D198CP9E7nqr0QL1X5UR81PdPSua9tQ+UBBAcSznJe+Lz Hjpg7xcQwHBKJnv3BzDMD48eZ2DQhTX0GTl1mEjfb8WxQGWAz0jckgBLJu5oDvUG s+yLCrnqyKbrawVkkk0yXbpvOP8m/xfs69ssXrpK9bqRhM1okrOU9miO7IKrshg+ 1A5iugDplINjgIJ7+3qL4MNmRxDi8pRCDHuKZZ3NwRz17AGkQFiDeeV/wPCyMTe7 D70yJrO+rUU8ysP3SoE2Ro8NxbfLwX1HUvLnOwYHUATW960sEuIIK9QLyMpkp4FG QSZdxcGyxTk22g== -----END CERTIFICATE-----Generated at Sat Dec 6 14:39:41 2025 by rpki-client