This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json) Hash identifier: Yltk5mXrvMMPbJ+Qyhf2TTLO2g/X4WN+dUwKp+2v5S4= Subject key identifier: D1:38:65:24:2E:90:98:1A:B2:8B:6A:F5:A8:CE:9D:83:89:ED:9A:82 Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38 Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138 Certificate serial: 019AF12D317B8EC7D9A9AFD593F643F1F469 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft Manifest number: 0A57 Signing time: Sat 06 Dec 2025 01:01:02 +0000 Manifest this update: Sat 06 Dec 2025 01:01:02 +0000 Manifest next update: Sun 07 Dec 2025 01:01:02 +0000 Files and hashes: 1: 1GUi9iA8Rgrr5GN4QB6VlqMrvms.roa (hash: s/MIypH3pMJ3iuiuGr8K68PmgQyO6HFRzwvdBy3o4FU=) 2: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: tpGLRVo5Jp2CblR670E0uWSq9XNlL21S2CZnwbj3rFs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:31:7b:8e:c7:d9:a9:af:d5:93:f6:43:f1:f4:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138 Validity Not Before: Dec 6 01:01:02 2025 GMT Not After : Dec 7 01:01:02 2025 GMT Subject: CN=d13865242e90981ab28b6af5a8ce9d8389ed9a82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:03:7b:61:02:f0:ae:0f:ff:5c:10:2c:3d:21: 04:22:f1:f7:95:19:4b:8d:fb:cd:21:12:41:31:ad: da:14:3d:cd:d3:84:89:fa:43:d2:35:f4:78:83:af: 29:18:e6:06:d3:0e:4e:74:b9:2d:ad:5a:64:fd:e4: e5:a8:9d:39:2b:be:31:4d:3d:b9:83:d8:22:d6:76: 6a:ea:27:33:b6:9d:e5:7f:36:30:e3:2d:87:dd:02: 6d:e8:a7:e7:44:9a:a0:34:ca:89:a6:b3:27:1f:4a: e3:07:03:49:e7:63:52:d4:55:68:0f:c6:fd:60:e5: cb:97:48:ad:51:15:85:a8:a2:7d:36:ff:01:00:05: c8:4f:d5:a6:74:79:03:a4:e8:39:5b:da:e9:c5:8f: fa:90:b9:1b:34:1e:da:df:72:bb:ab:73:f3:0f:ac: 61:96:91:f8:c7:e4:5f:ee:5d:a7:d7:3a:f0:9c:7c: d1:93:02:50:8d:bb:14:25:35:03:2b:27:83:dc:6d: 8f:e8:fa:e6:3b:2b:f3:de:47:f9:7a:2a:1f:3d:4d: af:0f:18:dd:56:f7:49:28:cd:ec:11:01:6d:96:bc: 4e:bd:50:ab:0c:fd:3e:da:57:a5:17:31:30:b9:fc: 63:68:ef:c1:c5:2d:3c:73:60:03:02:2d:41:66:f0: 60:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:38:65:24:2E:90:98:1A:B2:8B:6A:F5:A8:CE:9D:83:89:ED:9A:82 X509v3 Authority Key Identifier: keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:6d:71:5c:5a:21:6c:2f:db:29:d7:50:a9:73:92:ad:85:7b: dc:4e:2d:95:ae:a6:24:6d:c7:73:07:a4:b4:c8:7a:84:bd:b5: d7:80:2c:6d:52:35:f3:7e:e4:5a:23:51:11:48:bb:19:5c:2a: 10:ac:7a:79:ef:43:3a:a1:9d:59:c8:7c:59:71:8a:a6:a9:43: 73:3e:1a:1b:bc:b2:d2:04:53:c7:c1:bb:59:d9:07:96:67:d2: e9:e2:c6:63:47:23:59:2d:d3:a6:6f:af:d1:4d:25:80:97:85: 74:68:8e:bd:63:89:5c:8a:4b:78:ac:27:87:dc:81:0c:17:6d: af:dc:da:f7:23:96:05:20:a4:ed:56:68:f0:df:02:f1:4d:41: 56:6a:64:97:29:75:b0:0a:48:ab:b2:7a:ce:a1:e3:1f:72:3b: e8:50:07:1e:ad:7f:c1:3c:ba:d8:b5:4a:d3:1e:82:8f:71:e7: 12:03:d9:d4:66:57:78:a5:16:21:7e:4d:5d:ec:61:71:39:cb: da:e3:73:81:b8:9b:e7:ef:5d:99:5e:7b:d6:34:f2:f0:65:8d: 28:aa:cb:ea:71:89:a4:e2:eb:a2:4f:2f:0b:46:c7:88:89:4f: b3:1c:18:9b:a8:3f:4c:a3:6b:e6:d0:32:7a:f4:b6:46:b7:b3: 7e:64:18:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLTF7jsfZqa/Vk/ZD8fRpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5 MWMxMzgwHhcNMjUxMjA2MDEwMTAyWhcNMjUxMjA3MDEwMTAyWjAzMTEwLwYDVQQD EyhkMTM4NjUyNDJlOTA5ODFhYjI4YjZhZjVhOGNlOWQ4Mzg5ZWQ5YTgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgN7YQLwrg//XBAsPSEEIvH3lRlL jfvNIRJBMa3aFD3N04SJ+kPSNfR4g68pGOYG0w5OdLktrVpk/eTlqJ05K74xTT25 g9gi1nZq6icztp3lfzYw4y2H3QJt6KfnRJqgNMqJprMnH0rjBwNJ52NS1FVoD8b9 YOXLl0itURWFqKJ9Nv8BAAXIT9WmdHkDpOg5W9rpxY/6kLkbNB7a33K7q3PzD6xh lpH4x+Rf7l2n1zrwnHzRkwJQjbsUJTUDKyeD3G2P6PrmOyvz3kf5eiofPU2vDxjd VvdJKM3sEQFtlrxOvVCrDP0+2lelFzEwufxjaO/BxS08c2ADAi1BZvBgawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNE4ZSQukJgasotq9ajOnYOJ7ZqCMB8GA1UdIwQY MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4 LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmm1xXFoh bC/bKddQqXOSrYV73E4tla6mJG3HcwektMh6hL2114AsbVI1837kWiNREUi7GVwq EKx6ee9DOqGdWch8WXGKpqlDcz4aG7yy0gRTx8G7WdkHlmfS6eLGY0cjWS3Tpm+v 0U0lgJeFdGiOvWOJXIpLeKwnh9yBDBdtr9za9yOWBSCk7VZo8N8C8U1BVmpklyl1 sApIq7J6zqHjH3I76FAHHq1/wTy62LVK0x6Cj3HnEgPZ1GZXeKUWIX5NXexhcTnL 2uNzgbib5+9dmV571jTy8GWNKKrL6nGJpOLrok8vC0bHiIlPsxwYm6g/TKNr5tAy evS2RrezfmQYXA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:13:45 2025 by rpki-client