This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft File: hoRh4GD99IzUHTOtknHIB9Qk60I.mft (raw, json) Hash identifier: WEmXqrDioh7p/HHf2Wviu2KlTB5YcnxuOBiDepOI+j4= Subject key identifier: 9F:79:11:B5:55:0F:AB:2E:62:25:0C:50:09:F9:A3:C4:1B:F8:46:E2 Authority key identifier: 86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42 Certificate issuer: /CN=868461e060fdf48cd41d33ad9271c807d424eb42 Certificate serial: 019B31554ACE1EF436947DBEF5CBAAA0083B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft Manifest number: 02A7 Signing time: Thu 18 Dec 2025 12:00:31 +0000 Manifest this update: Thu 18 Dec 2025 12:00:31 +0000 Manifest next update: Fri 19 Dec 2025 12:00:31 +0000 Files and hashes: 1: H_XoU52eTHbpZkmpLvAUJ7VlUWc.roa (hash: i8bOFbhv/rSJKPzgYxH26TzbQ5J62pViGnxTa332Y9Q=) 2: hoRh4GD99IzUHTOtknHIB9Qk60I.crl (hash: VurTvGMIk/8DfRLdodfhdPwGr70AhztlV7FtusPAVks=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:55:4a:ce:1e:f4:36:94:7d:be:f5:cb:aa:a0:08:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=868461e060fdf48cd41d33ad9271c807d424eb42 Validity Not Before: Dec 18 12:00:31 2025 GMT Not After : Dec 19 12:00:31 2025 GMT Subject: CN=9f7911b5550fab2e62250c5009f9a3c41bf846e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f8:f3:a2:30:a3:60:57:0c:87:3c:b3:7b:90: 43:9a:a5:3a:cb:c4:d4:30:fa:ae:05:4c:f5:70:a5: 61:c6:0e:4b:7e:fc:a6:93:5e:42:cb:6d:9e:a2:2a: 62:40:ed:8f:56:04:17:9f:5a:aa:cc:5a:bd:44:b8: 5c:ce:e9:87:f0:b4:e8:f0:5b:8e:00:c8:5e:2d:ae: d7:16:9a:19:53:72:b1:cf:88:cc:3f:8d:f5:60:35: ac:16:fc:94:30:52:64:32:5e:c4:fa:85:03:b2:58: 3f:5e:21:81:54:95:33:71:6a:af:36:5a:50:4d:b8: 8f:f6:8c:7d:74:40:c4:d9:3e:44:d3:91:c4:4c:a7: bd:57:05:15:53:3f:d7:0d:b5:74:eb:03:55:fa:49: 0a:f3:ae:d1:4b:65:84:d7:53:c9:5e:ae:71:48:7e: 28:85:a8:3b:3d:a9:02:64:bf:4e:31:04:7c:18:2b: 6c:1e:95:d7:0a:e1:37:1c:f4:ac:08:d1:bc:b1:e9: 93:c1:24:5c:b6:10:a3:f1:ff:76:20:2b:36:fc:92: 09:3d:d5:5e:94:1f:5e:99:5b:e5:32:ed:2e:94:eb: 34:5c:ea:f8:b5:bc:a5:d7:c3:e6:ff:7d:66:5b:14: a5:0b:23:72:f2:7c:e9:e2:68:90:49:86:97:39:5a: 68:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:79:11:B5:55:0F:AB:2E:62:25:0C:50:09:F9:A3:C4:1B:F8:46:E2 X509v3 Authority Key Identifier: keyid:86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:49:7b:cb:85:81:ca:f4:49:ad:f5:94:c3:88:c9:af:29:23: 17:38:a2:f1:bb:54:01:ad:c3:38:7b:11:50:1d:1f:e2:23:a1: 2f:28:b3:3c:bb:da:9c:47:81:43:61:40:09:ba:ef:be:26:85: 94:a6:2d:6d:66:b0:d0:c6:4b:51:f0:cd:46:31:fc:81:7d:bb: 66:05:55:c8:ce:11:65:be:ba:5f:aa:33:dd:6a:f4:97:f7:bb: 7b:ac:fe:1b:c0:f9:6e:33:21:63:ca:44:21:61:d1:0c:4d:35: 08:67:39:db:16:fd:22:1e:78:c2:e2:77:38:98:6b:44:f8:39: f4:ca:2a:2d:67:cc:14:1f:71:f2:4d:e4:3f:5f:03:8a:3f:41: bf:a2:ad:c1:91:97:af:87:65:de:00:f8:9f:b6:48:d0:0c:cd: 08:c0:0c:f4:29:b7:db:fc:42:c8:ac:3c:bd:00:0a:b9:9b:37: d1:f8:cb:7b:87:08:99:20:3a:69:f1:06:84:a7:d4:92:07:6b: 03:58:9d:73:14:5a:f0:3e:ba:76:a5:bd:66:f6:5b:bd:33:e5: 6e:7c:21:c0:42:1c:71:0e:4f:9c:07:7a:1f:8b:af:2e:65:44: 28:84:39:64:ab:e7:fc:25:4d:ec:1b:5a:78:13:2c:b1:b9:32: 38:0a:8f:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxVUrOHvQ2lH2+9cuqoAg7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ODQ2MWUwNjBmZGY0OGNkNDFkMzNhZDkyNzFjODA3ZDQy NGViNDIwHhcNMjUxMjE4MTIwMDMxWhcNMjUxMjE5MTIwMDMxWjAzMTEwLwYDVQQD Eyg5Zjc5MTFiNTU1MGZhYjJlNjIyNTBjNTAwOWY5YTNjNDFiZjg0NmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/jzojCjYFcMhzyze5BDmqU6y8TU MPquBUz1cKVhxg5Lfvymk15Cy22eoipiQO2PVgQXn1qqzFq9RLhczumH8LTo8FuO AMheLa7XFpoZU3Kxz4jMP431YDWsFvyUMFJkMl7E+oUDslg/XiGBVJUzcWqvNlpQ TbiP9ox9dEDE2T5E05HETKe9VwUVUz/XDbV06wNV+kkK867RS2WE11PJXq5xSH4o hag7PakCZL9OMQR8GCtsHpXXCuE3HPSsCNG8semTwSRcthCj8f92ICs2/JIJPdVe lB9emVvlMu0ulOs0XOr4tbyl18Pm/31mWxSlCyNy8nzp4miQSYaXOVpoawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ95EbVVD6suYiUMUAn5o8Qb+EbiMB8GA1UdIwQY MBaAFIaEYeBg/fSM1B0zrZJxyAfUJOtCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYt NTlhYjk2YmMzNWM2LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYtNTlhYjk2YmMzNWM2 LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdEl7y4WB yvRJrfWUw4jJrykjFzii8btUAa3DOHsRUB0f4iOhLyizPLvanEeBQ2FACbrvviaF lKYtbWaw0MZLUfDNRjH8gX27ZgVVyM4RZb66X6oz3Wr0l/e7e6z+G8D5bjMhY8pE IWHRDE01CGc52xb9Ih54wuJ3OJhrRPg59MoqLWfMFB9x8k3kP18Dij9Bv6KtwZGX r4dl3gD4n7ZI0AzNCMAM9Cm32/xCyKw8vQAKuZs30fjLe4cImSA6afEGhKfUkgdr A1idcxRa8D66dqW9ZvZbvTPlbnwhwEIccQ5PnAd6H4uvLmVEKIQ5ZKvn/CVN7Bta eBMssbkyOAqPfw== -----END CERTIFICATE-----Generated at Thu Dec 18 21:31:09 2025 by rpki-client