This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft File: ihz-evMMHHJdI25KL8Kv1wn65kQ.mft (raw, json) Hash identifier: kzFZotyS8tlD+mV5i6Mk5Heft2mkbsKc0icM53Gq0xU= Subject key identifier: C4:D3:12:47:2D:4E:E8:4A:D3:92:B4:37:CB:83:E6:7A:C4:60:F3:88 Authority key identifier: 8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44 Certificate issuer: /CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644 Certificate serial: 019AF12DB00602182D161C6220610B322779 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft Manifest number: 0B1F Signing time: Sat 06 Dec 2025 01:01:34 +0000 Manifest this update: Sat 06 Dec 2025 01:01:34 +0000 Manifest next update: Sun 07 Dec 2025 01:01:34 +0000 Files and hashes: 1: ihz-evMMHHJdI25KL8Kv1wn65kQ.crl (hash: 2USED5OSRx/K1Y6BBySQkYz/l+qmdaEZEYBLdLdba3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:b0:06:02:18:2d:16:1c:62:20:61:0b:32:27:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a1cfe7af30c1c725d236e4a2fc2afd709fae644 Validity Not Before: Dec 6 01:01:34 2025 GMT Not After : Dec 7 01:01:34 2025 GMT Subject: CN=c4d312472d4ee84ad392b437cb83e67ac460f388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:14:65:52:66:6b:7a:60:d0:d2:4f:1d:d7:fc: af:05:47:96:3f:2a:f6:78:9d:2b:56:85:44:f4:d1: b6:ea:77:e0:e3:c5:64:8b:6e:bd:5d:55:71:37:24: ad:73:cc:0a:cf:50:ca:c1:79:95:ff:52:0a:a6:d9: 2d:04:fc:28:5f:d8:9c:64:17:5f:48:ef:95:bb:26: 4d:16:f6:ac:70:14:22:13:cf:6c:4d:ad:a1:7a:9e: 1a:67:68:c0:96:a4:10:73:c6:93:34:38:6a:78:eb: dc:09:09:b1:ff:d8:d1:67:90:22:ab:81:b7:a9:26: ca:c5:58:34:27:2a:ab:05:0b:c3:3e:89:97:b9:01: 92:63:b4:c0:71:de:4b:59:28:a2:6e:75:a5:2c:ca: fa:77:bd:45:dd:a2:0b:f7:d6:0c:27:65:51:2d:81: c4:c0:63:d0:73:9e:99:92:92:50:8a:15:95:7a:ef: 23:83:1d:0b:2d:ca:4c:8f:96:76:49:8f:50:34:61: 4c:a7:d5:5d:04:59:3d:ba:61:eb:d5:dd:1f:8d:72: 60:c2:b5:0a:a0:17:71:cd:aa:42:e0:50:ca:50:81: 8a:4f:99:b2:d1:78:48:e9:a5:0e:95:f2:11:6a:74: 0a:a4:a1:7c:aa:cd:ba:98:16:c1:47:7b:62:c2:ad: ca:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:D3:12:47:2D:4E:E8:4A:D3:92:B4:37:CB:83:E6:7A:C4:60:F3:88 X509v3 Authority Key Identifier: keyid:8A:1C:FE:7A:F3:0C:1C:72:5D:23:6E:4A:2F:C2:AF:D7:09:FA:E6:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihz-evMMHHJdI25KL8Kv1wn65kQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/64741b-70ad-44aa-b136-b8a3d1650396/1/ihz-evMMHHJdI25KL8Kv1wn65kQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:09:ca:d9:9c:66:18:92:31:09:5f:60:4d:e0:1c:36:a8:bd: 3a:14:a5:20:bb:d3:e1:38:f9:c8:11:8d:70:99:d5:a1:e8:e8: a3:0d:f8:e4:42:36:dd:0e:7d:07:20:93:46:97:fe:64:95:da: 09:bb:89:91:eb:be:79:60:75:94:37:cd:bd:df:34:11:b6:b1: d9:1a:0a:d1:69:92:58:48:c2:0f:b4:07:44:da:bd:79:b4:41: c7:e2:65:c1:65:1e:d4:da:4e:e3:88:fe:df:89:9f:99:9b:71: 45:7a:4b:f5:14:ac:ac:4e:00:bc:25:c6:0d:37:bd:05:98:f8: f4:72:7b:52:12:03:6f:8b:24:0d:79:77:c8:cb:85:9b:79:64: 3a:35:6b:5f:1b:06:d2:00:20:20:be:28:78:52:a6:d4:e6:6a: 0a:98:92:2b:c0:4e:a0:db:9e:34:94:b9:78:ad:19:1e:a3:3a: 0e:2a:06:16:13:c0:18:b2:b6:58:11:46:af:06:eb:f8:e0:8a: 89:32:e8:50:96:d5:b1:eb:3b:63:c8:5d:d2:3a:df:75:9a:a6: 9c:4e:cd:e9:68:23:65:e8:5c:ed:98:77:27:59:4f:f3:14:82: 58:09:83:52:32:ee:a9:ee:39:c9:a4:9c:76:c3:88:8b:29:8f: d5:af:c7:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLbAGAhgtFhxiIGELMid5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhMWNmZTdhZjMwYzFjNzI1ZDIzNmU0YTJmYzJhZmQ3MDlm YWU2NDQwHhcNMjUxMjA2MDEwMTM0WhcNMjUxMjA3MDEwMTM0WjAzMTEwLwYDVQQD EyhjNGQzMTI0NzJkNGVlODRhZDM5MmI0MzdjYjgzZTY3YWM0NjBmMzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhRlUmZremDQ0k8d1/yvBUeWPyr2 eJ0rVoVE9NG26nfg48Vki269XVVxNyStc8wKz1DKwXmV/1IKptktBPwoX9icZBdf SO+VuyZNFvascBQiE89sTa2hep4aZ2jAlqQQc8aTNDhqeOvcCQmx/9jRZ5Aiq4G3 qSbKxVg0JyqrBQvDPomXuQGSY7TAcd5LWSiibnWlLMr6d71F3aIL99YMJ2VRLYHE wGPQc56ZkpJQihWVeu8jgx0LLcpMj5Z2SY9QNGFMp9VdBFk9umHr1d0fjXJgwrUK oBdxzapC4FDKUIGKT5my0XhI6aUOlfIRanQKpKF8qs26mBbBR3tiwq3KdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMTTEkctTuhK05K0N8uD5nrEYPOIMB8GA1UdIwQY MBaAFIoc/nrzDBxyXSNuSi/Cr9cJ+uZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYt YjhhM2QxNjUwMzk2LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny82NDc0MWItNzBhZC00NGFhLWIxMzYtYjhhM2QxNjUwMzk2 LzEvaWh6LWV2TU1ISEpkSTI1S0w4S3Yxd242NWtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIAnK2Zxm GJIxCV9gTeAcNqi9OhSlILvT4Tj5yBGNcJnVoejoow345EI23Q59ByCTRpf+ZJXa CbuJkeu+eWB1lDfNvd80Ebax2RoK0WmSWEjCD7QHRNq9ebRBx+JlwWUe1NpO44j+ 34mfmZtxRXpL9RSsrE4AvCXGDTe9BZj49HJ7UhIDb4skDXl3yMuFm3lkOjVrXxsG 0gAgIL4oeFKm1OZqCpiSK8BOoNueNJS5eK0ZHqM6DioGFhPAGLK2WBFGrwbr+OCK iTLoUJbVses7Y8hd0jrfdZqmnE7N6WgjZehc7Zh3J1lP8xSCWAmDUjLuqe45yaSc dsOIiymP1a/HJQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:45 2025 by rpki-client