This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json) Hash identifier: QP3GJbGPrQE00qkR9grjzxdeGKPEjSrEGWO4eNie3GU= Subject key identifier: AC:B6:1E:6D:34:C5:CB:02:20:E3:8B:D6:BA:AB:CA:8E:D5:8E:5C:BC Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0 Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0 Certificate serial: 019B3EDACED7428677CF1745EA61A410C1BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft Manifest number: 178A Signing time: Sun 21 Dec 2025 03:01:25 +0000 Manifest this update: Sun 21 Dec 2025 03:01:25 +0000 Manifest next update: Mon 22 Dec 2025 03:01:25 +0000 Files and hashes: 1: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: m4drg3AE+fjnI1zBXorKUmX+t5PzDK45F6GkCmYNqTo=) 2: jQqQfOrb2tEbgL6-n1pYKtKDCGI.roa (hash: urbNu0k2kZWVDcdCEYQ210AYS3ke0pUxaEecPK2agnE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:ce:d7:42:86:77:cf:17:45:ea:61:a4:10:c1:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0 Validity Not Before: Dec 21 03:01:25 2025 GMT Not After : Dec 22 03:01:25 2025 GMT Subject: CN=acb61e6d34c5cb0220e38bd6baabca8ed58e5cbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:03:86:47:10:43:38:bb:98:27:65:36:e3:74: a1:7f:26:84:80:e6:76:b5:f0:ac:ff:0f:69:86:e7: 38:74:e4:ef:f0:c9:33:ea:e1:e6:67:42:91:d6:b5: 97:52:75:02:94:1e:b5:92:06:07:20:08:e0:aa:8b: e7:0b:74:38:d0:e8:3b:e7:f9:dc:75:fc:63:6b:dc: 3d:46:71:e5:7b:c7:77:fd:5d:b6:80:96:f9:af:9b: 8f:36:16:fe:e1:fc:66:e7:9a:c7:74:75:32:b9:0f: 74:b8:11:9b:3d:f9:17:3b:ed:12:df:7f:d3:36:89: 6f:19:f6:0a:8b:0d:b8:b9:db:c0:e4:79:4d:55:6d: 8f:3f:a4:a1:ec:5f:af:48:d4:45:42:76:55:6a:81: 88:10:4e:2d:ac:50:45:f3:42:fb:24:1a:a1:2a:91: 46:2c:13:8e:dc:d9:c7:c5:1b:53:d4:c4:5d:ff:33: 1b:3d:52:79:d9:c0:bd:00:af:71:d7:e8:e6:15:7f: aa:9f:4a:10:7b:a4:cd:4b:ec:22:31:c0:17:e3:a2: 09:b7:63:d1:3d:7f:49:de:44:d5:01:75:67:ce:52: d7:f0:bc:d9:00:a0:63:71:40:3f:55:bb:33:b6:c5: 36:fe:5a:af:c7:7b:bf:dc:b0:ab:8a:5e:4e:b8:e1: 71:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:B6:1E:6D:34:C5:CB:02:20:E3:8B:D6:BA:AB:CA:8E:D5:8E:5C:BC X509v3 Authority Key Identifier: keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:6b:9a:d8:09:21:00:0e:48:d7:23:3b:fe:16:43:4c:dc:68: a2:57:6c:ca:06:e9:b2:80:77:85:b8:04:f4:53:4d:e5:82:7f: 72:02:cd:8f:c1:13:b1:99:7b:2a:fb:85:ed:32:aa:21:5d:f4: 8f:73:3d:62:a4:d0:17:3c:a2:47:62:de:1b:4c:ad:ce:1d:20: 6b:59:75:94:4f:f0:ab:63:5d:91:9a:db:2f:0f:98:13:5d:13: eb:ab:91:45:e5:1d:24:f9:db:dc:48:e9:f8:48:38:45:57:9a: d0:1f:db:c4:a8:70:a7:65:9e:8d:24:1f:3b:f1:90:a5:e0:3f: 53:13:bc:e1:6f:ab:e0:44:eb:f2:b4:e8:53:d2:2a:5a:89:f3: fc:10:34:3f:87:94:db:83:00:eb:5e:60:b5:cb:db:51:8f:68: 16:a7:c7:0b:a3:c6:54:34:37:24:9f:14:40:f6:75:24:53:30: c7:39:59:1f:28:a6:29:1c:79:9d:c4:45:37:fb:07:a3:e5:1c: 0a:6b:bd:6b:13:7a:f2:47:ed:91:7a:c0:af:70:75:d1:41:22: cd:29:00:67:a6:da:ae:c8:b6:3b:9c:fa:f5:d1:b6:f0:23:38: 1c:58:8e:ce:b6:06:dc:f3:c8:89:a9:a2:80:81:bb:83:5f:53: 21:e0:0a:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2s7XQoZ3zxdF6mGkEMG/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3 MTllZTAwHhcNMjUxMjIxMDMwMTI1WhcNMjUxMjIyMDMwMTI1WjAzMTEwLwYDVQQD EyhhY2I2MWU2ZDM0YzVjYjAyMjBlMzhiZDZiYWFiY2E4ZWQ1OGU1Y2JjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgOGRxBDOLuYJ2U243ShfyaEgOZ2 tfCs/w9phuc4dOTv8Mkz6uHmZ0KR1rWXUnUClB61kgYHIAjgqovnC3Q40Og75/nc dfxja9w9RnHle8d3/V22gJb5r5uPNhb+4fxm55rHdHUyuQ90uBGbPfkXO+0S33/T NolvGfYKiw24udvA5HlNVW2PP6Sh7F+vSNRFQnZVaoGIEE4trFBF80L7JBqhKpFG LBOO3NnHxRtT1MRd/zMbPVJ52cC9AK9x1+jmFX+qn0oQe6TNS+wiMcAX46IJt2PR PX9J3kTVAXVnzlLX8LzZAKBjcUA/VbsztsU2/lqvx3u/3LCril5OuOFx+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKy2Hm00xcsCIOOL1rqryo7Vjly8MB8GA1UdIwQY MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2 LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkGua2Akh AA5I1yM7/hZDTNxooldsygbpsoB3hbgE9FNN5YJ/cgLNj8ETsZl7KvuF7TKqIV30 j3M9YqTQFzyiR2LeG0ytzh0ga1l1lE/wq2NdkZrbLw+YE10T66uRReUdJPnb3Ejp +Eg4RVea0B/bxKhwp2WejSQfO/GQpeA/UxO84W+r4ETr8rToU9IqWonz/BA0P4eU 24MA615gtcvbUY9oFqfHC6PGVDQ3JJ8UQPZ1JFMwxzlZHyimKRx5ncRFN/sHo+Uc Cmu9axN68kftkXrAr3B10UEizSkAZ6barsi2O5z69dG28CM4HFiOzrYG3PPIiami gIG7g19TIeAKFg== -----END CERTIFICATE-----Generated at Sun Dec 21 06:55:38 2025 by rpki-client