This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft File: h9OLoS9GKcITH8YOiVDWwwO-fSI.mft (raw, json) Hash identifier: NY7T7Krvlc1JSpTw3AGdF0yszACb50potz5TMdi3Za4= Subject key identifier: 89:BE:81:28:73:45:D1:C7:35:24:49:A9:55:35:D8:95:A6:F3:45:1A Authority key identifier: 87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22 Certificate issuer: /CN=87d38ba12f4629c2131fc60e8950d6c303be7d22 Certificate serial: 019AF5411815EFEB94EEBD6829059A3294E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft Manifest number: 08C5 Signing time: Sat 06 Dec 2025 20:01:15 +0000 Manifest this update: Sat 06 Dec 2025 20:01:15 +0000 Manifest next update: Sun 07 Dec 2025 20:01:15 +0000 Files and hashes: 1: NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa (hash: UBan9KbEcKtiRn9epXoesYMRtYi5lW0QY6/c4yNUKv8=) 2: h9OLoS9GKcITH8YOiVDWwwO-fSI.crl (hash: kYddP/AwmgmUc3qzLjB/YM+Gh5lkj5bwhphgRxZvwp0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 20:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:41:18:15:ef:eb:94:ee:bd:68:29:05:9a:32:94:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87d38ba12f4629c2131fc60e8950d6c303be7d22 Validity Not Before: Dec 6 20:01:15 2025 GMT Not After : Dec 7 20:01:15 2025 GMT Subject: CN=89be81287345d1c7352449a95535d895a6f3451a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:9e:a6:5d:bb:3b:bd:12:76:2a:fc:76:3d:d9: 00:ab:b7:84:16:34:8a:72:1a:35:8c:01:6a:db:3c: 4f:82:a0:5b:2f:78:f2:be:2a:0b:e4:ac:24:64:57: 8e:d6:e8:89:c7:83:7f:e0:de:bc:1b:3e:0e:5b:f7: 2d:ba:77:43:ee:a3:67:01:23:e7:13:59:e3:90:a3: 24:76:48:4e:4d:12:b6:49:74:99:3f:1e:6b:d7:91: 62:32:52:58:b4:5c:86:ea:e3:dd:a3:75:11:0e:7b: a6:82:21:0b:41:66:81:60:2d:47:80:65:22:1f:1f: 24:5a:35:45:a9:ba:02:a1:86:60:6c:1b:c9:38:51: f7:93:f6:3e:63:a9:b2:7d:56:56:f5:e3:ed:36:fe: 63:78:2d:b0:67:5d:6e:d7:3b:eb:67:ee:65:ac:20: ce:e5:af:b6:eb:12:f5:98:69:6b:6a:48:89:71:27: cc:73:71:e8:4d:6e:ec:d4:09:06:e3:41:e6:9e:95: 99:d8:af:f9:43:e3:c5:3b:dc:91:ee:89:91:44:ae: 1c:40:22:7c:f7:3c:4a:ec:7b:82:8e:5b:79:83:43: a0:43:68:92:61:49:62:f2:aa:b3:2d:22:58:a7:f1: d7:f8:b6:b3:9d:12:a9:5a:42:8a:cb:15:04:7a:c2: 29:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:BE:81:28:73:45:D1:C7:35:24:49:A9:55:35:D8:95:A6:F3:45:1A X509v3 Authority Key Identifier: keyid:87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e1:5f:99:f0:00:a0:fa:97:ab:e2:5f:1b:18:36:3c:a6:50:7d: 72:84:ed:8b:23:44:80:90:46:c8:58:8c:10:a5:e7:d3:a6:b0: ae:05:66:e4:09:1a:db:7a:7f:99:95:03:fe:c0:a3:c7:cd:14: f6:7e:3c:f7:8d:ad:73:aa:1b:a9:a7:ac:ab:97:ed:e9:db:ca: f0:cc:de:8e:3f:70:d3:cd:14:c0:5c:a8:ba:ba:24:e3:a4:29: 5e:a2:4f:cc:0a:76:35:8e:f1:2f:ac:9a:f7:fe:e8:6b:f0:e0: 9c:59:c6:30:77:a7:de:4b:a6:aa:0b:9e:11:fc:42:61:9a:4e: db:78:d2:c2:6e:89:17:6d:d7:36:c3:0d:51:34:00:43:d8:3f: 33:15:06:04:e6:bd:e2:77:4c:5d:dd:cf:97:b2:23:6d:c7:94: 08:2b:6a:1a:b3:32:75:b1:3d:25:94:a7:38:7c:26:33:d7:c1: 7f:1b:bd:fe:df:17:a9:a1:54:ad:dc:d6:23:e7:8f:1b:6d:fa: 56:44:a3:7c:bd:db:e9:d0:d9:a1:7b:ee:9d:8c:e5:66:44:c8: 51:25:27:86:38:6e:f4:d4:65:cc:42:ca:0f:9a:e3:0c:a3:71: 77:dd:82:b3:7e:0c:47:6c:6e:86:6b:30:57:fa:8a:19:05:05: 3c:76:ac:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QRgV7+uU7r1oKQWaMpTmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZDM4YmExMmY0NjI5YzIxMzFmYzYwZTg5NTBkNmMzMDNi ZTdkMjIwHhcNMjUxMjA2MjAwMTE1WhcNMjUxMjA3MjAwMTE1WjAzMTEwLwYDVQQD Eyg4OWJlODEyODczNDVkMWM3MzUyNDQ5YTk1NTM1ZDg5NWE2ZjM0NTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi56mXbs7vRJ2Kvx2PdkAq7eEFjSK cho1jAFq2zxPgqBbL3jyvioL5KwkZFeO1uiJx4N/4N68Gz4OW/ctundD7qNnASPn E1njkKMkdkhOTRK2SXSZPx5r15FiMlJYtFyG6uPdo3URDnumgiELQWaBYC1HgGUi Hx8kWjVFqboCoYZgbBvJOFH3k/Y+Y6myfVZW9ePtNv5jeC2wZ11u1zvrZ+5lrCDO 5a+26xL1mGlrakiJcSfMc3HoTW7s1AkG40HmnpWZ2K/5Q+PFO9yR7omRRK4cQCJ8 9zxK7HuCjlt5g0OgQ2iSYUli8qqzLSJYp/HX+LaznRKpWkKKyxUEesIpswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIm+gShzRdHHNSRJqVU12JWm80UaMB8GA1UdIwQY MBaAFIfTi6EvRinCEx/GDolQ1sMDvn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2Njkt ZmQ1NWM1OGVkYWY3LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2NjktZmQ1NWM1OGVkYWY3 LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4V+Z8ACg +per4l8bGDY8plB9coTtiyNEgJBGyFiMEKXn06awrgVm5Aka23p/mZUD/sCjx80U 9n48942tc6obqaesq5ft6dvK8Mzejj9w080UwFyourok46QpXqJPzAp2NY7xL6ya 9/7oa/DgnFnGMHen3kumqgueEfxCYZpO23jSwm6JF23XNsMNUTQAQ9g/MxUGBOa9 4ndMXd3Pl7IjbceUCCtqGrMydbE9JZSnOHwmM9fBfxu9/t8XqaFUrdzWI+ePG236 VkSjfL3b6dDZoXvunYzlZkTIUSUnhjhu9NRlzELKD5rjDKNxd92Cs34MR2xuhmsw V/qKGQUFPHasFw== -----END CERTIFICATE-----Generated at Sun Dec 7 03:56:03 2025 by rpki-client