This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft File: an0UIH91yLFYDbJ_defD_bH_hgw.mft (raw, json) Hash identifier: zxcY3UVxy9BelHFyJELOFzu3TwG0TR6jhf0uppksPMI= Subject key identifier: 22:7D:A4:4E:A0:06:95:3A:88:CD:EB:6F:35:A2:7F:15:51:0F:03:CC Authority key identifier: 6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C Certificate issuer: /CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c Certificate serial: 019B2F9E32F2DDB346497791383CFDB7125C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft Manifest number: 0A10 Signing time: Thu 18 Dec 2025 04:00:55 +0000 Manifest this update: Thu 18 Dec 2025 04:00:55 +0000 Manifest next update: Fri 19 Dec 2025 04:00:55 +0000 Files and hashes: 1: an0UIH91yLFYDbJ_defD_bH_hgw.crl (hash: B9Xv8zHC0OKwLc/2mH1UtUvyHOzfqt1temJjDD1v+mc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:9e:32:f2:dd:b3:46:49:77:91:38:3c:fd:b7:12:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a7d14207f75c8b1580db27f75e7c3fdb1ff860c Validity Not Before: Dec 18 04:00:55 2025 GMT Not After : Dec 19 04:00:55 2025 GMT Subject: CN=227da44ea006953a88cdeb6f35a27f15510f03cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ec:5c:aa:ef:23:07:8d:c1:53:2d:59:5a:49: 2d:61:81:46:c4:17:d7:70:48:c6:60:9b:a7:3f:df: 3f:d7:58:2c:ff:64:48:7a:3c:79:13:c3:71:95:ab: 50:7d:24:ed:6e:e2:6c:c9:eb:2b:cc:db:64:2d:2a: 95:4b:be:c1:69:c3:d2:db:c3:a8:1d:a2:3b:5f:e3: 4d:0f:17:3c:44:13:97:60:0a:90:82:b0:ad:58:80: 26:39:fb:ec:b1:06:e4:7d:68:e1:19:8f:98:1d:33: a7:22:02:f8:78:ad:d0:36:e2:4d:ff:47:a8:35:5a: bb:50:1e:47:f6:02:94:c4:0c:2c:39:58:e1:91:80: af:ff:7f:4c:e8:8c:5a:dc:7d:5a:b4:e9:df:d2:d1: 85:bf:83:d8:6c:83:69:a5:83:5b:33:f9:09:00:15: 7b:89:37:32:b7:80:ac:b9:46:5c:92:e8:d4:51:9d: 97:b2:e8:c2:8d:e6:19:34:b3:de:78:f6:ff:c5:25: 2f:ff:d8:0f:37:95:a8:4d:ff:79:81:eb:6c:a1:40: e0:1f:8a:7f:9c:6b:6d:69:55:b9:8e:5e:60:c1:fe: a4:1d:43:64:de:45:45:aa:ff:c9:36:9a:09:c6:b3: 24:f8:5b:c3:05:0b:e4:90:c0:03:2c:37:21:b4:52: 9c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:7D:A4:4E:A0:06:95:3A:88:CD:EB:6F:35:A2:7F:15:51:0F:03:CC X509v3 Authority Key Identifier: keyid:6A:7D:14:20:7F:75:C8:B1:58:0D:B2:7F:75:E7:C3:FD:B1:FF:86:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/an0UIH91yLFYDbJ_defD_bH_hgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/4e6a3b-ff31-47c9-97b1-beaa73710a65/1/an0UIH91yLFYDbJ_defD_bH_hgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:e6:a4:c5:2f:12:23:e8:6a:b9:fc:45:c9:29:f8:cc:35:60: 15:0f:6a:82:7f:f1:c5:bd:1a:32:6a:ce:ee:d0:08:dc:83:bd: 55:30:20:38:5b:23:15:7f:5d:86:f7:57:c9:cc:17:f0:8b:fa: ed:52:d0:e9:73:34:94:61:21:8d:df:8c:eb:9a:4e:10:21:43: 55:db:f7:e3:35:6b:64:a4:18:b5:7a:74:33:50:a6:a1:90:dd: a9:ba:c4:c5:1b:2e:ee:0c:d3:0c:a6:3d:d0:57:46:8c:80:cb: 46:e8:c1:9c:b9:fc:76:d0:30:94:31:ae:db:c8:2d:26:57:44: 10:40:98:12:df:a5:cc:6a:e5:97:d8:be:aa:f3:c4:a6:24:40: 6c:c9:0c:1c:50:4f:da:dd:f0:37:ad:d3:2c:e9:34:4c:23:b9: 6e:e0:3c:95:10:22:59:08:89:fe:b8:e9:23:d7:74:eb:0d:de: ce:13:45:11:55:d7:a1:f2:d8:d1:2c:e4:ed:9e:f1:ec:f1:2d: 4f:37:b4:71:b4:ce:1d:ec:c6:87:3d:9b:3c:a5:3d:b7:85:00: ae:b6:84:34:25:e6:d3:f3:c7:8c:68:a1:b7:a0:28:f9:d8:41: 25:e4:7e:64:d0:b0:13:ad:20:3a:cc:3f:99:17:be:45:51:92: 13:4a:2f:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvnjLy3bNGSXeRODz9txJcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhN2QxNDIwN2Y3NWM4YjE1ODBkYjI3Zjc1ZTdjM2ZkYjFm Zjg2MGMwHhcNMjUxMjE4MDQwMDU1WhcNMjUxMjE5MDQwMDU1WjAzMTEwLwYDVQQD EygyMjdkYTQ0ZWEwMDY5NTNhODhjZGViNmYzNWEyN2YxNTUxMGYwM2NjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOxcqu8jB43BUy1ZWkktYYFGxBfX cEjGYJunP98/11gs/2RIejx5E8NxlatQfSTtbuJsyesrzNtkLSqVS77BacPS28Oo HaI7X+NNDxc8RBOXYAqQgrCtWIAmOfvssQbkfWjhGY+YHTOnIgL4eK3QNuJN/0eo NVq7UB5H9gKUxAwsOVjhkYCv/39M6Ixa3H1atOnf0tGFv4PYbINppYNbM/kJABV7 iTcyt4CsuUZckujUUZ2XsujCjeYZNLPeePb/xSUv/9gPN5WoTf95getsoUDgH4p/ nGttaVW5jl5gwf6kHUNk3kVFqv/JNpoJxrMk+FvDBQvkkMADLDchtFKcwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCJ9pE6gBpU6iM3rbzWifxVRDwPMMB8GA1UdIwQY MBaAFGp9FCB/dcixWA2yf3Xnw/2x/4YMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEt YmVhYTczNzEwYTY1LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC80ZTZhM2ItZmYzMS00N2M5LTk3YjEtYmVhYTczNzEwYTY1 LzEvYW4wVUlIOTF5TEZZRGJKX2RlZkRfYkhfaGd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnuakxS8S I+hqufxFySn4zDVgFQ9qgn/xxb0aMmrO7tAI3IO9VTAgOFsjFX9dhvdXycwX8Iv6 7VLQ6XM0lGEhjd+M65pOECFDVdv34zVrZKQYtXp0M1CmoZDdqbrExRsu7gzTDKY9 0FdGjIDLRujBnLn8dtAwlDGu28gtJldEEECYEt+lzGrll9i+qvPEpiRAbMkMHFBP 2t3wN63TLOk0TCO5buA8lRAiWQiJ/rjpI9d06w3ezhNFEVXXofLY0Szk7Z7x7PEt Tze0cbTOHezGhz2bPKU9t4UArraENCXm0/PHjGiht6Ao+dhBJeR+ZNCwE60gOsw/ mRe+RVGSE0ov1g== -----END CERTIFICATE-----Generated at Thu Dec 18 07:06:47 2025 by rpki-client