This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft File: hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json) Hash identifier: E1VIDcJjch+b7pOKvHIvcTcALLqLMs2TaRSgYs/WQxU= Subject key identifier: D0:FA:6C:4A:67:7F:0F:E9:7F:48:A0:52:6E:1B:AC:56:13:2B:44:C2 Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45 Certificate issuer: /CN=8431a999cbf040bd340d2935d89961b52f04a445 Certificate serial: 019AF12CD356D7F15B28DE018CB829EE499F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft Manifest number: 0A93 Signing time: Sat 06 Dec 2025 01:00:37 +0000 Manifest this update: Sat 06 Dec 2025 01:00:37 +0000 Manifest next update: Sun 07 Dec 2025 01:00:37 +0000 Files and hashes: 1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: 2stkPuTsMX0aMcOkne1jWz2kJKQcS75UVRqtkHN2b4M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:d3:56:d7:f1:5b:28:de:01:8c:b8:29:ee:49:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445 Validity Not Before: Dec 6 01:00:37 2025 GMT Not After : Dec 7 01:00:37 2025 GMT Subject: CN=d0fa6c4a677f0fe97f48a0526e1bac56132b44c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:dc:70:a7:ec:ed:59:87:31:17:b8:dc:f5:6b: 67:a0:14:d3:e9:4c:6d:fd:7b:31:8c:8e:01:a2:a0: 30:f3:8d:08:c9:fa:c9:51:4d:16:4b:4b:1b:e4:7c: 9e:fd:29:b6:c1:87:c4:f9:d0:40:d9:2c:ce:5d:c8: 32:89:6b:b5:ab:4a:a9:02:e6:f4:be:c1:7a:6f:4f: 42:00:12:ed:3b:6e:ee:be:7d:23:38:76:20:7b:cc: 05:c9:e7:cf:11:11:94:c7:a3:a8:38:21:03:8a:d8: 2a:00:c2:a4:18:14:07:b5:65:d5:ea:86:7d:fa:bd: 29:19:33:10:97:3f:26:5d:05:3b:a8:ba:e5:a4:ff: 10:69:b1:7a:43:f4:17:b4:53:32:6c:b8:13:20:03: 59:4a:1a:d3:8e:c8:b0:ac:bc:11:3b:94:b1:b6:ed: 54:5f:dc:c8:87:1e:0e:52:b0:52:b3:bf:c2:04:a2: 35:c6:f8:73:45:28:01:23:59:c1:f6:b7:54:d7:36: 9c:57:26:a1:9a:f6:e1:ce:f2:53:5b:a7:cb:09:1e: e4:b5:1d:97:49:a4:d2:91:86:f1:4b:2f:86:c3:8a: f4:c7:d1:5b:f6:76:80:8e:f8:2a:79:97:a1:3a:9c: 3c:59:8e:3a:70:41:aa:09:68:da:a2:9b:a5:87:9a: 9b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:FA:6C:4A:67:7F:0F:E9:7F:48:A0:52:6E:1B:AC:56:13:2B:44:C2 X509v3 Authority Key Identifier: keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:5b:5a:62:81:d7:50:e4:e3:0b:f3:2e:0d:3f:b6:cc:5b:6f: 34:1d:51:10:4e:f0:5d:cd:54:e5:ec:a6:3f:92:9c:7a:98:d4: 4c:f7:5e:56:6f:4a:9c:97:3f:ee:aa:95:46:5e:83:db:6f:09: 19:6b:c4:ab:a0:b2:8a:62:81:ca:3d:9b:7c:ca:98:39:91:b9: 06:fa:ce:a6:c1:78:19:a0:c3:89:a1:75:6e:bc:7d:f3:20:2e: 2c:f2:31:9e:38:23:5e:a1:e5:7f:c8:b1:aa:42:b6:2b:a2:d3: 30:c0:22:2f:ef:98:f2:dc:d2:99:46:6b:2d:cf:ef:2c:93:e3: bd:14:e8:54:04:c1:6b:b9:fd:16:07:72:2d:28:f1:3a:25:6f: 63:67:9c:e8:95:c7:19:b6:7c:7c:6a:40:a5:d3:17:73:b8:fb: 44:f5:d2:63:ef:30:5b:0a:28:1a:92:99:5c:3c:67:4a:1e:66: 86:d9:fd:01:42:d1:61:1a:cf:39:f7:2b:e3:20:4e:5c:1e:52: 61:75:94:79:50:c2:3d:ff:2d:b4:4f:a7:1d:2f:90:3c:8d:56: 92:cb:ab:a8:cf:e5:55:2e:40:a9:ae:49:32:1d:d1:91:8f:df: 17:74:2b:13:80:44:06:fc:a8:5b:c7:ba:fc:bf:40:64:fd:b3: 91:8b:4e:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLNNW1/FbKN4BjLgp7kmfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw NGE0NDUwHhcNMjUxMjA2MDEwMDM3WhcNMjUxMjA3MDEwMDM3WjAzMTEwLwYDVQQD EyhkMGZhNmM0YTY3N2YwZmU5N2Y0OGEwNTI2ZTFiYWM1NjEzMmI0NGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9xwp+ztWYcxF7jc9WtnoBTT6Uxt /XsxjI4BoqAw840IyfrJUU0WS0sb5Hye/Sm2wYfE+dBA2SzOXcgyiWu1q0qpAub0 vsF6b09CABLtO27uvn0jOHYge8wFyefPERGUx6OoOCEDitgqAMKkGBQHtWXV6oZ9 +r0pGTMQlz8mXQU7qLrlpP8QabF6Q/QXtFMybLgTIANZShrTjsiwrLwRO5Sxtu1U X9zIhx4OUrBSs7/CBKI1xvhzRSgBI1nB9rdU1zacVyahmvbhzvJTW6fLCR7ktR2X SaTSkYbxSy+Gw4r0x9Fb9naAjvgqeZehOpw8WY46cEGqCWjaopulh5qbLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFND6bEpnfw/pf0igUm4brFYTK0TCMB8GA1UdIwQY MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQVtaYoHX UOTjC/MuDT+2zFtvNB1REE7wXc1U5eymP5KcepjUTPdeVm9KnJc/7qqVRl6D228J GWvEq6CyimKByj2bfMqYOZG5BvrOpsF4GaDDiaF1brx98yAuLPIxnjgjXqHlf8ix qkK2K6LTMMAiL++Y8tzSmUZrLc/vLJPjvRToVATBa7n9FgdyLSjxOiVvY2ec6JXH GbZ8fGpApdMXc7j7RPXSY+8wWwooGpKZXDxnSh5mhtn9AULRYRrPOfcr4yBOXB5S YXWUeVDCPf8ttE+nHS+QPI1WksurqM/lVS5Aqa5JMh3RkY/fF3QrE4BEBvyoW8e6 /L9AZP2zkYtOYg== -----END CERTIFICATE-----Generated at Sat Dec 6 06:59:22 2025 by rpki-client