This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft File: _hEX6Xaz4zlTuTYbtLseui9Ane0.mft (raw, json) Hash identifier: 5Q7oA8yT1Y+YscgyOjjNksIrEvt+iuJKYGGVuyL5wQY= Subject key identifier: BC:06:C6:CB:63:12:64:28:27:23:CD:D3:47:3F:59:B2:2E:B7:5A:B9 Authority key identifier: FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED Certificate issuer: /CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded Certificate serial: 019AF208C34E8E60D01EBD478DD3D0D47D73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft Manifest number: 087E Signing time: Sat 06 Dec 2025 05:00:51 +0000 Manifest this update: Sat 06 Dec 2025 05:00:51 +0000 Manifest next update: Sun 07 Dec 2025 05:00:51 +0000 Files and hashes: 1: _hEX6Xaz4zlTuTYbtLseui9Ane0.crl (hash: wQrRi39v9qTGxtPzSYcbQt9aXdMG9X0OSoOIGD5Sio0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:c3:4e:8e:60:d0:1e:bd:47:8d:d3:d0:d4:7d:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe1117e976b3e33953b9361bb4bb1eba2f409ded Validity Not Before: Dec 6 05:00:51 2025 GMT Not After : Dec 7 05:00:51 2025 GMT Subject: CN=bc06c6cb631264282723cdd3473f59b22eb75ab9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:40:39:f0:7c:7d:d9:b2:fd:cb:92:07:cd:c5: 08:10:26:fb:38:e7:20:0d:c9:a1:a3:1d:c7:d8:89: cc:6a:5b:0b:fe:0a:95:9b:fc:3d:8f:73:1f:f5:39: e3:39:15:5c:2d:46:67:57:93:85:a4:7f:06:f5:12: 06:58:29:33:d4:12:26:e9:e0:fc:dd:66:2c:b2:28: 08:3a:c2:89:6f:3a:30:cd:07:b9:0b:15:f2:86:61: c8:0f:d6:ec:1a:a3:8a:77:7a:6f:69:f4:3b:13:91: 62:76:ab:b8:27:27:ab:bc:f4:ce:77:35:ab:6e:ef: ff:ef:b5:56:cc:77:fa:a3:a3:29:59:4e:3e:37:c6: cc:b6:83:c4:f9:9b:7c:b3:07:a9:f1:1a:de:85:71: ad:e7:52:76:49:e8:c0:dc:56:f6:5a:31:5a:0f:f6: 23:40:cd:f9:2f:c2:81:d0:20:0b:6b:27:28:5b:f0: da:d3:31:f2:19:0e:a6:91:8f:27:c2:94:c9:10:e1: aa:f3:c9:c4:b0:e9:10:85:d3:0b:48:06:8f:c2:0a: a4:b1:ba:ed:59:45:77:9d:7a:57:c0:88:6a:cf:c8: e3:ed:32:75:e5:0c:5e:ce:a8:15:3b:25:2c:8f:84: c5:50:9b:fa:5c:07:48:bb:27:a8:c4:77:89:ac:4a: b5:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:06:C6:CB:63:12:64:28:27:23:CD:D3:47:3F:59:B2:2E:B7:5A:B9 X509v3 Authority Key Identifier: keyid:FE:11:17:E9:76:B3:E3:39:53:B9:36:1B:B4:BB:1E:BA:2F:40:9D:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hEX6Xaz4zlTuTYbtLseui9Ane0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ccfb64-2ec9-4d86-aace-846e1f41fc62/1/_hEX6Xaz4zlTuTYbtLseui9Ane0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:c2:e8:75:01:ff:31:c5:37:38:91:1a:08:7c:a1:8f:e9:0d: d0:b7:15:c0:fe:ac:49:f4:e9:b3:bf:22:6d:81:a8:c0:0c:1e: a9:89:12:46:eb:2d:0b:ae:5c:19:87:48:6c:d4:8a:f9:ae:23: 84:c3:e4:44:52:4e:94:34:7f:9b:dd:2a:86:c0:87:ae:cb:40: 5d:ec:d5:4e:32:4e:d3:cf:e2:e9:28:0a:13:51:e5:f3:9e:f9: 21:31:b3:54:5d:8c:26:4c:ef:10:e0:fc:d2:7a:19:9e:91:4d: d8:7e:e3:3a:77:31:f1:7d:64:5d:55:55:c0:58:04:24:aa:7c: ab:f3:da:c5:2b:d3:aa:82:4e:8d:d3:38:9f:4d:ea:33:41:79: 02:c2:a9:53:6b:5b:ee:19:cb:89:15:b8:24:39:e7:54:f2:46: 79:17:f4:43:b9:5c:76:f0:cc:cd:a3:58:51:77:08:7b:0f:ea: ee:cf:fd:ac:2b:95:c0:89:88:37:7e:54:f7:23:ad:81:a0:97: 8c:f8:68:d5:a8:ef:bb:08:5e:3a:59:d6:75:fb:42:90:8d:2a: 28:3b:8b:61:b1:d0:22:86:61:c8:b8:7f:dd:77:21:a6:ed:a8: 4b:7e:f3:17:74:5b:70:5c:8d:bf:bc:2d:ed:94:7e:8e:f1:55: 51:aa:5b:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCMNOjmDQHr1HjdPQ1H1zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlMTExN2U5NzZiM2UzMzk1M2I5MzYxYmI0YmIxZWJhMmY0 MDlkZWQwHhcNMjUxMjA2MDUwMDUxWhcNMjUxMjA3MDUwMDUxWjAzMTEwLwYDVQQD EyhiYzA2YzZjYjYzMTI2NDI4MjcyM2NkZDM0NzNmNTliMjJlYjc1YWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEA58Hx92bL9y5IHzcUIECb7OOcg Dcmhox3H2InMalsL/gqVm/w9j3Mf9TnjORVcLUZnV5OFpH8G9RIGWCkz1BIm6eD8 3WYssigIOsKJbzowzQe5CxXyhmHID9bsGqOKd3pvafQ7E5Fidqu4JyervPTOdzWr bu//77VWzHf6o6MpWU4+N8bMtoPE+Zt8swep8RrehXGt51J2SejA3Fb2WjFaD/Yj QM35L8KB0CALaycoW/Da0zHyGQ6mkY8nwpTJEOGq88nEsOkQhdMLSAaPwgqksbrt WUV3nXpXwIhqz8jj7TJ15QxezqgVOyUsj4TFUJv6XAdIuyeoxHeJrEq11wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLwGxstjEmQoJyPN00c/WbIut1q5MB8GA1UdIwQY MBaAFP4RF+l2s+M5U7k2G7S7HrovQJ3tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2Ut ODQ2ZTFmNDFmYzYyLzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9jY2ZiNjQtMmVjOS00ZDg2LWFhY2UtODQ2ZTFmNDFmYzYy LzEvX2hFWDZYYXo0emxUdVRZYnRMc2V1aTlBbmUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb8LodQH/ McU3OJEaCHyhj+kN0LcVwP6sSfTps78ibYGowAweqYkSRustC65cGYdIbNSK+a4j hMPkRFJOlDR/m90qhsCHrstAXezVTjJO08/i6SgKE1Hl8575ITGzVF2MJkzvEOD8 0noZnpFN2H7jOncx8X1kXVVVwFgEJKp8q/PaxSvTqoJOjdM4n03qM0F5AsKpU2tb 7hnLiRW4JDnnVPJGeRf0Q7lcdvDMzaNYUXcIew/q7s/9rCuVwImIN35U9yOtgaCX jPho1ajvuwheOlnWdftCkI0qKDuLYbHQIoZhyLh/3Xchpu2oS37zF3RbcFyNv7wt 7ZR+jvFVUapbHQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:04:47 2025 by rpki-client