This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json) Hash identifier: hOWls5uNVoxRqOy437YkNsEfAMwTE2VeOETP8dF4FjI= Subject key identifier: 31:3F:E0:99:9B:C5:CC:A2:46:88:C4:7A:A8:81:A0:F3:BD:D8:D8:DB Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd Certificate serial: 019AF1641C3A71E3ABE497B3E6C73B471BE1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft Manifest number: 16F2 Signing time: Sat 06 Dec 2025 02:01:00 +0000 Manifest this update: Sat 06 Dec 2025 02:01:00 +0000 Manifest next update: Sun 07 Dec 2025 02:01:00 +0000 Files and hashes: 1: WlFkHZf-mGa6meWaQmN57qSrEtA.roa (hash: B5J0da5BqpBMDIf+RMe68Zm2sCoZIjqiRagoU19Nd+4=) 2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: yYxTrT9qrrWWv66ZmDbx8ugUu2iOYHeo5QQlb4rECZ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:1c:3a:71:e3:ab:e4:97:b3:e6:c7:3b:47:1b:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd Validity Not Before: Dec 6 02:01:00 2025 GMT Not After : Dec 7 02:01:00 2025 GMT Subject: CN=313fe0999bc5cca24688c47aa881a0f3bdd8d8db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:93:54:e1:e3:a8:94:03:2f:6c:85:56:46:c4: 0e:9b:97:25:87:ae:7a:2b:ac:b4:38:e1:cd:0a:91: da:2a:13:7a:c8:f2:9c:d5:27:f1:59:31:29:46:fe: 68:08:dc:1f:f7:98:52:26:34:5e:31:35:51:14:b6: e2:1b:30:64:64:8d:a4:5a:7d:69:4c:f2:53:71:4d: cf:2e:74:01:e3:fb:5b:4d:55:ba:6e:ba:8b:27:0d: 10:a4:fd:f4:70:93:2b:11:ad:ae:96:ae:f1:b8:21: 14:b4:7a:1d:fd:28:3d:ea:49:f5:c7:70:d5:e5:85: 41:1c:0d:13:b7:29:03:17:19:e1:b9:49:24:cc:85: 62:0f:32:18:80:bd:0e:9b:a6:89:ec:65:c8:86:4d: cd:7a:e6:37:e7:25:56:0e:bd:93:c8:6d:1e:ac:22: 73:d2:85:7c:ef:92:37:e3:27:29:ae:72:dd:34:e9: 0a:47:c6:76:f0:89:5f:43:94:b2:06:78:00:54:f3: 68:34:0c:39:f8:05:fd:28:e8:f5:38:6f:81:64:84: f2:9c:14:61:03:e6:70:f6:78:3f:ac:ff:6f:cb:1d: 23:28:7f:56:80:f2:63:b8:33:0b:27:ba:d4:da:94: 44:a8:7e:bd:f9:fe:9d:0f:c9:e4:36:d3:88:d2:74: 2a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:3F:E0:99:9B:C5:CC:A2:46:88:C4:7A:A8:81:A0:F3:BD:D8:D8:DB X509v3 Authority Key Identifier: keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:18:1f:66:65:ac:29:03:ff:b3:02:6f:6d:db:f6:5f:5b:15: d3:6c:4a:3a:49:d2:52:9e:8a:8f:1f:0a:e1:87:11:67:af:00: c7:1f:b4:4b:4c:d5:82:4b:c6:28:c1:b8:ef:9c:91:4f:56:f7: ef:62:df:a7:88:6e:77:dd:7e:0d:49:66:c3:99:9b:8a:f7:9e: 6b:c4:d9:72:f9:3e:a1:0d:1a:ea:d5:2c:2c:1d:11:26:9c:06: 7c:4d:40:05:0f:78:24:9e:fd:02:a6:ef:5f:75:9a:a6:cb:5a: 52:46:58:ef:8e:41:32:96:bd:ba:e1:bb:94:1e:63:96:ef:72: 41:40:80:6f:5a:32:c9:6f:8a:c2:28:7c:04:6d:5c:3e:31:31: bd:41:88:ae:94:79:a7:14:75:11:9f:cb:7e:f8:eb:f9:65:3b: be:20:9a:cc:ca:2f:8b:b7:b8:75:50:49:d9:8e:b8:59:6a:eb: 51:05:b4:31:98:4e:78:11:49:94:12:c3:d0:35:f5:4e:25:9e: 05:7a:05:75:4d:81:10:ff:46:48:1a:09:eb:c6:3a:d7:b7:e6: 84:ff:d5:90:aa:06:88:3e:68:65:52:54:7f:1f:15:c0:73:2a: dc:63:de:ad:15:7f:b9:28:06:ab:51:4c:96:43:d8:39:44:21: 15:db:6c:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZBw6ceOr5Jez5sc7RxvhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0 NWI2Y2QwHhcNMjUxMjA2MDIwMTAwWhcNMjUxMjA3MDIwMTAwWjAzMTEwLwYDVQQD EygzMTNmZTA5OTliYzVjY2EyNDY4OGM0N2FhODgxYTBmM2JkZDhkOGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZNU4eOolAMvbIVWRsQOm5clh656 K6y0OOHNCpHaKhN6yPKc1SfxWTEpRv5oCNwf95hSJjReMTVRFLbiGzBkZI2kWn1p TPJTcU3PLnQB4/tbTVW6brqLJw0QpP30cJMrEa2ulq7xuCEUtHod/Sg96kn1x3DV 5YVBHA0TtykDFxnhuUkkzIViDzIYgL0Om6aJ7GXIhk3NeuY35yVWDr2TyG0erCJz 0oV875I34ycprnLdNOkKR8Z28IlfQ5SyBngAVPNoNAw5+AX9KOj1OG+BZITynBRh A+Zw9ng/rP9vyx0jKH9WgPJjuDMLJ7rU2pREqH69+f6dD8nkNtOI0nQqVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDE/4JmbxcyiRojEeqiBoPO92NjbMB8GA1UdIwQY MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRgfZmWs KQP/swJvbdv2X1sV02xKOknSUp6Kjx8K4YcRZ68Axx+0S0zVgkvGKMG475yRT1b3 72Lfp4hud91+DUlmw5mbiveea8TZcvk+oQ0a6tUsLB0RJpwGfE1ABQ94JJ79Aqbv X3WapstaUkZY745BMpa9uuG7lB5jlu9yQUCAb1oyyW+Kwih8BG1cPjExvUGIrpR5 pxR1EZ/Lfvjr+WU7viCazMovi7e4dVBJ2Y64WWrrUQW0MZhOeBFJlBLD0DX1TiWe BXoFdU2BEP9GSBoJ68Y617fmhP/VkKoGiD5oZVJUfx8VwHMq3GPerRV/uSgGq1FM lkPYOUQhFdtsAQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:18:13 2025 by rpki-client