This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft File: hgLiX_EiDtSqju94wzpyKrWIP40.mft (raw, json) Hash identifier: CGLE2rx0Kk7Wh2f3J853/cA1S9n35s1+0GLLME5cM5g= Subject key identifier: A4:A2:3C:19:39:CA:8A:4E:38:1F:04:1D:8C:F8:31:7D:A7:BE:18:66 Authority key identifier: 86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D Certificate issuer: /CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d Certificate serial: 019AF12DAC403B5A33951A52FAE50E3197B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft Manifest number: 0215 Signing time: Sat 06 Dec 2025 01:01:33 +0000 Manifest this update: Sat 06 Dec 2025 01:01:33 +0000 Manifest next update: Sun 07 Dec 2025 01:01:33 +0000 Files and hashes: 1: hgLiX_EiDtSqju94wzpyKrWIP40.crl (hash: sX6XJEqfYMdjiKL1ri4MsoSAXPFRrNBtHP9zUl46lcY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ac:40:3b:5a:33:95:1a:52:fa:e5:0e:31:97:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8602e25ff1220ed4aa8eef78c33a722ab5883f8d Validity Not Before: Dec 6 01:01:33 2025 GMT Not After : Dec 7 01:01:33 2025 GMT Subject: CN=a4a23c1939ca8a4e381f041d8cf8317da7be1866 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:65:4b:25:00:29:d0:b8:d5:1b:27:fd:d4:40: ba:14:4f:24:f7:ec:d8:5b:75:6a:53:f6:23:c8:c0: f4:1e:41:64:90:ff:62:ba:b9:f4:63:fb:47:a7:42: 17:1d:0e:5a:51:e1:3f:32:0c:08:fc:e2:88:1f:63: 48:a0:08:ae:e0:8f:cb:16:ee:12:08:7c:c6:17:d9: f7:a9:68:e9:a9:94:d5:2c:b7:bb:4b:b1:7c:ac:05: 07:9a:60:c0:37:a3:7e:de:7a:c4:c0:2e:f5:ff:3d: 04:de:00:98:8e:c9:62:77:23:79:23:c5:94:74:c6: c6:26:e6:25:53:51:ff:49:f3:6e:a1:b2:ad:6d:29: a6:28:eb:a4:4a:ff:b4:75:a1:ea:62:08:fc:71:ea: bd:ce:0f:41:d8:b9:3c:3b:86:b5:5e:ae:cc:33:fe: 98:f3:19:5f:7b:77:8c:1d:87:bc:71:b1:78:09:8e: 77:ea:04:e7:05:05:19:00:5b:e3:52:f6:9d:33:88: a3:33:f4:04:3e:44:d2:34:ee:61:95:27:39:64:95: ca:4c:68:4d:83:7f:7d:4a:07:ae:3b:42:cc:c6:1d: 7c:a7:67:f3:49:e6:1c:15:6c:87:74:b9:47:6f:9a: e8:3d:90:07:99:6c:f9:d1:6f:89:e9:4b:42:24:b7: 90:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:A2:3C:19:39:CA:8A:4E:38:1F:04:1D:8C:F8:31:7D:A7:BE:18:66 X509v3 Authority Key Identifier: keyid:86:02:E2:5F:F1:22:0E:D4:AA:8E:EF:78:C3:3A:72:2A:B5:88:3F:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgLiX_EiDtSqju94wzpyKrWIP40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e380-f955-4feb-9ef8-481f457e1b89/1/hgLiX_EiDtSqju94wzpyKrWIP40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:24:01:37:1f:8a:7f:00:11:06:a9:8a:89:16:fc:1d:a7:d4: bc:31:f5:16:16:32:48:05:4d:b2:87:42:80:f9:ff:48:93:55: 18:41:59:b0:a7:69:c9:a0:13:b1:99:41:25:b5:7c:25:52:44: 2a:71:96:a0:b8:79:86:94:e1:7d:aa:0d:24:e0:7e:53:fe:2b: 51:74:5b:0c:32:42:42:c8:b4:31:c3:a9:86:83:24:ad:70:3f: 67:1e:00:e2:97:46:16:87:2b:56:8b:bf:d9:5b:79:1f:59:5e: 2d:1e:f4:8a:dd:20:3f:ae:1e:09:48:5e:fd:e8:b7:ef:2b:60: 6c:d0:a4:d9:d7:9b:21:89:ea:5f:00:e6:7a:fa:95:ac:3b:9c: e6:aa:29:45:21:18:40:5f:64:df:56:13:68:dc:8f:7b:36:14: d7:47:45:c9:25:8c:7f:40:f3:90:20:c2:0c:6d:79:c7:9d:6c: 05:2f:39:8c:c2:b2:05:7e:eb:25:84:e8:d1:14:a5:56:ad:61: f5:25:94:a2:88:45:3c:8d:16:89:e2:87:da:2e:1b:95:6a:26: 20:61:77:3c:4e:9b:33:65:55:ae:b3:a7:d6:89:2f:e3:df:5b: 61:91:2b:fd:f5:57:44:f4:be:b1:fd:f3:12:b5:6b:11:86:3c: 2a:47:dd:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLaxAO1ozlRpS+uUOMZe3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MDJlMjVmZjEyMjBlZDRhYThlZWY3OGMzM2E3MjJhYjU4 ODNmOGQwHhcNMjUxMjA2MDEwMTMzWhcNMjUxMjA3MDEwMTMzWjAzMTEwLwYDVQQD EyhhNGEyM2MxOTM5Y2E4YTRlMzgxZjA0MWQ4Y2Y4MzE3ZGE3YmUxODY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92VLJQAp0LjVGyf91EC6FE8k9+zY W3VqU/YjyMD0HkFkkP9iurn0Y/tHp0IXHQ5aUeE/MgwI/OKIH2NIoAiu4I/LFu4S CHzGF9n3qWjpqZTVLLe7S7F8rAUHmmDAN6N+3nrEwC71/z0E3gCYjslidyN5I8WU dMbGJuYlU1H/SfNuobKtbSmmKOukSv+0daHqYgj8ceq9zg9B2Lk8O4a1Xq7MM/6Y 8xlfe3eMHYe8cbF4CY536gTnBQUZAFvjUvadM4ijM/QEPkTSNO5hlSc5ZJXKTGhN g399SgeuO0LMxh18p2fzSeYcFWyHdLlHb5roPZAHmWz50W+J6UtCJLeQVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKSiPBk5yopOOB8EHYz4MX2nvhhmMB8GA1UdIwQY MBaAFIYC4l/xIg7Uqo7veMM6ciq1iD+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgt NDgxZjQ1N2UxYjg5LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9jMmUzODAtZjk1NS00ZmViLTllZjgtNDgxZjQ1N2UxYjg5 LzEvaGdMaVhfRWlEdFNxanU5NHd6cHlLcldJUDQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCQBNx+K fwARBqmKiRb8HafUvDH1FhYySAVNsodCgPn/SJNVGEFZsKdpyaATsZlBJbV8JVJE KnGWoLh5hpThfaoNJOB+U/4rUXRbDDJCQsi0McOphoMkrXA/Zx4A4pdGFocrVou/ 2Vt5H1leLR70it0gP64eCUhe/ei37ytgbNCk2debIYnqXwDmevqVrDuc5qopRSEY QF9k31YTaNyPezYU10dFySWMf0DzkCDCDG15x51sBS85jMKyBX7rJYTo0RSlVq1h 9SWUoohFPI0WieKH2i4blWomIGF3PE6bM2VVrrOn1okv499bYZEr/fVXRPS+sf3z ErVrEYY8KkfdtA== -----END CERTIFICATE-----Generated at Sat Dec 6 06:59:13 2025 by rpki-client