This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft File: H0qus-K3pD3wHzHVGiDvIlXOr-M.mft (raw, json) Hash identifier: Uwty1UFe36zc5SGefVt1WDS1SRQYKZB8QfG0PzzXU0k= Subject key identifier: 99:91:31:C8:FE:B0:72:C3:9A:3B:24:67:62:E2:75:30:BB:23:80:47 Authority key identifier: 1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3 Certificate issuer: /CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3 Certificate serial: 019AF12ECEDA3C3D59CDE437C9AA19628B5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft Manifest number: 0602 Signing time: Sat 06 Dec 2025 01:02:47 +0000 Manifest this update: Sat 06 Dec 2025 01:02:47 +0000 Manifest next update: Sun 07 Dec 2025 01:02:47 +0000 Files and hashes: 1: H0qus-K3pD3wHzHVGiDvIlXOr-M.crl (hash: w62bqwIb0Keq+Po+nvC9rG/DaR06W/F9F8euDwQ0Dbs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:ce:da:3c:3d:59:cd:e4:37:c9:aa:19:62:8b:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f4aaeb3e2b7a43df01f31d51a20ef2255ceafe3 Validity Not Before: Dec 6 01:02:47 2025 GMT Not After : Dec 7 01:02:47 2025 GMT Subject: CN=999131c8feb072c39a3b246762e27530bb238047 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:36:c8:e4:55:75:d1:e3:80:f5:78:27:31:cb: 51:00:50:7c:34:01:b0:11:f1:d0:7a:82:83:a7:03: 2b:57:42:3b:fb:c0:86:41:91:22:41:d4:74:17:91: bb:1f:3d:74:37:46:14:50:66:c1:c5:e7:57:ad:7c: 49:57:e6:e6:3c:c2:a9:30:b5:0c:5e:0e:69:32:49: d7:c6:7b:d1:d2:e4:f8:d6:86:d0:16:a2:59:a3:3f: 1e:46:09:44:f0:d6:21:e8:b8:8f:d5:af:14:68:d9: 1e:b3:96:ae:6e:d6:51:fc:f9:4f:1b:7f:54:0b:c0: 04:64:70:71:b3:11:30:d7:27:79:01:c5:8c:fe:f8: 67:c2:06:bd:15:9b:43:08:f1:06:8f:ea:68:13:95: 78:29:76:40:5f:83:42:5c:bd:16:07:31:75:a0:06: 06:09:fd:f7:9e:7d:3c:b5:52:a1:d8:a3:7c:6a:ae: 86:b5:ef:37:df:e2:5b:4b:69:b8:a6:b8:4a:18:a9: ba:20:3c:b5:b5:fb:06:ca:d5:8c:81:65:11:f6:e2: 34:36:73:61:ac:3d:85:7c:c3:19:d4:66:a4:5d:ab: 12:be:e3:d4:de:7a:c7:5b:a1:82:52:23:90:00:a3: fb:7a:e2:f6:51:21:bb:3c:18:ec:75:7d:bf:8e:8d: 25:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:91:31:C8:FE:B0:72:C3:9A:3B:24:67:62:E2:75:30:BB:23:80:47 X509v3 Authority Key Identifier: keyid:1F:4A:AE:B3:E2:B7:A4:3D:F0:1F:31:D5:1A:20:EF:22:55:CE:AF:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0qus-K3pD3wHzHVGiDvIlXOr-M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/3f3f50-2f35-407e-b99c-e1842be412d1/1/H0qus-K3pD3wHzHVGiDvIlXOr-M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:9f:83:e1:cf:1c:8a:7b:05:d3:49:f0:65:b6:06:9c:c5:92: 56:aa:81:9a:d1:6d:4c:be:14:5e:f5:3d:58:d3:28:70:e1:f6: 90:98:99:f1:ec:b2:cd:c8:30:8f:ff:76:e6:9a:c7:de:47:61: 68:4a:c5:f7:f0:15:39:85:00:38:87:17:37:32:64:c7:aa:47: 89:ef:14:52:92:8d:1e:90:19:30:b3:cb:d6:75:8f:4b:2e:11: 15:4c:ce:9d:80:cc:9e:af:0b:eb:29:52:c0:4b:37:03:ae:94: af:4d:7a:84:b3:eb:9f:cb:50:b9:6e:56:40:0a:d1:2d:22:1d: 2b:b5:72:18:a8:ae:f7:aa:7b:3c:5b:7f:cf:6e:6d:9f:42:15: 73:9b:18:09:2b:e1:a1:e3:11:c4:60:e6:f2:64:b2:65:70:2e: 9e:f4:3d:64:69:35:1c:8a:f6:24:80:c0:f9:90:c6:c0:45:ad: 32:50:d6:80:9f:68:37:59:9f:3a:d1:8c:d3:b7:55:dc:ab:f3: a9:dd:2d:01:d6:45:7a:7f:f9:b4:e0:5f:6b:ce:7e:01:57:42: 05:54:89:12:ff:49:fe:3b:43:7b:ac:b3:f4:87:cb:5f:91:5b: 49:96:c6:74:2b:fe:9e:81:29:a0:8f:b1:d8:f0:93:9a:80:59: 99:46:fa:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLs7aPD1ZzeQ3yaoZYotfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmNGFhZWIzZTJiN2E0M2RmMDFmMzFkNTFhMjBlZjIyNTVj ZWFmZTMwHhcNMjUxMjA2MDEwMjQ3WhcNMjUxMjA3MDEwMjQ3WjAzMTEwLwYDVQQD Eyg5OTkxMzFjOGZlYjA3MmMzOWEzYjI0Njc2MmUyNzUzMGJiMjM4MDQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6zbI5FV10eOA9XgnMctRAFB8NAGw EfHQeoKDpwMrV0I7+8CGQZEiQdR0F5G7Hz10N0YUUGbBxedXrXxJV+bmPMKpMLUM Xg5pMknXxnvR0uT41obQFqJZoz8eRglE8NYh6LiP1a8UaNkes5aubtZR/PlPG39U C8AEZHBxsxEw1yd5AcWM/vhnwga9FZtDCPEGj+poE5V4KXZAX4NCXL0WBzF1oAYG Cf33nn08tVKh2KN8aq6Gte833+JbS2m4prhKGKm6IDy1tfsGytWMgWUR9uI0NnNh rD2FfMMZ1GakXasSvuPU3nrHW6GCUiOQAKP7euL2USG7PBjsdX2/jo0lKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJmRMcj+sHLDmjskZ2LidTC7I4BHMB8GA1UdIwQY MBaAFB9KrrPit6Q98B8x1Rog7yJVzq/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMt ZTE4NDJiZTQxMmQxLzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi8zZjNmNTAtMmYzNS00MDdlLWI5OWMtZTE4NDJiZTQxMmQx LzEvSDBxdXMtSzNwRDN3SHpIVkdpRHZJbFhPci1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjp+D4c8c insF00nwZbYGnMWSVqqBmtFtTL4UXvU9WNMocOH2kJiZ8eyyzcgwj/925prH3kdh aErF9/AVOYUAOIcXNzJkx6pHie8UUpKNHpAZMLPL1nWPSy4RFUzOnYDMnq8L6ylS wEs3A66Ur016hLPrn8tQuW5WQArRLSIdK7VyGKiu96p7PFt/z25tn0IVc5sYCSvh oeMRxGDm8mSyZXAunvQ9ZGk1HIr2JIDA+ZDGwEWtMlDWgJ9oN1mfOtGM07dV3Kvz qd0tAdZFen/5tOBfa85+AVdCBVSJEv9J/jtDe6yz9IfLX5FbSZbGdCv+noEpoI+x 2PCTmoBZmUb6Fg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:17:04 2025 by rpki-client