This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft File: HQrO6hf1PecI-ac6vAyHFk0gfQg.mft (raw, json) Hash identifier: o4MaRxS4iha10X7TVs4P5EZyUQFG2qqZtr9bQgHBVcM= Subject key identifier: E4:F0:BD:46:77:26:CC:ED:98:3B:76:58:9B:05:59:D6:26:45:4D:D9 Authority key identifier: 1D:0A:CE:EA:17:F5:3D:E7:08:F9:A7:3A:BC:0C:87:16:4D:20:7D:08 Certificate issuer: /CN=1d0aceea17f53de708f9a73abc0c87164d207d08 Certificate serial: 019AF509C02AF004B9550820BCBDB39AE644 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQrO6hf1PecI-ac6vAyHFk0gfQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft Manifest number: 1486 Signing time: Sat 06 Dec 2025 19:00:48 +0000 Manifest this update: Sat 06 Dec 2025 19:00:48 +0000 Manifest next update: Sun 07 Dec 2025 19:00:48 +0000 Files and hashes: 1: 9zhTOpiuNqKnk778yI8rOgQQ8-A.roa (hash: ABWXF/FnYjdj8H9UnlqrtLWEbBYpls+daSI459eMuZM=) 2: HQrO6hf1PecI-ac6vAyHFk0gfQg.crl (hash: Z9H7hMPH9jge+ceaRUOVfEO0vreSuCZTTrL06JRDZq8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft rsync://rpki.ripe.net/repository/DEFAULT/HQrO6hf1PecI-ac6vAyHFk0gfQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:c0:2a:f0:04:b9:55:08:20:bc:bd:b3:9a:e6:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d0aceea17f53de708f9a73abc0c87164d207d08 Validity Not Before: Dec 6 19:00:48 2025 GMT Not After : Dec 7 19:00:48 2025 GMT Subject: CN=e4f0bd467726cced983b76589b0559d626454dd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c5:b6:02:41:b9:8f:85:6e:7b:7c:fd:63:61: 55:83:f4:75:58:a5:67:6c:3c:1e:8e:f6:f3:cb:d2: bf:4a:45:6a:ce:2f:52:c9:c7:2f:b3:b8:fb:0f:5a: 31:5b:6e:aa:d1:76:87:1a:a3:87:f9:3c:40:6d:f0: 11:ac:0f:8b:ec:0c:75:eb:d5:fa:75:4d:f3:31:41: d6:cf:ba:20:d5:b8:63:41:9b:ef:f2:40:c1:6c:0b: 20:a2:d8:ee:2b:f6:fc:3c:26:c3:d1:12:49:c8:a4: ee:d5:5e:d2:ae:15:e5:eb:8c:97:f6:fc:37:fc:58: ec:f1:12:c6:47:67:4e:10:cd:30:9f:b7:cb:75:db: 8f:36:1d:85:04:36:e8:2f:03:07:bd:17:e1:c7:da: d4:d1:ba:d5:cd:ab:ed:bb:c1:c3:c7:ee:fc:bd:40: d1:22:34:fd:e5:8f:d7:fb:a5:5d:3a:35:b3:67:5f: 71:74:88:a4:25:ee:05:b1:ab:08:f1:6a:6a:c8:a4: f6:2a:5b:ab:72:78:d5:e4:13:32:49:ee:ee:99:4e: e4:57:ff:ee:d5:86:79:75:14:83:c2:47:06:10:8b: f1:22:0f:7e:2a:ed:da:57:99:67:57:c6:3a:ae:1c: 8d:f5:48:c7:d2:9c:23:ee:b4:1b:17:e3:bf:a6:49: 76:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:F0:BD:46:77:26:CC:ED:98:3B:76:58:9B:05:59:D6:26:45:4D:D9 X509v3 Authority Key Identifier: keyid:1D:0A:CE:EA:17:F5:3D:E7:08:F9:A7:3A:BC:0C:87:16:4D:20:7D:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQrO6hf1PecI-ac6vAyHFk0gfQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/da56f6-1cf2-4388-96fa-c6bcca721471/1/HQrO6hf1PecI-ac6vAyHFk0gfQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:c1:bb:09:e6:7f:ed:16:35:0f:e5:70:f3:15:9e:67:14:56: fc:b7:66:45:10:51:70:27:17:b5:13:e9:c4:42:4a:41:ce:fc: 6e:05:c9:84:a0:17:cd:97:36:08:a0:4d:47:2e:f8:01:32:49: 3a:dc:e0:bf:f3:f2:18:46:37:d1:01:5c:99:d9:6a:31:b4:ee: 77:19:44:46:1f:1a:5e:00:d2:64:6d:e9:e0:79:de:f5:97:97: 09:59:89:34:7d:d1:83:ec:05:db:8d:e5:91:3c:33:41:62:1d: 5f:14:fb:44:a2:79:a0:23:1e:d2:f0:58:9c:45:2d:ca:f6:f7: 0f:ac:27:05:25:ea:08:da:a9:aa:60:21:0d:be:fe:15:61:e7: b0:1c:d5:db:45:25:3c:75:f0:14:81:9e:b7:94:94:ef:55:c6: 51:6c:86:e1:45:ab:4d:26:40:ab:35:5f:72:de:eb:6f:33:52: fd:ab:ff:45:06:9a:41:c4:99:8f:ed:ad:5a:10:08:1f:ce:4f: 44:f5:7d:f9:13:fb:6d:3a:22:ae:df:21:6c:7a:d3:45:2b:b0: ea:45:70:b0:87:8e:f5:26:b8:3d:72:cb:c5:a5:11:c5:37:af: 30:7f:4e:df:ae:dc:69:4f:ea:f1:5d:87:09:9b:07:94:a4:cf: 2a:6b:89:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CcAq8AS5VQggvL2zmuZEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMGFjZWVhMTdmNTNkZTcwOGY5YTczYWJjMGM4NzE2NGQy MDdkMDgwHhcNMjUxMjA2MTkwMDQ4WhcNMjUxMjA3MTkwMDQ4WjAzMTEwLwYDVQQD EyhlNGYwYmQ0Njc3MjZjY2VkOTgzYjc2NTg5YjA1NTlkNjI2NDU0ZGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MW2AkG5j4Vue3z9Y2FVg/R1WKVn bDwejvbzy9K/SkVqzi9Syccvs7j7D1oxW26q0XaHGqOH+TxAbfARrA+L7Ax169X6 dU3zMUHWz7og1bhjQZvv8kDBbAsgotjuK/b8PCbD0RJJyKTu1V7SrhXl64yX9vw3 /Fjs8RLGR2dOEM0wn7fLdduPNh2FBDboLwMHvRfhx9rU0brVzavtu8HDx+78vUDR IjT95Y/X+6VdOjWzZ19xdIikJe4FsasI8WpqyKT2KlurcnjV5BMySe7umU7kV//u 1YZ5dRSDwkcGEIvxIg9+Ku3aV5lnV8Y6rhyN9UjH0pwj7rQbF+O/pkl2MwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOTwvUZ3JsztmDt2WJsFWdYmRU3ZMB8GA1UdIwQY MBaAFB0KzuoX9T3nCPmnOrwMhxZNIH0IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFFyTzZoZjFQZWNJLWFjNnZBeUhGazBnZlFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYTU2ZjYtMWNmMi00Mzg4LTk2ZmEt YzZiY2NhNzIxNDcxLzEvSFFyTzZoZjFQZWNJLWFjNnZBeUhGazBnZlFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kYTU2ZjYtMWNmMi00Mzg4LTk2ZmEtYzZiY2NhNzIxNDcx LzEvSFFyTzZoZjFQZWNJLWFjNnZBeUhGazBnZlFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcG7CeZ/ 7RY1D+Vw8xWeZxRW/LdmRRBRcCcXtRPpxEJKQc78bgXJhKAXzZc2CKBNRy74ATJJ Otzgv/PyGEY30QFcmdlqMbTudxlERh8aXgDSZG3p4Hne9ZeXCVmJNH3Rg+wF243l kTwzQWIdXxT7RKJ5oCMe0vBYnEUtyvb3D6wnBSXqCNqpqmAhDb7+FWHnsBzV20Ul PHXwFIGet5SU71XGUWyG4UWrTSZAqzVfct7rbzNS/av/RQaaQcSZj+2tWhAIH85P RPV9+RP7bToirt8hbHrTRSuw6kVwsIeO9Sa4PXLLxaURxTevMH9O367caU/q8V2H CZsHlKTPKmuJ8w== -----END CERTIFICATE-----Generated at Sun Dec 7 02:51:34 2025 by rpki-client