This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json) Hash identifier: c/vPC2M/cyXe40PReauHVWMgOQ0CRVie74Mu/rQeii0= Subject key identifier: 60:5F:AB:4C:67:F6:51:9C:EB:D6:BC:43:D8:B8:64:2B:5E:A7:78:16 Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63 Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763 Certificate serial: 019AF42E153F1E2077F3A52139EC6EA5385A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft Manifest number: 0B4B Signing time: Sat 06 Dec 2025 15:00:51 +0000 Manifest this update: Sat 06 Dec 2025 15:00:51 +0000 Manifest next update: Sun 07 Dec 2025 15:00:51 +0000 Files and hashes: 1: 2z5OP5uOUPeCHEZvOlemyfzgiqA.roa (hash: Hk782ryuX9Xc6GFCRAe62b1gzyY4Vb/jeKK1cnQhmr8=) 2: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: VnO+ox8pET6EUfWmz5Q4CBESSgiYz9f+tBJabVEoJ0k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:15:3f:1e:20:77:f3:a5:21:39:ec:6e:a5:38:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87de085975de6588e07fed135513aa38acedb763 Validity Not Before: Dec 6 15:00:51 2025 GMT Not After : Dec 7 15:00:51 2025 GMT Subject: CN=605fab4c67f6519cebd6bc43d8b8642b5ea77816 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:5b:81:2f:3a:70:b4:ba:71:60:2e:5d:c6:9c: 0e:f1:11:d9:01:06:35:45:92:88:de:87:e5:0c:f7: 4e:4f:8e:61:a9:63:38:31:76:0c:02:5f:f1:7d:06: a4:7a:c4:e5:01:34:47:6f:04:2f:6d:c0:98:31:e4: 4d:02:55:92:c5:ef:61:29:80:8a:2a:55:9a:6f:6e: e3:17:e6:f2:ba:9e:c2:1c:80:3a:df:92:88:cd:73: c4:20:8d:26:12:5d:97:b0:14:f2:10:2a:50:3f:8f: ed:cd:a2:4f:dc:86:72:79:41:3e:e1:11:3d:a4:0c: 57:b5:1c:f2:ff:63:68:da:98:a5:47:c0:a7:7f:5e: f6:54:e3:cc:93:5b:17:4e:76:18:0a:24:cf:48:0d: 03:07:09:ba:d3:82:ee:51:25:17:7a:07:6d:ab:14: c3:2c:71:f3:25:cf:2a:58:17:21:47:31:19:7e:2b: 9a:13:ee:c3:e2:b0:97:23:ab:8a:cf:e1:02:bd:3a: 8d:94:88:81:5c:5b:e1:7d:4b:21:fd:dd:ea:8a:43: 65:68:e8:4f:49:bc:3d:11:c6:91:df:4e:17:bc:42: 05:80:d1:3f:b1:84:7a:87:0f:ec:dc:f1:f5:2e:2a: f6:05:ba:ab:ba:a5:4c:af:e3:20:8a:13:cc:d4:d9: ed:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5F:AB:4C:67:F6:51:9C:EB:D6:BC:43:D8:B8:64:2B:5E:A7:78:16 X509v3 Authority Key Identifier: keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ca:89:b7:33:0e:54:b6:de:23:35:e5:8d:76:a4:7e:1d:e6:4c: 46:cd:65:12:d9:7c:08:38:1c:d2:ae:bc:53:ee:06:93:13:db: e6:9e:e2:ac:ac:f0:27:3f:b0:f5:e7:1b:43:74:1b:63:e6:ef: f2:1c:82:b0:23:bc:1f:f2:bc:1e:d9:8e:0c:fc:89:60:de:05: a0:7a:ee:27:17:79:38:b8:76:b1:c4:5b:57:09:eb:a3:9b:8a: 09:e8:35:3b:8a:a5:25:09:dd:aa:1c:5d:41:b1:90:4f:ba:d2: b7:64:f8:ad:af:24:1f:c6:fd:fb:3f:33:44:fb:ad:15:23:e7: a8:46:dd:e8:52:7f:a5:f1:1c:f3:90:92:bc:55:92:ec:d2:df: 18:f2:a8:da:94:1a:4f:10:8c:a1:c9:fc:b9:44:d3:18:50:04: fc:9d:35:4c:b9:48:3d:57:78:76:35:41:7f:cd:3e:e7:25:da: dc:e3:00:bd:9a:be:e5:2c:d5:1a:cf:41:f6:b1:88:ba:40:7c: 09:79:12:29:e4:d0:cf:ca:60:06:53:8f:08:c4:93:a4:df:ce: b3:47:a9:c5:a0:30:8e:c0:0a:8d:5d:32:1f:0d:4a:cc:98:d1: bf:bf:3f:3f:09:c2:e1:26:0a:85:3e:19:01:b1:c4:b0:3b:b2: 58:07:09:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0LhU/HiB386UhOexupThaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl ZGI3NjMwHhcNMjUxMjA2MTUwMDUxWhcNMjUxMjA3MTUwMDUxWjAzMTEwLwYDVQQD Eyg2MDVmYWI0YzY3ZjY1MTljZWJkNmJjNDNkOGI4NjQyYjVlYTc3ODE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApluBLzpwtLpxYC5dxpwO8RHZAQY1 RZKI3oflDPdOT45hqWM4MXYMAl/xfQakesTlATRHbwQvbcCYMeRNAlWSxe9hKYCK KlWab27jF+byup7CHIA635KIzXPEII0mEl2XsBTyECpQP4/tzaJP3IZyeUE+4RE9 pAxXtRzy/2No2pilR8Cnf172VOPMk1sXTnYYCiTPSA0DBwm604LuUSUXegdtqxTD LHHzJc8qWBchRzEZfiuaE+7D4rCXI6uKz+ECvTqNlIiBXFvhfUsh/d3qikNlaOhP Sbw9EcaR304XvEIFgNE/sYR6hw/s3PH1Lir2BbqruqVMr+MgihPM1NntkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGBfq0xn9lGc69a8Q9i4ZCtep3gWMB8GA1UdIwQY MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyom3Mw5U tt4jNeWNdqR+HeZMRs1lEtl8CDgc0q68U+4GkxPb5p7irKzwJz+w9ecbQ3QbY+bv 8hyCsCO8H/K8HtmODPyJYN4FoHruJxd5OLh2scRbVwnro5uKCeg1O4qlJQndqhxd QbGQT7rSt2T4ra8kH8b9+z8zRPutFSPnqEbd6FJ/pfEc85CSvFWS7NLfGPKo2pQa TxCMocn8uUTTGFAE/J01TLlIPVd4djVBf80+5yXa3OMAvZq+5SzVGs9B9rGIukB8 CXkSKeTQz8pgBlOPCMSTpN/Os0epxaAwjsAKjV0yHw1KzJjRv78/PwnC4SYKhT4Z AbHEsDuyWAcJYw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:42:33 2025 by rpki-client