This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft File: HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json) Hash identifier: VD2ezcPZNfjMsF0NmIHIYNW6q7Vq7gx+44d6QCFGMnQ= Subject key identifier: 22:95:51:7B:5D:88:4E:FD:B0:00:2F:AC:EE:E0:CC:4D:3C:20:AE:21 Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE Certificate issuer: /CN=1d1de7950923a964319e2c338349bd12687be4ae Certificate serial: 019AF31B604225328C4D2C7610939773C166 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft Manifest number: 0BD8 Signing time: Sat 06 Dec 2025 10:00:48 +0000 Manifest this update: Sat 06 Dec 2025 10:00:48 +0000 Manifest next update: Sun 07 Dec 2025 10:00:48 +0000 Files and hashes: 1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: cs50XftnAp3rqvbE1OOQRokEb4/hAPjxWpy5mpK6HCs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:60:42:25:32:8c:4d:2c:76:10:93:97:73:c1:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae Validity Not Before: Dec 6 10:00:48 2025 GMT Not After : Dec 7 10:00:48 2025 GMT Subject: CN=2295517b5d884efdb0002faceee0cc4d3c20ae21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:56:a0:38:6c:58:e3:db:6c:c8:0d:64:17:a5: 39:b0:f3:b3:9d:47:95:90:b9:a4:f0:f8:b8:ec:a2: e9:80:c6:99:a7:12:94:e9:16:b3:15:62:13:86:66: 24:b9:21:3c:59:fb:29:90:40:01:67:06:b0:bd:a3: 2c:06:b4:ff:93:22:11:bc:cd:50:23:f8:64:43:d4: 62:d5:4c:e2:f7:ce:5f:c6:f7:40:91:7b:96:0c:0d: be:c0:d6:8c:04:db:0e:15:54:f0:d5:40:20:d1:c7: 63:38:bb:19:d5:aa:1e:36:01:80:9d:98:f9:07:26: c8:05:f6:cc:42:43:a4:4c:56:5e:ca:89:9e:42:7b: 4a:da:92:c6:2a:fd:8b:87:1e:18:f5:04:b3:f1:1d: bc:81:04:36:34:f4:45:c4:2c:7c:a8:f8:57:91:f6: 43:f4:9d:d0:2a:82:62:9d:68:be:9e:f3:8e:ad:75: 2a:52:22:74:cd:a2:a2:bd:d5:25:c0:a8:c3:03:98: 06:6e:8f:b3:ad:de:c6:b0:1a:72:e1:ed:99:cd:69: 61:76:e3:6c:05:7e:9b:15:e5:a7:f0:30:f1:5d:4e: 93:d8:19:33:b6:84:28:7d:8f:96:a4:6f:e7:22:b1: 46:6d:6c:c0:49:4e:ef:3e:f3:5c:f9:69:12:71:46: e4:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:95:51:7B:5D:88:4E:FD:B0:00:2F:AC:EE:E0:CC:4D:3C:20:AE:21 X509v3 Authority Key Identifier: keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:2f:e7:f3:bb:7a:12:ea:d3:ee:5d:cb:dd:5a:f9:e1:c2:32: 04:68:c5:d7:e8:cd:7e:a4:14:0e:fd:0f:29:15:a2:5d:b4:e3: 7a:4f:e1:61:47:ed:b0:2c:e2:c2:ac:45:ad:5d:49:e3:ab:54: 08:11:bf:d3:62:87:24:e4:c3:9d:3d:a4:51:cc:62:bc:c6:c2: 0d:42:0e:19:a7:36:cc:2b:7a:3d:ca:f2:6f:1a:8e:98:7a:13: a4:79:2a:a1:81:eb:7e:7a:30:94:01:ec:f1:06:54:c3:ad:c2: 85:22:11:ad:05:46:2c:1a:78:96:46:d7:f6:4d:24:67:ce:2e: b2:4d:d3:4f:61:68:dd:63:5e:35:55:a2:f4:09:68:2f:57:be: ba:7f:79:db:7d:c1:64:d6:42:7b:53:0b:8b:7c:e6:dc:2b:e6: f7:c6:57:de:ae:c5:45:40:69:d0:ec:e9:a5:cd:5a:5f:32:f2: 73:1e:92:ac:89:0b:14:84:1e:f4:78:97:10:95:b6:f1:70:f0: a5:68:73:c3:77:c7:73:88:ef:0a:8c:0f:a3:4d:e3:19:0d:75: 06:8d:b7:b6:04:6c:f7:a9:50:41:0c:7c:60:c6:7c:4b:a8:01: ac:e3:67:74:ab:0f:e2:3a:bf:da:9e:3a:2c:cc:ca:43:46:9d: a1:52:7c:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG2BCJTKMTSx2EJOXc8FmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3 YmU0YWUwHhcNMjUxMjA2MTAwMDQ4WhcNMjUxMjA3MTAwMDQ4WjAzMTEwLwYDVQQD EygyMjk1NTE3YjVkODg0ZWZkYjAwMDJmYWNlZWUwY2M0ZDNjMjBhZTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVagOGxY49tsyA1kF6U5sPOznUeV kLmk8Pi47KLpgMaZpxKU6RazFWIThmYkuSE8WfspkEABZwawvaMsBrT/kyIRvM1Q I/hkQ9Ri1Uzi985fxvdAkXuWDA2+wNaMBNsOFVTw1UAg0cdjOLsZ1aoeNgGAnZj5 BybIBfbMQkOkTFZeyomeQntK2pLGKv2Lhx4Y9QSz8R28gQQ2NPRFxCx8qPhXkfZD 9J3QKoJinWi+nvOOrXUqUiJ0zaKivdUlwKjDA5gGbo+zrd7GsBpy4e2ZzWlhduNs BX6bFeWn8DDxXU6T2BkztoQofY+WpG/nIrFGbWzASU7vPvNc+WkScUbk4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCKVUXtdiE79sAAvrO7gzE08IK4hMB8GA1UdIwQY MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACi/n87t6 EurT7l3L3Vr54cIyBGjF1+jNfqQUDv0PKRWiXbTjek/hYUftsCziwqxFrV1J46tU CBG/02KHJOTDnT2kUcxivMbCDUIOGac2zCt6PcrybxqOmHoTpHkqoYHrfnowlAHs 8QZUw63ChSIRrQVGLBp4lkbX9k0kZ84usk3TT2Fo3WNeNVWi9AloL1e+un95233B ZNZCe1MLi3zm3Cvm98ZX3q7FRUBp0Ozppc1aXzLycx6SrIkLFIQe9HiXEJW28XDw pWhzw3fHc4jvCowPo03jGQ11Bo23tgRs96lQQQx8YMZ8S6gBrONndKsP4jq/2p46 LMzKQ0adoVJ8bA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:25:25 2025 by rpki-client