This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft File: h1bSd2jhHZSgu837P7zXQNRaAPQ.mft (raw, json) Hash identifier: XtZVFcG6WcbvF4hshHLldMgK8IoldXselcW1J/kS2F0= Subject key identifier: 6E:A3:C7:87:75:AD:6A:AD:7D:AC:D4:4B:32:97:D6:B3:2C:55:F1:2C Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4 Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4 Certificate serial: 019AF0BF8BEDDADD7FDD9E8171FAE3AE4A10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft Manifest number: 1243 Signing time: Fri 05 Dec 2025 23:01:16 +0000 Manifest this update: Fri 05 Dec 2025 23:01:16 +0000 Manifest next update: Sat 06 Dec 2025 23:01:16 +0000 Files and hashes: 1: h1bSd2jhHZSgu837P7zXQNRaAPQ.crl (hash: KfGVbgeOQ8l2cz1Qtlv0YMIskUBhP/sdnBWDI+g1h/E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:8b:ed:da:dd:7f:dd:9e:81:71:fa:e3:ae:4a:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4 Validity Not Before: Dec 5 23:01:16 2025 GMT Not After : Dec 6 23:01:16 2025 GMT Subject: CN=6ea3c78775ad6aad7dacd44b3297d6b32c55f12c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b1:0d:c0:ac:5c:fa:10:55:94:6e:a6:50:67: 4d:4e:fb:3b:aa:fe:f7:e7:3a:26:cd:0c:65:fb:a8: ec:0a:cc:c4:68:c8:69:5b:3f:1b:e6:6d:b8:d0:e3: 82:b4:02:1a:03:25:1e:0d:32:9d:1e:c2:95:b3:8a: bc:c8:a5:0a:94:8e:2c:25:07:ce:e3:f2:23:00:ef: b1:7e:c4:42:21:eb:f1:e3:71:5a:68:62:93:b3:2c: 10:82:ad:88:40:68:92:e1:c9:a9:0e:d5:ba:a0:6f: ed:18:8e:e5:c6:5c:b3:e3:5a:c6:93:0e:9f:9c:0e: 7d:61:72:7f:21:ef:e3:7a:d9:3c:42:df:2e:b7:68: 64:c2:11:5b:64:77:46:f2:ed:ca:cb:51:b6:a4:f9: 15:c5:17:af:26:0e:ce:6c:35:7b:ee:65:b4:52:91: e4:2d:59:11:85:9e:f2:5c:54:49:a3:a9:ab:a0:e7: a2:b0:2f:79:3e:31:e9:33:22:b6:b1:1c:13:2a:ca: 7b:76:1a:b9:09:96:e6:55:ce:87:62:03:68:f8:c1: 71:51:9f:fe:16:1a:bb:b5:22:a7:ed:24:99:00:37: 2b:14:94:bf:7e:92:9e:48:14:47:61:d1:11:2a:e7: e1:cc:92:90:d1:e3:e3:fa:7d:92:b3:2b:4d:cd:bb: 56:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:A3:C7:87:75:AD:6A:AD:7D:AC:D4:4B:32:97:D6:B3:2C:55:F1:2C X509v3 Authority Key Identifier: keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:07:3d:56:3e:0c:ee:f7:a8:a0:69:a2:a4:23:4f:df:84:b1: f0:c1:e4:4f:53:6c:f7:5b:cf:40:69:ff:ad:61:6e:43:10:af: b9:0c:19:7a:d2:92:28:6c:04:de:1c:1e:02:b4:5f:f6:61:14: 58:7d:e9:1b:91:7b:df:bc:d8:e6:1a:f2:5c:a1:ac:57:30:1c: 4c:e7:20:37:75:1b:bd:a9:35:39:1e:ae:88:19:1f:8f:f4:eb: 58:06:60:ee:94:5d:4c:76:d0:4d:50:98:7e:d0:f0:ee:4d:fc: 31:a2:71:3a:97:30:08:92:1a:12:2b:9e:cd:4f:05:fb:ec:21: 8a:41:ee:3d:9d:cd:e5:25:7f:f5:4f:68:8c:08:ab:1f:3a:39: dd:be:16:b1:b2:b8:12:28:04:c9:df:20:07:63:02:53:9f:9f: 81:22:fc:f5:b5:22:81:fc:28:78:12:93:b6:fb:3b:eb:3c:2e: 95:92:16:38:c6:a6:6c:38:45:45:40:e8:b2:b8:1e:c8:1d:6c: e5:ca:72:c9:33:6e:fe:cf:91:33:09:52:cb:04:6a:d1:12:3a: ce:f3:55:8e:9c:82:d5:b0:1e:ab:22:5a:ad:77:70:d5:77:95: bc:4c:7f:10:06:71:49:c6:02:2a:9f:d9:8b:73:03:9b:4c:1b: bf:ba:69:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv4vt2t1/3Z6BcfrjrkoQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1 YTAwZjQwHhcNMjUxMjA1MjMwMTE2WhcNMjUxMjA2MjMwMTE2WjAzMTEwLwYDVQQD Eyg2ZWEzYzc4Nzc1YWQ2YWFkN2RhY2Q0NGIzMjk3ZDZiMzJjNTVmMTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrENwKxc+hBVlG6mUGdNTvs7qv73 5zomzQxl+6jsCszEaMhpWz8b5m240OOCtAIaAyUeDTKdHsKVs4q8yKUKlI4sJQfO 4/IjAO+xfsRCIevx43FaaGKTsywQgq2IQGiS4cmpDtW6oG/tGI7lxlyz41rGkw6f nA59YXJ/Ie/jetk8Qt8ut2hkwhFbZHdG8u3Ky1G2pPkVxRevJg7ObDV77mW0UpHk LVkRhZ7yXFRJo6mroOeisC95PjHpMyK2sRwTKsp7dhq5CZbmVc6HYgNo+MFxUZ/+ Fhq7tSKn7SSZADcrFJS/fpKeSBRHYdERKufhzJKQ0ePj+n2SsytNzbtWHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG6jx4d1rWqtfazUSzKX1rMsVfEsMB8GA1UdIwQY MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt YzNhMDJkN2MwNjk3LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3 LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAewc9Vj4M 7veooGmipCNP34Sx8MHkT1Ns91vPQGn/rWFuQxCvuQwZetKSKGwE3hweArRf9mEU WH3pG5F737zY5hryXKGsVzAcTOcgN3Ubvak1OR6uiBkfj/TrWAZg7pRdTHbQTVCY ftDw7k38MaJxOpcwCJIaEiuezU8F++whikHuPZ3N5SV/9U9ojAirHzo53b4WsbK4 EigEyd8gB2MCU5+fgSL89bUigfwoeBKTtvs76zwulZIWOMambDhFRUDosrgeyB1s 5cpyyTNu/s+RMwlSywRq0RI6zvNVjpyC1bAeqyJarXdw1XeVvEx/EAZxScYCKp/Z i3MDm0wbv7ppsQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:06:08 2025 by rpki-client