This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft File: rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json) Hash identifier: X4jCoNeXSrH4zkV4eAiqdNcSdWh6grSE/4GgnmKUlDQ= Subject key identifier: 47:7C:BE:14:34:6A:D8:55:CA:EF:15:05:EF:67:46:D9:5D:27:C5:13 Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12 Certificate issuer: /CN=ac7239f3efdb3791f5be555299b5d81697f3d012 Certificate serial: 019AF19AEF64B4ECBB5C55277B46366E5C90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft Manifest number: 131D Signing time: Sat 06 Dec 2025 03:00:54 +0000 Manifest this update: Sat 06 Dec 2025 03:00:54 +0000 Manifest next update: Sun 07 Dec 2025 03:00:54 +0000 Files and hashes: 1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: BTgXsy7zsVXUj7mPeoUXZ7d0vhWYrWQkuT9A9O9L5Pc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:ef:64:b4:ec:bb:5c:55:27:7b:46:36:6e:5c:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012 Validity Not Before: Dec 6 03:00:54 2025 GMT Not After : Dec 7 03:00:54 2025 GMT Subject: CN=477cbe14346ad855caef1505ef6746d95d27c513 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:db:dc:54:be:2c:6f:4c:60:35:5d:35:42:69: 2d:4b:86:f3:f1:fd:11:b3:ea:c2:1c:0d:98:f3:b1: 00:f1:83:86:94:fa:fb:67:82:56:52:23:30:ba:6e: d6:b2:0a:98:37:b7:70:41:2d:09:39:98:b1:d3:08: 4f:34:45:20:f5:89:80:57:ad:e6:87:e1:3d:bd:23: 68:6e:e0:e3:48:d8:2f:a0:7c:a6:97:b9:fe:f7:63: 1f:a6:c9:2e:70:89:74:68:1b:a8:94:13:56:01:c0: 71:cf:db:7f:b3:4d:f2:a6:69:ae:31:d3:87:eb:15: ab:c1:bf:c3:88:fa:73:1f:5c:40:4c:4c:96:70:db: d4:b9:75:56:14:58:17:4b:17:d3:ca:a9:35:54:da: c4:f8:40:d2:0c:cc:06:71:2c:24:8a:ef:f7:17:34: 1f:33:b1:74:b1:c4:5d:8c:4c:a0:2a:98:dc:10:db: be:6f:5e:f1:19:42:88:9f:31:8c:bd:fb:11:55:e4: 2c:e6:9c:53:e2:72:59:3e:87:e1:18:82:49:e9:bf: b9:f0:4c:b0:41:b8:c5:7c:bb:81:7e:97:da:da:0f: 41:13:9b:5b:d5:b9:0a:07:d6:3a:9d:5f:6a:7a:29: c3:83:af:f0:a4:61:ab:c0:cc:6f:9f:f0:76:bf:f8: 5f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:7C:BE:14:34:6A:D8:55:CA:EF:15:05:EF:67:46:D9:5D:27:C5:13 X509v3 Authority Key Identifier: keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:13:16:bf:30:9d:8a:6a:e8:7d:36:ec:be:d4:9b:19:fb:7d: 7b:a6:f6:a5:0b:f8:6a:15:50:54:72:12:e5:06:db:5b:65:cd: 09:9d:ad:66:c7:1c:28:c2:c2:35:3d:84:60:d6:5f:aa:cd:e1: ba:84:42:60:a5:8d:09:0b:2a:06:85:8f:14:57:07:07:6c:1a: b2:29:4d:b1:ad:cf:c0:42:3d:b6:6a:a1:b6:a5:06:e5:7d:26: 97:30:55:07:d6:fd:61:81:ae:fa:82:84:ed:81:ba:55:85:5d: 02:bf:c6:3c:11:fc:6a:8f:07:92:7d:ec:f3:6a:ce:4f:e6:ec: d9:20:1b:b5:0c:8a:5a:d2:43:83:c8:98:41:0f:9f:c1:ba:a0: eb:09:1f:46:cb:1b:d5:2c:0b:5b:85:71:ac:af:93:51:8a:d6: 83:8c:82:c7:4c:28:e1:85:a7:7b:36:bc:d5:32:e6:c2:28:cc: ad:45:93:0f:a0:aa:db:f7:9a:a2:88:23:44:ca:ee:21:15:3c: 1e:36:48:ac:ce:bc:61:53:65:53:8d:10:bf:12:dd:77:06:48: e1:18:20:16:7d:56:e1:45:81:05:80:a3:9e:62:93:19:02:d4: f6:8c:b5:74:27:8b:70:b7:e7:47:7f:04:49:62:a1:65:28:63: b6:58:98:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmu9ktOy7XFUne0Y2blyQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm M2QwMTIwHhcNMjUxMjA2MDMwMDU0WhcNMjUxMjA3MDMwMDU0WjAzMTEwLwYDVQQD Eyg0NzdjYmUxNDM0NmFkODU1Y2FlZjE1MDVlZjY3NDZkOTVkMjdjNTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytvcVL4sb0xgNV01QmktS4bz8f0R s+rCHA2Y87EA8YOGlPr7Z4JWUiMwum7WsgqYN7dwQS0JOZix0whPNEUg9YmAV63m h+E9vSNobuDjSNgvoHyml7n+92MfpskucIl0aBuolBNWAcBxz9t/s03ypmmuMdOH 6xWrwb/DiPpzH1xATEyWcNvUuXVWFFgXSxfTyqk1VNrE+EDSDMwGcSwkiu/3FzQf M7F0scRdjEygKpjcENu+b17xGUKInzGMvfsRVeQs5pxT4nJZPofhGIJJ6b+58Eyw QbjFfLuBfpfa2g9BE5tb1bkKB9Y6nV9qeinDg6/wpGGrwMxvn/B2v/hfkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEd8vhQ0athVyu8VBe9nRtldJ8UTMB8GA1UdIwQY MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASRMWvzCd imrofTbsvtSbGft9e6b2pQv4ahVQVHIS5QbbW2XNCZ2tZsccKMLCNT2EYNZfqs3h uoRCYKWNCQsqBoWPFFcHB2wasilNsa3PwEI9tmqhtqUG5X0mlzBVB9b9YYGu+oKE 7YG6VYVdAr/GPBH8ao8Hkn3s82rOT+bs2SAbtQyKWtJDg8iYQQ+fwbqg6wkfRssb 1SwLW4VxrK+TUYrWg4yCx0wo4YWneza81TLmwijMrUWTD6Cq2/eaoogjRMruIRU8 HjZIrM68YVNlU40QvxLddwZI4RggFn1W4UWBBYCjnmKTGQLU9oy1dCeLcLfnR38E SWKhZShjtliYgw== -----END CERTIFICATE-----Generated at Sat Dec 6 06:57:58 2025 by rpki-client