This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft File: h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json) Hash identifier: 6B+MoWAqOB5/UijNWsbwxH7CZhku1JODXxHxOLtJ+xc= Subject key identifier: 1C:56:E7:06:74:A4:A8:12:75:BE:11:E1:74:4F:FD:42:AB:A2:AD:72 Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3 Certificate issuer: /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3 Certificate serial: 019AF12E22500F165C1A5AFF6E9D095AC7BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft Manifest number: 1022 Signing time: Sat 06 Dec 2025 01:02:03 +0000 Manifest this update: Sat 06 Dec 2025 01:02:03 +0000 Manifest next update: Sun 07 Dec 2025 01:02:03 +0000 Files and hashes: 1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: Q1PLVKJHGT4ZQzSv89yzTvxpzCj2RGLd7GJIlVuJ3i4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:22:50:0f:16:5c:1a:5a:ff:6e:9d:09:5a:c7:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3 Validity Not Before: Dec 6 01:02:03 2025 GMT Not After : Dec 7 01:02:03 2025 GMT Subject: CN=1c56e70674a4a81275be11e1744ffd42aba2ad72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:c0:a4:f7:30:c5:49:9e:f4:2a:c3:46:f8:c5: 77:ed:52:d6:3b:d9:24:42:71:61:26:2a:cd:97:15: 66:2f:14:84:2d:a2:4a:c4:3e:6b:df:d2:e1:8a:4f: 26:a5:95:47:57:dc:11:9c:f0:ae:7d:05:8a:43:50: 14:c3:f6:94:03:6e:7c:ce:bc:8f:32:1b:4a:5e:ec: 42:bf:5d:c2:b0:d2:ee:96:d0:32:1d:62:18:a3:90: 98:25:68:60:1a:d1:66:ca:0d:2a:d9:6e:f1:59:fe: bb:47:d8:ca:9d:76:87:ca:74:25:7f:d7:99:9f:b2: 5a:62:1b:03:b7:d5:64:59:5f:d7:8f:cb:59:ba:d0: d0:c9:cc:6f:41:f9:6c:2e:7c:1f:e1:3f:1e:7d:58: a5:e6:28:cb:47:b5:74:ea:ca:81:3f:2e:6f:8e:0b: 48:a2:0e:77:23:5f:db:a1:d0:d4:31:4e:f6:e9:c1: 45:bf:90:18:fb:44:08:b1:52:7c:6b:50:e1:44:dd: 05:13:1e:63:c4:80:50:68:40:90:8c:a3:86:52:6b: ce:1d:ec:33:80:0b:ba:a3:c3:db:38:ad:31:48:b5: 80:e2:3b:26:d1:b9:85:aa:d6:ee:0e:74:96:4b:15: 59:6e:77:ad:10:14:a2:cd:d1:95:ec:33:47:c1:b5: 71:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:56:E7:06:74:A4:A8:12:75:BE:11:E1:74:4F:FD:42:AB:A2:AD:72 X509v3 Authority Key Identifier: keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:02:b9:0d:bb:26:7e:07:a8:b9:31:d1:ba:15:7e:57:91:bd: c2:ce:ca:62:63:a2:e1:db:01:32:ab:21:2c:72:9d:b4:92:db: dd:9a:59:d2:0d:8d:11:2b:d7:e2:9a:ab:8f:b4:84:a5:fd:b2: f2:be:9f:e6:24:0d:20:98:a7:fb:e3:54:e9:f1:b1:74:f5:19: 30:23:64:28:44:0f:cd:be:a3:46:be:74:03:42:b2:ea:62:f2: 2e:15:1e:8d:49:38:8c:e2:bb:ae:e9:87:e8:6c:6b:e8:c6:6d: a5:23:91:3a:12:ee:50:2b:5b:cc:95:ea:3c:64:a4:09:97:f4: 34:71:d0:69:81:e1:7d:c5:3c:25:c2:1c:b7:55:5a:1e:49:79: 14:f5:e9:f5:55:ee:91:e8:ac:ce:bb:9b:8c:77:9e:2b:35:e4: 37:09:3b:63:b9:a5:f9:a4:39:20:e7:7e:76:2b:9b:e4:88:03: 36:6e:2c:ee:bd:e6:a0:03:76:4e:0c:b3:3e:52:79:0e:d6:db: 87:d7:7e:ee:37:f2:eb:39:6f:60:35:2f:e3:aa:9c:bf:c0:74: f4:14:fb:ca:fd:6b:72:f1:80:4a:7c:18:75:51:8c:67:fe:33: 27:66:3e:1f:aa:d5:18:35:33:e9:5d:2c:77:71:61:01:95:69: a9:72:30:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLiJQDxZcGlr/bp0JWse/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2 YzM3ZjMwHhcNMjUxMjA2MDEwMjAzWhcNMjUxMjA3MDEwMjAzWjAzMTEwLwYDVQQD EygxYzU2ZTcwNjc0YTRhODEyNzViZTExZTE3NDRmZmQ0MmFiYTJhZDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sCk9zDFSZ70KsNG+MV37VLWO9kk QnFhJirNlxVmLxSELaJKxD5r39Lhik8mpZVHV9wRnPCufQWKQ1AUw/aUA258zryP MhtKXuxCv13CsNLultAyHWIYo5CYJWhgGtFmyg0q2W7xWf67R9jKnXaHynQlf9eZ n7JaYhsDt9VkWV/Xj8tZutDQycxvQflsLnwf4T8efVil5ijLR7V06sqBPy5vjgtI og53I1/bodDUMU726cFFv5AY+0QIsVJ8a1DhRN0FEx5jxIBQaECQjKOGUmvOHewz gAu6o8PbOK0xSLWA4jsm0bmFqtbuDnSWSxVZbnetEBSizdGV7DNHwbVx/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBxW5wZ0pKgSdb4R4XRP/UKroq1yMB8GA1UdIwQY MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwK5Dbsm fgeouTHRuhV+V5G9ws7KYmOi4dsBMqshLHKdtJLb3ZpZ0g2NESvX4pqrj7SEpf2y 8r6f5iQNIJin++NU6fGxdPUZMCNkKEQPzb6jRr50A0Ky6mLyLhUejUk4jOK7rumH 6Gxr6MZtpSOROhLuUCtbzJXqPGSkCZf0NHHQaYHhfcU8JcIct1VaHkl5FPXp9VXu keiszrubjHeeKzXkNwk7Y7ml+aQ5IOd+diub5IgDNm4s7r3moAN2TgyzPlJ5Dtbb h9d+7jfy6zlvYDUv46qcv8B09BT7yv1rcvGASnwYdVGMZ/4zJ2Y+H6rVGDUz6V0s d3FhAZVpqXIweA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:25:47 2025 by rpki-client