This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json) Hash identifier: cpQE96tz0gK/N0IbD8hZhMGCdap4MRTTKjtwIbHpPfA= Subject key identifier: DD:62:EE:D2:BE:1F:0A:9D:F7:AE:7E:D2:E3:13:6E:74:E3:DE:66:F6 Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36 Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36 Certificate serial: 019AF12E2ED720E1B6574A82A7E9B51F750A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft Manifest number: 0342 Signing time: Sat 06 Dec 2025 01:02:06 +0000 Manifest this update: Sat 06 Dec 2025 01:02:06 +0000 Manifest next update: Sun 07 Dec 2025 01:02:06 +0000 Files and hashes: 1: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: hmKD4kkhbV+lyw3j2SviZ3BDdFUcytX723N/no0BdbY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:2e:d7:20:e1:b6:57:4a:82:a7:e9:b5:1f:75:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36 Validity Not Before: Dec 6 01:02:06 2025 GMT Not After : Dec 7 01:02:06 2025 GMT Subject: CN=dd62eed2be1f0a9df7ae7ed2e3136e74e3de66f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:03:32:b5:83:9f:65:12:5a:12:33:f7:98:7a: c8:6f:06:3c:c4:8a:79:f0:21:72:0f:45:f6:36:37: 35:1e:a5:9c:32:d4:37:f2:1c:e1:95:51:4b:4a:d0: 98:7c:0d:31:1a:f9:c1:52:23:fe:78:e3:8e:7e:6f: 3a:95:c7:e0:e9:61:02:9f:e6:17:0b:2d:0f:56:c9: 57:60:ba:62:43:8d:9c:f6:f4:f8:cd:81:26:06:ae: cc:0a:83:2d:7b:2a:60:f2:77:f3:a6:80:15:d2:bf: 78:bb:bf:78:19:35:d3:88:26:95:c0:81:49:82:a3: 98:ba:93:04:16:9c:3a:20:61:e6:32:b8:3e:29:a1: a6:5e:c8:2b:29:21:ef:83:63:c3:39:e8:d3:31:31: 51:03:5c:db:95:0d:dc:85:0e:8a:d0:ae:39:0e:cd: df:7f:24:1d:87:ca:de:17:4b:49:68:4f:f8:a7:dd: b7:c4:32:8b:26:58:30:92:60:d6:dc:67:77:32:cf: 11:ba:91:46:03:89:34:08:2e:fb:8f:43:14:01:5d: 7d:9b:44:29:77:bd:df:bc:77:1a:16:2b:ba:49:68: ed:20:e1:e0:48:3f:e3:2f:ee:50:da:7d:0c:d4:bc: 1e:8e:b1:a4:25:52:93:d2:a7:58:f5:78:d2:5c:81: fa:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:62:EE:D2:BE:1F:0A:9D:F7:AE:7E:D2:E3:13:6E:74:E3:DE:66:F6 X509v3 Authority Key Identifier: keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:90:c8:ce:3c:00:80:3d:7a:60:d5:ad:8b:47:f8:0e:af:62: c4:ba:0b:0a:54:b5:c0:98:e1:4d:af:16:44:bb:d3:af:54:c4: c0:29:da:04:94:0c:32:fc:fc:d6:98:14:72:d2:f7:fe:19:43: 3b:4d:25:79:da:e4:c2:3a:18:9b:b9:cd:f1:90:49:1a:29:72: 9f:b7:31:af:56:cc:e3:a4:5b:61:d4:16:6b:20:4a:1a:49:bc: 63:84:3f:4c:9a:1e:dd:5d:a7:da:fa:51:4f:75:23:8a:bd:1f: 19:c1:66:66:0c:b9:02:52:63:0c:b6:8c:93:61:bf:b1:e1:a2: c2:71:b6:79:e3:e7:58:db:2a:98:ef:37:26:ff:9d:18:f3:27: 34:65:8c:a9:bb:c2:c7:a8:14:96:5f:4d:1a:b4:dd:43:55:d9: 64:d4:9a:0e:84:b6:1e:8d:15:07:67:ef:d7:22:6e:76:c5:0a: b3:34:41:26:d7:bc:7f:a8:3a:5e:84:ec:80:9f:50:ff:b0:b9: 25:e0:51:f2:cf:68:b6:03:8e:66:91:f3:d7:44:49:05:98:de: 0b:08:d9:73:df:c1:3c:7f:db:79:b9:14:3a:5b:83:a2:75:c6: a2:b2:ad:7e:98:b9:e0:8b:b5:15:1a:98:79:4a:c2:4a:1b:81: a0:bb:38:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLi7XIOG2V0qCp+m1H3UKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1 M2JlMzYwHhcNMjUxMjA2MDEwMjA2WhcNMjUxMjA3MDEwMjA2WjAzMTEwLwYDVQQD EyhkZDYyZWVkMmJlMWYwYTlkZjdhZTdlZDJlMzEzNmU3NGUzZGU2NmY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wMytYOfZRJaEjP3mHrIbwY8xIp5 8CFyD0X2Njc1HqWcMtQ38hzhlVFLStCYfA0xGvnBUiP+eOOOfm86lcfg6WECn+YX Cy0PVslXYLpiQ42c9vT4zYEmBq7MCoMteypg8nfzpoAV0r94u794GTXTiCaVwIFJ gqOYupMEFpw6IGHmMrg+KaGmXsgrKSHvg2PDOejTMTFRA1zblQ3chQ6K0K45Ds3f fyQdh8reF0tJaE/4p923xDKLJlgwkmDW3Gd3Ms8RupFGA4k0CC77j0MUAV19m0Qp d73fvHcaFiu6SWjtIOHgSD/jL+5Q2n0M1LwejrGkJVKT0qdY9XjSXIH6sQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN1i7tK+Hwqd965+0uMTbnTj3mb2MB8GA1UdIwQY MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArpDIzjwA gD16YNWti0f4Dq9ixLoLClS1wJjhTa8WRLvTr1TEwCnaBJQMMvz81pgUctL3/hlD O00ledrkwjoYm7nN8ZBJGilyn7cxr1bM46RbYdQWayBKGkm8Y4Q/TJoe3V2n2vpR T3Ujir0fGcFmZgy5AlJjDLaMk2G/seGiwnG2eePnWNsqmO83Jv+dGPMnNGWMqbvC x6gUll9NGrTdQ1XZZNSaDoS2Ho0VB2fv1yJudsUKszRBJte8f6g6XoTsgJ9Q/7C5 JeBR8s9otgOOZpHz10RJBZjeCwjZc9/BPH/bebkUOluDonXGorKtfpi54Iu1FRqY eUrCShuBoLs4bg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:33:40 2025 by rpki-client