This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft File: H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json) Hash identifier: itRM7EeXtUliOLrxKL1VnJF4Nx1mBJ+XYA8EV9mocMc= Subject key identifier: 9E:62:9C:1C:AD:F3:08:3D:9B:17:56:A3:88:18:FC:6A:1F:18:7B:59 Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED Certificate issuer: /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed Certificate serial: 019AF31C1DDC9CDF7903C648E4BA3CF0C7D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft Manifest number: 1022 Signing time: Sat 06 Dec 2025 10:01:37 +0000 Manifest this update: Sat 06 Dec 2025 10:01:37 +0000 Manifest next update: Sun 07 Dec 2025 10:01:37 +0000 Files and hashes: 1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: ThnAVASDGz19g0LgqR/O8LA3prA7w4m1ikmwGvgsOMQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:1d:dc:9c:df:79:03:c6:48:e4:ba:3c:f0:c7:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed Validity Not Before: Dec 6 10:01:37 2025 GMT Not After : Dec 7 10:01:37 2025 GMT Subject: CN=9e629c1cadf3083d9b1756a38818fc6a1f187b59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:d0:77:97:57:65:0e:4e:25:60:03:68:99:f0: 65:0d:a8:f3:c3:16:02:51:ce:2d:ec:0d:b7:f9:e8: 00:e9:b4:ad:65:ff:a6:d8:d4:e7:a0:d9:29:44:3d: fa:c5:b7:a2:11:fa:c7:bd:79:a6:77:6e:ea:f5:f9: f1:a8:9b:95:e4:2c:be:be:6d:be:eb:2e:cd:1f:70: 60:58:45:46:01:3e:98:03:f7:1d:72:1e:84:05:c6: cf:5f:ea:8f:03:b6:d2:c9:c8:91:e2:c7:3e:31:97: cd:73:70:fc:ad:38:bc:57:00:7c:d5:66:76:e6:1e: ce:91:3a:35:71:cd:68:52:cf:c0:c2:b3:ac:cc:1c: 63:03:c4:9a:d3:2a:ae:f6:dc:ce:b3:97:8d:a3:d4: 52:06:a5:38:95:51:2e:e7:e2:a0:34:13:f0:4e:f3: bf:b0:b2:cf:e2:82:a5:0e:8d:2c:0b:26:16:cd:60: 6b:97:e6:e1:9b:e0:9b:9c:d6:9c:80:ca:b1:e0:87: d0:7a:23:9f:9e:1b:40:62:e9:23:61:12:d8:d5:05: 1b:8c:0b:6e:e0:9e:74:4b:c1:cf:c4:40:f6:74:d6: 9a:98:1d:13:d4:43:82:42:f8:95:15:29:7b:8b:8c: 4d:d0:2a:e3:56:26:c3:92:99:d1:5d:20:7f:74:89: 80:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:62:9C:1C:AD:F3:08:3D:9B:17:56:A3:88:18:FC:6A:1F:18:7B:59 X509v3 Authority Key Identifier: keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:72:17:e1:15:47:31:63:2c:d4:97:75:e5:79:07:b2:35:28: 6e:9c:a8:d2:4d:54:c2:53:ae:bf:e1:a8:ff:fa:ca:90:ff:f7: a0:d8:78:57:dd:8a:b5:cf:cb:13:ad:cf:3d:ea:ba:b9:ba:29: 2b:9f:8a:69:ea:d7:c2:b2:59:69:f1:e0:c3:a5:fe:eb:5a:07: a1:f8:de:31:9f:ee:39:6b:08:43:0a:d5:b3:5f:90:88:6c:64: 37:b6:a9:9d:f1:d8:68:d6:aa:d5:c1:8d:7a:cd:70:82:33:e6: 91:d7:b4:df:24:bb:d2:13:84:5e:fe:6c:1b:19:85:63:1a:8f: 15:49:52:cb:cd:87:26:5c:2c:75:5b:81:d4:c3:7d:d4:c9:12: 47:54:d6:5f:e6:f9:aa:4d:67:61:cd:00:35:2c:0c:ab:53:b2: 30:c2:ff:b3:df:6e:c6:77:a6:13:d6:ad:47:94:ec:c6:2a:66: 6b:60:15:09:9e:34:69:80:a2:db:07:5b:b9:96:6c:e5:cc:8f: 2a:f8:08:46:c5:eb:b1:c4:db:2b:26:e3:f0:41:b0:ab:be:41: f6:39:3a:ec:73:25:80:a2:5f:90:d9:a2:9a:15:bf:7b:ed:ed: 6b:7f:74:56:4f:04:3a:de:0a:f8:34:19:a9:ed:c9:12:d2:39: 5d:28:4a:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHB3cnN95A8ZI5Lo88MfVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw N2Q0ZWQwHhcNMjUxMjA2MTAwMTM3WhcNMjUxMjA3MTAwMTM3WjAzMTEwLwYDVQQD Eyg5ZTYyOWMxY2FkZjMwODNkOWIxNzU2YTM4ODE4ZmM2YTFmMTg3YjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdB3l1dlDk4lYANomfBlDajzwxYC Uc4t7A23+egA6bStZf+m2NTnoNkpRD36xbeiEfrHvXmmd27q9fnxqJuV5Cy+vm2+ 6y7NH3BgWEVGAT6YA/cdch6EBcbPX+qPA7bSyciR4sc+MZfNc3D8rTi8VwB81WZ2 5h7OkTo1cc1oUs/AwrOszBxjA8Sa0yqu9tzOs5eNo9RSBqU4lVEu5+KgNBPwTvO/ sLLP4oKlDo0sCyYWzWBrl+bhm+CbnNacgMqx4IfQeiOfnhtAYukjYRLY1QUbjAtu 4J50S8HPxED2dNaamB0T1EOCQviVFSl7i4xN0CrjVibDkpnRXSB/dImAHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ5inByt8wg9mxdWo4gY/GofGHtZMB8GA1UdIwQY MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1 LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXIX4RVH MWMs1Jd15XkHsjUobpyo0k1UwlOuv+Go//rKkP/3oNh4V92Ktc/LE63PPeq6ubop K5+KaerXwrJZafHgw6X+61oHofjeMZ/uOWsIQwrVs1+QiGxkN7apnfHYaNaq1cGN es1wgjPmkde03yS70hOEXv5sGxmFYxqPFUlSy82HJlwsdVuB1MN91MkSR1TWX+b5 qk1nYc0ANSwMq1OyMML/s99uxnemE9atR5Tsxipma2AVCZ40aYCi2wdbuZZs5cyP KvgIRsXrscTbKybj8EGwq75B9jk67HMlgKJfkNmimhW/e+3ta390Vk8EOt4K+DQZ qe3JEtI5XShK2w== -----END CERTIFICATE-----Generated at Sat Dec 6 14:24:42 2025 by rpki-client