This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft File: hRRRk1wYRkb4aHgjivsKDVqwut4.mft (raw, json) Hash identifier: CGUD1vfWx75/EMzk9XkhfaiSEqBy45VtN355lDpzVuo= Subject key identifier: A0:3A:18:D9:09:7F:CE:01:69:F8:92:7F:90:CD:51:F4:EA:41:E9:9B Authority key identifier: 85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE Certificate issuer: /CN=851451935c184646f86878238afb0a0d5ab0bade Certificate serial: 019AF509F78AF0E840A6B9B02AA60CCB0D0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft Manifest number: 0112 Signing time: Sat 06 Dec 2025 19:01:02 +0000 Manifest this update: Sat 06 Dec 2025 19:01:02 +0000 Manifest next update: Sun 07 Dec 2025 19:01:02 +0000 Files and hashes: 1: hRRRk1wYRkb4aHgjivsKDVqwut4.crl (hash: q6kzs2gAzuL7zOXD6O860BhjHjUbNX/3il/bAzny6wo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:f7:8a:f0:e8:40:a6:b9:b0:2a:a6:0c:cb:0d:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=851451935c184646f86878238afb0a0d5ab0bade Validity Not Before: Dec 6 19:01:02 2025 GMT Not After : Dec 7 19:01:02 2025 GMT Subject: CN=a03a18d9097fce0169f8927f90cd51f4ea41e99b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:21:cd:1e:1f:75:97:40:5a:7d:9e:e9:39:f3: 22:a7:00:82:2e:06:1f:c8:d6:65:7b:20:cb:d1:f3: 7d:76:92:c0:4b:17:a2:7c:35:b8:71:1c:89:e1:c9: 3b:82:32:2a:71:35:cc:5a:c8:94:0b:19:54:01:ee: 51:98:b8:07:b4:4e:4c:6a:60:e0:cb:0f:f2:18:2d: 8e:43:12:b6:95:af:b1:4e:28:63:d1:01:f8:0f:f1: cf:ee:50:40:31:5b:d5:e1:50:f4:17:51:32:71:6d: 28:ca:60:21:eb:5e:e2:ce:75:0a:78:91:69:85:ad: 64:48:49:18:b5:ff:74:51:69:46:9a:55:7c:a9:e0: 75:23:34:7c:ee:f5:e8:07:cc:e5:3b:52:05:6e:10: a7:dc:58:1c:85:b9:62:5c:a1:c3:90:41:83:ce:cf: 45:1c:5c:f9:67:97:e5:74:19:d0:82:92:54:2c:16: 08:9c:ad:3c:09:a2:ce:24:4a:8a:df:f0:74:2d:7e: b6:00:82:5e:6c:52:4d:78:8c:38:14:b9:74:c7:d8: 45:ec:94:a2:8b:b8:d0:00:71:f5:9a:21:83:ca:45: b6:16:c8:aa:80:1a:11:d5:a7:8d:2c:97:33:35:93: 6f:bd:67:02:40:bd:74:20:0f:32:f4:77:bb:57:97: da:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:3A:18:D9:09:7F:CE:01:69:F8:92:7F:90:CD:51:F4:EA:41:E9:9B X509v3 Authority Key Identifier: keyid:85:14:51:93:5C:18:46:46:F8:68:78:23:8A:FB:0A:0D:5A:B0:BA:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRRRk1wYRkb4aHgjivsKDVqwut4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/db69b3-781e-4cb9-9edf-6dd6a9c55f57/1/hRRRk1wYRkb4aHgjivsKDVqwut4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:f2:00:39:95:b6:2b:27:4f:59:59:39:d4:99:96:c8:9d:36: 16:26:15:98:2a:c5:e3:e8:8b:72:11:f9:68:c3:0c:d1:36:d6: 09:71:3d:0c:b1:dd:83:3c:6e:03:d0:9e:0b:48:65:c3:0f:a3: 09:d0:6f:e3:ce:15:07:8c:86:6b:e5:b4:36:c7:fc:ff:af:6c: 0b:68:44:9d:f0:dc:14:bb:a0:61:e4:b3:79:64:ef:61:92:11: e0:69:b7:e2:79:b5:76:0e:7f:62:91:81:74:16:2f:ce:5b:e0: a7:6b:fe:16:9d:09:48:4b:b3:11:40:73:0a:a4:cf:fe:58:fc: c2:34:5b:cd:8c:3a:9e:a0:fe:de:37:02:83:d8:60:70:f3:85: 13:4a:13:b4:c5:4c:46:66:b9:3e:56:64:98:5d:42:04:dc:7e: c3:74:eb:4e:be:19:5e:29:5d:84:91:8f:52:23:a0:c0:11:dc: 85:01:c5:16:9d:ca:02:f9:5a:f9:76:29:79:0a:3a:14:39:ab: 34:85:ab:ba:5e:5b:35:e7:0b:74:6c:e2:42:d6:e5:95:46:4c: 86:b9:2c:81:53:39:b0:10:ad:b4:44:16:2d:75:0f:df:7e:ea: 0f:52:20:8d:56:66:6c:94:56:34:1e:7e:d4:2c:46:1b:f7:a6: f5:fc:f8:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CfeK8OhAprmwKqYMyw0LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MTQ1MTkzNWMxODQ2NDZmODY4NzgyMzhhZmIwYTBkNWFi MGJhZGUwHhcNMjUxMjA2MTkwMTAyWhcNMjUxMjA3MTkwMTAyWjAzMTEwLwYDVQQD EyhhMDNhMThkOTA5N2ZjZTAxNjlmODkyN2Y5MGNkNTFmNGVhNDFlOTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCHNHh91l0BafZ7pOfMipwCCLgYf yNZleyDL0fN9dpLASxeifDW4cRyJ4ck7gjIqcTXMWsiUCxlUAe5RmLgHtE5MamDg yw/yGC2OQxK2la+xTihj0QH4D/HP7lBAMVvV4VD0F1EycW0oymAh617iznUKeJFp ha1kSEkYtf90UWlGmlV8qeB1IzR87vXoB8zlO1IFbhCn3FgchbliXKHDkEGDzs9F HFz5Z5fldBnQgpJULBYInK08CaLOJEqK3/B0LX62AIJebFJNeIw4FLl0x9hF7JSi i7jQAHH1miGDykW2FsiqgBoR1aeNLJczNZNvvWcCQL10IA8y9He7V5faxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKA6GNkJf84BafiSf5DNUfTqQembMB8GA1UdIwQY MBaAFIUUUZNcGEZG+Gh4I4r7Cg1asLreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYt NmRkNmE5YzU1ZjU3LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9kYjY5YjMtNzgxZS00Y2I5LTllZGYtNmRkNmE5YzU1ZjU3 LzEvaFJSUmsxd1lSa2I0YUhnaml2c0tEVnF3dXQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiPIAOZW2 KydPWVk51JmWyJ02FiYVmCrF4+iLchH5aMMM0TbWCXE9DLHdgzxuA9CeC0hlww+j CdBv484VB4yGa+W0Nsf8/69sC2hEnfDcFLugYeSzeWTvYZIR4Gm34nm1dg5/YpGB dBYvzlvgp2v+Fp0JSEuzEUBzCqTP/lj8wjRbzYw6nqD+3jcCg9hgcPOFE0oTtMVM Rma5PlZkmF1CBNx+w3TrTr4ZXildhJGPUiOgwBHchQHFFp3KAvla+XYpeQo6FDmr NIWrul5bNecLdGziQtbllUZMhrksgVM5sBCttEQWLXUP337qD1IgjVZmbJRWNB5+ 1CxGG/em9fz4lw== -----END CERTIFICATE-----Generated at Sun Dec 7 03:18:01 2025 by rpki-client