This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft File: hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft (raw, json) Hash identifier: 3HBBVQtIuyiFdMVpx+wxU742pMS8Sz44ox8Xr4QhKCY= Subject key identifier: AD:B3:0B:DE:77:4D:AB:5C:11:90:D4:83:CA:5D:C0:96:37:5A:8C:B3 Authority key identifier: 84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D Certificate issuer: /CN=84a3cf114be4fa4c4ff76b218fad50e51739160d Certificate serial: 019AF6F802BB669CBF12B1E1FF73C2BB6DF9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft Manifest number: 1140 Signing time: Sun 07 Dec 2025 04:00:39 +0000 Manifest this update: Sun 07 Dec 2025 04:00:39 +0000 Manifest next update: Mon 08 Dec 2025 04:00:39 +0000 Files and hashes: 1: hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl (hash: FGgIQwESQ466rtfZx74EDrAHs1GWSafmc1gIViDsYp0=) 2: sudojg6HDCizETctxsBEtvD9ceA.roa (hash: WBqfbYsjDjIGknBmCSsGnzqS8ek9/ghen0y1LOmx5Ns=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f8:02:bb:66:9c:bf:12:b1:e1:ff:73:c2:bb:6d:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84a3cf114be4fa4c4ff76b218fad50e51739160d Validity Not Before: Dec 7 04:00:39 2025 GMT Not After : Dec 8 04:00:39 2025 GMT Subject: CN=adb30bde774dab5c1190d483ca5dc096375a8cb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:d1:4b:f5:48:3a:d0:3e:42:bf:cf:b8:77:a6: 3e:59:b7:33:33:b4:e8:cb:8e:64:19:b7:48:fa:b8: 45:05:c9:b1:7d:7d:e5:7b:c8:b1:2f:85:b2:b2:52: fe:4f:d6:4f:fb:fe:33:a7:2f:9d:cf:0f:eb:2c:85: f8:d7:df:b0:42:31:dc:e3:3e:b5:1a:86:35:9a:1f: 75:2a:e0:de:40:d9:ed:67:aa:d0:2f:f4:11:a1:ec: ae:ef:89:6e:36:71:c1:e8:d6:f6:31:3f:05:af:c4: cb:9a:d3:3d:91:35:01:24:5a:f3:00:a6:14:db:a7: b8:a0:b1:55:32:72:54:96:92:f5:7d:a8:27:6d:c8: 82:e2:c9:85:02:2e:a0:5a:ac:55:84:e1:01:c6:4b: b6:56:75:1d:60:60:77:ed:07:fc:ca:b1:3c:17:81: a4:ac:2d:0b:6f:02:ff:5a:9e:6d:a4:c9:20:c7:c5: 40:0f:a1:d5:82:f7:b6:86:d0:ae:95:0b:4b:e2:00: 50:1a:b9:8c:cf:2b:25:c7:80:33:3c:f0:0d:e5:d9: c9:db:06:9d:bc:44:a8:ad:33:3d:b2:cd:28:25:83: e3:2b:ba:34:96:22:14:dc:7c:9f:b8:ed:0e:ef:61: aa:93:91:9f:47:47:7f:e7:dc:63:89:2d:15:f6:9f: c9:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:B3:0B:DE:77:4D:AB:5C:11:90:D4:83:CA:5D:C0:96:37:5A:8C:B3 X509v3 Authority Key Identifier: keyid:84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:d9:03:dc:75:37:f4:16:0e:c6:64:7d:64:b4:e7:f9:78:31: 2e:d8:2e:ba:22:2f:1e:9e:48:76:b9:9f:19:d1:45:53:4f:01: 2b:ff:92:f1:8e:19:1b:16:48:21:f8:52:89:86:5a:98:b8:33: a5:5c:fb:65:25:ff:c1:d2:46:22:8e:16:fe:44:ca:aa:19:bf: eb:3e:d7:92:79:c9:94:a8:e4:dc:5f:6a:fd:b9:6f:c6:ee:02: d9:5e:0e:2a:65:22:82:5c:60:33:48:d2:f0:84:98:76:a7:d7: 07:3f:d7:55:7b:80:40:70:70:79:ad:aa:83:29:7b:24:ca:19: aa:b6:d3:57:84:62:87:b7:58:40:0e:0e:9d:e0:cd:d4:c3:1c: 96:06:34:0c:80:3c:a3:65:61:b4:bc:1f:94:e7:a5:93:a3:63: 84:43:4e:1d:7a:3f:ae:1a:67:d7:cc:4a:f7:b6:8e:34:7e:27: b3:b0:46:9f:f8:dc:d0:67:7a:9e:6f:06:03:1e:0a:cb:e8:eb: f1:94:09:52:3c:a1:b8:70:a5:dd:46:a0:aa:eb:fa:86:a3:e0: d8:75:33:9e:99:70:f3:47:e1:16:fb:24:8d:b5:ed:67:ea:c7: ea:32:7f:e1:e7:f0:a3:91:47:af:62:cf:6b:e1:ca:8c:b4:1e: 32:2a:0c:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+AK7Zpy/ErHh/3PCu235MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YTNjZjExNGJlNGZhNGM0ZmY3NmIyMThmYWQ1MGU1MTcz OTE2MGQwHhcNMjUxMjA3MDQwMDM5WhcNMjUxMjA4MDQwMDM5WjAzMTEwLwYDVQQD EyhhZGIzMGJkZTc3NGRhYjVjMTE5MGQ0ODNjYTVkYzA5NjM3NWE4Y2IzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tFL9Ug60D5Cv8+4d6Y+WbczM7To y45kGbdI+rhFBcmxfX3le8ixL4WyslL+T9ZP+/4zpy+dzw/rLIX419+wQjHc4z61 GoY1mh91KuDeQNntZ6rQL/QRoeyu74luNnHB6Nb2MT8Fr8TLmtM9kTUBJFrzAKYU 26e4oLFVMnJUlpL1fagnbciC4smFAi6gWqxVhOEBxku2VnUdYGB37Qf8yrE8F4Gk rC0LbwL/Wp5tpMkgx8VAD6HVgve2htCulQtL4gBQGrmMzyslx4AzPPAN5dnJ2wad vESorTM9ss0oJYPjK7o0liIU3HyfuO0O72Gqk5GfR0d/59xjiS0V9p/JrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK2zC953TatcEZDUg8pdwJY3WoyzMB8GA1UdIwQY MBaAFISjzxFL5PpMT/drIY+tUOUXORYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUt NTM5MzI5YmVkNDZlLzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUtNTM5MzI5YmVkNDZl LzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtkD3HU3 9BYOxmR9ZLTn+XgxLtguuiIvHp5IdrmfGdFFU08BK/+S8Y4ZGxZIIfhSiYZamLgz pVz7ZSX/wdJGIo4W/kTKqhm/6z7XknnJlKjk3F9q/blvxu4C2V4OKmUiglxgM0jS 8ISYdqfXBz/XVXuAQHBwea2qgyl7JMoZqrbTV4Rih7dYQA4OneDN1MMclgY0DIA8 o2VhtLwflOelk6NjhENOHXo/rhpn18xK97aONH4ns7BGn/jc0Gd6nm8GAx4Ky+jr 8ZQJUjyhuHCl3Uagquv6hqPg2HUznplw80fhFvskjbXtZ+rH6jJ/4efwo5FHr2LP a+HKjLQeMioMKw== -----END CERTIFICATE-----Generated at Sun Dec 7 06:07:34 2025 by rpki-client