This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft File: hWhAcEemLmSDAMUYKik1P_WOsF8.mft (raw, json) Hash identifier: Em+unYgmaAlXxIgf33ixHzU6EalRqLqJIEWonvRiza4= Subject key identifier: C1:CF:A6:70:E8:25:73:B0:19:91:A4:47:86:EB:22:BC:F8:EB:2A:F9 Authority key identifier: 85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F Certificate issuer: /CN=8568407047a62e648300c5182a29353ff58eb05f Certificate serial: 019AF3F76B617591F3221C3F497764381BB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft Manifest number: 04B3 Signing time: Sat 06 Dec 2025 14:01:09 +0000 Manifest this update: Sat 06 Dec 2025 14:01:09 +0000 Manifest next update: Sun 07 Dec 2025 14:01:09 +0000 Files and hashes: 1: 0nvhqw7aFiUkSIOiOEerDMnQ_ZQ.roa (hash: HMe62SGaPYEENwRxXbOtER7G/ZP8W5TpI/QjfFDw0sg=) 2: hWhAcEemLmSDAMUYKik1P_WOsF8.crl (hash: 5cqyTqaeYeZvuLMTjXRPpfyXBDJcJt6NMm7NgjjThVE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:6b:61:75:91:f3:22:1c:3f:49:77:64:38:1b:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8568407047a62e648300c5182a29353ff58eb05f Validity Not Before: Dec 6 14:01:09 2025 GMT Not After : Dec 7 14:01:09 2025 GMT Subject: CN=c1cfa670e82573b01991a44786eb22bcf8eb2af9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:fc:fe:d4:64:13:84:35:94:ab:4b:62:bc:9b: e8:d4:50:dc:1c:d5:75:d5:bf:28:3c:08:88:5b:62: 63:5d:b3:fb:81:16:90:21:26:4c:0d:99:7e:cf:10: 85:96:fc:dc:7b:65:b2:4d:23:6c:38:8f:ef:c4:cc: cc:a0:46:33:10:98:34:f8:6f:ca:c4:c5:8f:43:84: 6b:f1:27:04:f5:da:41:40:d8:50:18:9b:a6:c1:2e: 16:5b:4a:df:3b:8f:23:56:e9:27:da:30:6d:59:36: 8f:4f:61:95:54:d0:05:f2:cc:84:14:32:a2:49:71: de:7c:9f:31:af:91:eb:34:c4:f1:7b:9c:5a:18:55: 51:4c:48:f9:74:35:49:fb:98:e6:67:dd:6e:64:eb: 20:fb:18:c5:9a:25:c7:9e:70:26:1b:70:ef:97:a9: 62:6c:fe:df:ae:7f:51:be:b0:c4:a2:73:cc:67:fa: f2:d5:96:8e:ec:0e:a8:8c:4d:d0:92:26:cc:f4:7f: f1:9c:8e:6a:6b:c1:93:2a:9e:b6:c2:a0:01:b9:7a: 55:53:c8:f8:40:9f:81:03:71:76:9c:ae:5c:76:4e: 46:c5:6c:0d:a6:8c:35:5f:2d:28:85:ab:28:5e:e1: 2e:54:d9:00:3e:27:c7:92:45:8e:e8:c7:33:4d:3a: 3a:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:CF:A6:70:E8:25:73:B0:19:91:A4:47:86:EB:22:BC:F8:EB:2A:F9 X509v3 Authority Key Identifier: keyid:85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:8b:20:31:69:1d:2b:5f:12:15:2d:fa:62:eb:a8:8a:f9:8d: 44:15:64:42:b4:12:8a:5a:c7:b4:18:4e:05:77:01:41:01:09: 98:0d:7e:dd:34:21:7f:8c:f0:de:27:86:bc:18:4b:f7:6d:21: d1:f6:e0:f5:b7:2b:7b:15:09:17:47:46:d5:79:f4:5c:02:5f: 2a:59:28:13:f9:14:a7:81:77:9c:d5:5c:16:64:cf:03:5d:33: 6b:85:65:bd:ee:fd:19:7b:fc:6a:9d:6c:76:48:5c:d9:2e:9d: 8c:10:1e:51:01:25:3c:4d:97:ba:41:a5:5b:e4:60:df:44:cc: c5:50:4c:03:f5:39:61:22:6d:3b:ea:65:c2:fb:2a:1e:4b:c0: a7:41:32:47:a6:a8:4c:f7:0c:6e:81:e8:5e:59:f7:13:96:94: 8f:d8:84:ab:c9:69:77:df:60:2d:15:85:4f:7d:93:bd:aa:9e: b2:fd:57:42:e5:19:c8:bb:5e:3e:cf:9c:7a:5b:91:a0:6c:44: d2:26:d1:b1:58:36:de:16:f3:f0:b5:85:ff:63:79:8c:cc:98: 16:bf:a0:5a:86:22:bc:b9:28:f5:74:e3:05:08:2e:ec:00:0b: 24:4f:e4:e0:8a:57:e9:fb:ff:b7:f1:21:75:c8:b4:ff:45:8b: b4:53:f2:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz92thdZHzIhw/SXdkOBu2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1Njg0MDcwNDdhNjJlNjQ4MzAwYzUxODJhMjkzNTNmZjU4 ZWIwNWYwHhcNMjUxMjA2MTQwMTA5WhcNMjUxMjA3MTQwMTA5WjAzMTEwLwYDVQQD EyhjMWNmYTY3MGU4MjU3M2IwMTk5MWE0NDc4NmViMjJiY2Y4ZWIyYWY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/z+1GQThDWUq0tivJvo1FDcHNV1 1b8oPAiIW2JjXbP7gRaQISZMDZl+zxCFlvzce2WyTSNsOI/vxMzMoEYzEJg0+G/K xMWPQ4Rr8ScE9dpBQNhQGJumwS4WW0rfO48jVukn2jBtWTaPT2GVVNAF8syEFDKi SXHefJ8xr5HrNMTxe5xaGFVRTEj5dDVJ+5jmZ91uZOsg+xjFmiXHnnAmG3Dvl6li bP7frn9RvrDEonPMZ/ry1ZaO7A6ojE3QkibM9H/xnI5qa8GTKp62wqABuXpVU8j4 QJ+BA3F2nK5cdk5GxWwNpow1Xy0ohasoXuEuVNkAPifHkkWO6MczTTo6zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMHPpnDoJXOwGZGkR4brIrz46yr5MB8GA1UdIwQY MBaAFIVoQHBHpi5kgwDFGCopNT/1jrBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjIt ZWQzZTk4YzY1NmUxLzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjItZWQzZTk4YzY1NmUx LzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH4sgMWkd K18SFS36YuuoivmNRBVkQrQSilrHtBhOBXcBQQEJmA1+3TQhf4zw3ieGvBhL920h 0fbg9bcrexUJF0dG1Xn0XAJfKlkoE/kUp4F3nNVcFmTPA10za4Vlve79GXv8ap1s dkhc2S6djBAeUQElPE2XukGlW+Rg30TMxVBMA/U5YSJtO+plwvsqHkvAp0EyR6ao TPcMboHoXln3E5aUj9iEq8lpd99gLRWFT32Tvaqesv1XQuUZyLtePs+celuRoGxE 0ibRsVg23hbz8LWF/2N5jMyYFr+gWoYivLko9XTjBQgu7AALJE/k4IpX6fv/t/Eh dci0/0WLtFPyqA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:02:24 2025 by rpki-client