This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft File: hqnzrkX3AVCvF-uHiel4iQKe5dM.mft (raw, json) Hash identifier: w3mUVgXPRrxo/N2ohKXAXcOrU8LjTQsJK7Q3FtYmG7Y= Subject key identifier: A2:E6:B9:2B:6C:93:48:0A:57:6D:83:95:BC:10:9D:0D:D1:95:DE:8F Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3 Certificate issuer: /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3 Certificate serial: 019AF19AF7AEDCDA248D73410075B92D2A2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 03:00:56 +0000 Manifest this update: Sat 06 Dec 2025 03:00:56 +0000 Manifest next update: Sun 07 Dec 2025 03:00:56 +0000 Files and hashes: 1: 6b_z1nYhros0lFsJJ-v5kZEUQbE.roa (hash: lcqP5Znx2EuUXx9SjdDPzhxT49PtsEmnOX0/yWwCL10=) 2: hqnzrkX3AVCvF-uHiel4iQKe5dM.crl (hash: dAdSUKnFEahPCepGX6XiBUIicSqq4FsxqBLIWTIWH70=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:f7:ae:dc:da:24:8d:73:41:00:75:b9:2d:2a:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3 Validity Not Before: Dec 6 03:00:56 2025 GMT Not After : Dec 7 03:00:56 2025 GMT Subject: CN=a2e6b92b6c93480a576d8395bc109d0dd195de8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:66:ed:7c:b1:b5:48:e0:ce:ae:fe:42:b7:91: e7:ea:93:09:41:47:2d:33:2e:23:71:5f:ed:fe:14: 0c:37:97:bc:0e:4b:a5:6c:1a:98:68:8f:c8:08:56: 62:b5:64:7f:de:d1:ad:ae:b9:5d:60:14:fb:88:68: 5e:8d:02:2c:d0:0b:b2:b1:93:35:1c:c6:b1:72:e5: 6c:2e:24:02:09:74:f7:3e:6b:8d:80:1d:8a:9b:43: d7:b8:b2:ee:21:1d:1d:81:a3:45:87:78:3d:34:86: c4:55:b5:9f:bd:93:ab:40:ab:b7:55:f7:a5:a0:d9: d0:88:de:41:aa:4d:91:ce:b0:04:14:6c:5f:ef:96: c0:98:bb:43:60:8c:02:3b:b4:a2:80:b0:fb:c8:c7: bb:3b:44:29:9c:d0:35:05:e7:75:e1:8a:65:a6:f4: 76:6d:80:66:4a:8c:62:c5:d5:94:e4:d8:17:5b:8c: ba:52:49:a9:fa:3b:9c:47:d0:6c:39:49:3c:38:30: 1b:dc:6f:14:05:92:b6:f2:e5:66:8a:66:13:59:4c: b4:4f:51:74:55:f7:bc:59:3e:a3:1e:f0:b3:56:ea: 96:de:5c:9e:ed:d5:55:8a:57:24:6b:45:d2:94:21: 5f:1b:b1:3c:8c:95:92:33:67:f2:4d:bd:33:d9:f7: 97:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:E6:B9:2B:6C:93:48:0A:57:6D:83:95:BC:10:9D:0D:D1:95:DE:8F X509v3 Authority Key Identifier: keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:0e:1f:96:03:4e:86:86:9d:19:d8:6a:64:ad:66:91:b3:7f: 0d:de:3b:86:cc:cd:bc:64:34:3c:56:a8:a0:99:b0:8e:62:7d: c1:db:d9:e7:cb:a7:56:3c:6c:37:c5:44:cb:fb:8b:d7:9c:52: 03:f7:34:63:5e:ef:0b:37:a1:7a:1d:1b:05:d0:94:53:98:f7: 2f:19:71:20:c8:5e:00:6d:3a:0c:6b:d2:15:c7:77:6f:bc:2d: 2a:2d:08:77:dc:a1:4d:42:55:69:4d:80:c7:98:82:3b:8d:50: 00:86:78:8f:6a:66:cf:c6:ab:b7:e2:b5:ac:b0:25:52:71:b6: 47:cb:2b:3d:5f:e2:d7:38:08:7d:39:52:52:81:b1:55:bd:0d: 70:f4:62:43:e4:39:32:00:fc:54:a5:aa:fc:ea:65:f9:e8:c2: 1b:82:92:8b:93:45:c8:37:64:c1:5a:e5:fb:14:c1:d5:68:5d: c9:7b:07:a9:c6:4b:0c:95:94:c9:0e:0d:6d:fe:57:4b:0c:d7: 17:43:31:62:7f:24:dc:36:7e:cc:c6:b8:dd:78:a7:6a:f8:00: 2f:2f:99:b8:25:d7:84:73:64:b8:25:29:96:b5:f3:6d:6e:52: e7:1b:5c:6f:08:d1:cb:01:c0:df:b9:64:d5:fe:f1:8d:a0:50: e6:55:5a:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmveu3NokjXNBAHW5LSouMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5 ZWU1ZDMwHhcNMjUxMjA2MDMwMDU2WhcNMjUxMjA3MDMwMDU2WjAzMTEwLwYDVQQD EyhhMmU2YjkyYjZjOTM0ODBhNTc2ZDgzOTViYzEwOWQwZGQxOTVkZThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2btfLG1SODOrv5Ct5Hn6pMJQUct My4jcV/t/hQMN5e8DkulbBqYaI/ICFZitWR/3tGtrrldYBT7iGhejQIs0AuysZM1 HMaxcuVsLiQCCXT3PmuNgB2Km0PXuLLuIR0dgaNFh3g9NIbEVbWfvZOrQKu3Vfel oNnQiN5Bqk2RzrAEFGxf75bAmLtDYIwCO7SigLD7yMe7O0QpnNA1Bed14YplpvR2 bYBmSoxixdWU5NgXW4y6Ukmp+jucR9BsOUk8ODAb3G8UBZK28uVmimYTWUy0T1F0 Vfe8WT6jHvCzVuqW3lye7dVVilcka0XSlCFfG7E8jJWSM2fyTb0z2feX4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKLmuStsk0gKV22DlbwQnQ3Rld6PMB8GA1UdIwQY MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt MzQ4N2FlODJiMjBkLzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPg4flgNO hoadGdhqZK1mkbN/Dd47hszNvGQ0PFaooJmwjmJ9wdvZ58unVjxsN8VEy/uL15xS A/c0Y17vCzeheh0bBdCUU5j3LxlxIMheAG06DGvSFcd3b7wtKi0Id9yhTUJVaU2A x5iCO41QAIZ4j2pmz8art+K1rLAlUnG2R8srPV/i1zgIfTlSUoGxVb0NcPRiQ+Q5 MgD8VKWq/Opl+ejCG4KSi5NFyDdkwVrl+xTB1WhdyXsHqcZLDJWUyQ4Nbf5XSwzX F0MxYn8k3DZ+zMa43XinavgALy+ZuCXXhHNkuCUplrXzbW5S5xtcbwjRywHA37lk 1f7xjaBQ5lVaQQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:12:43 2025 by rpki-client