This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft File: hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json) Hash identifier: kj0ZQPy8TU8rWMg1soCLf3Oze20em+kUWtCBIyvVPpo= Subject key identifier: AD:D0:C3:3F:43:F4:F2:E7:39:0A:6E:AB:12:8E:3D:F2:5A:B0:44:78 Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4 Certificate issuer: /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4 Certificate serial: 019AF31B26FDED80FD922EF2C2F94945393F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 10:00:34 +0000 Manifest this update: Sat 06 Dec 2025 10:00:34 +0000 Manifest next update: Sun 07 Dec 2025 10:00:34 +0000 Files and hashes: 1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: INTKwe2qhAtozWqVvOYbcfrndUcn9Uus4491e11UEHQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:26:fd:ed:80:fd:92:2e:f2:c2:f9:49:45:39:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4 Validity Not Before: Dec 6 10:00:34 2025 GMT Not After : Dec 7 10:00:34 2025 GMT Subject: CN=add0c33f43f4f2e7390a6eab128e3df25ab04478 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:3c:58:b2:fb:34:03:fa:9b:13:a9:61:f5:5c: a0:89:36:5a:51:5b:14:22:a2:56:57:3e:ff:d1:f0: 2a:87:b1:f9:56:f7:4f:47:4b:72:54:5c:a2:ce:ec: b9:97:94:33:72:fb:42:9f:f2:a3:ee:3e:ba:b2:d5: ce:e6:44:01:b2:12:fb:70:52:1f:1a:9b:51:bb:ce: d9:d2:de:21:8e:a1:30:ef:1f:83:82:db:da:3e:9f: e4:9e:c2:6a:8f:27:c0:88:fe:42:a1:9a:46:5e:82: ed:cd:19:a6:55:79:b0:94:15:07:47:9d:47:22:10: aa:ff:55:78:1e:67:79:ec:de:83:a2:00:a1:ed:93: 36:69:c2:03:7b:94:d7:c6:33:ea:69:48:1b:26:21: 54:26:db:6c:e3:c4:67:4f:7d:fe:40:8c:08:62:29: 9f:2e:2c:5d:cd:13:a3:fd:99:d1:62:6b:7c:25:5a: 03:87:37:d3:e0:89:79:a5:10:a7:46:36:07:dc:f9: c9:e1:4e:0f:61:a3:a2:89:fd:cc:ba:1c:c6:ea:4b: e1:7e:d0:6e:d5:8d:11:65:9c:9c:49:c7:ac:9b:5a: 00:1e:c7:f6:4e:f4:21:64:bd:17:e5:a2:fb:4c:ed: 6e:ad:6a:ed:04:b9:2f:11:ca:a6:5c:8f:08:75:1b: 5e:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D0:C3:3F:43:F4:F2:E7:39:0A:6E:AB:12:8E:3D:F2:5A:B0:44:78 X509v3 Authority Key Identifier: keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:53:d8:08:0f:10:9a:f7:3b:6a:f5:01:11:79:15:9c:34:b0: 39:88:b4:40:d6:3c:4d:a9:20:85:48:33:03:25:b7:a7:b6:ec: 32:39:8e:3c:79:93:b2:33:89:fe:32:98:6a:40:3a:fc:6c:03: a5:11:0b:9c:49:91:04:80:6a:14:ea:fd:a0:f5:ce:70:0b:20: ed:5a:29:db:22:aa:bd:91:cb:db:fe:99:8b:a4:67:cc:f3:5d: 74:e9:40:06:66:b8:a6:f8:36:49:b3:39:88:c9:0c:e8:69:ef: 63:f4:d4:88:c7:18:55:1a:10:69:cf:68:d6:b8:4f:40:3b:5e: 58:79:a5:57:dd:ed:4c:df:10:95:cd:62:ea:e4:05:fe:b1:81: e2:55:2c:31:c6:71:d6:93:3a:d0:51:4a:61:45:2b:e7:c3:99: 62:24:f7:c5:72:78:14:18:48:30:a1:73:21:f5:2f:8a:eb:41: 05:a6:a8:d8:59:f7:18:cf:72:c5:b3:d5:16:80:09:86:0e:6a: 7d:28:8f:35:06:83:ef:50:89:75:28:b2:9b:e0:20:d9:78:9d: f0:09:a9:a8:7f:95:a5:57:81:5b:a4:ec:e5:e0:93:a9:7d:b3: 15:e4:e8:b0:35:7c:b7:d7:48:c4:66:a9:1f:73:1e:45:50:de: b7:b4:91:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGyb97YD9ki7ywvlJRTk/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3 M2QzYjQwHhcNMjUxMjA2MTAwMDM0WhcNMjUxMjA3MTAwMDM0WjAzMTEwLwYDVQQD EyhhZGQwYzMzZjQzZjRmMmU3MzkwYTZlYWIxMjhlM2RmMjVhYjA0NDc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDxYsvs0A/qbE6lh9VygiTZaUVsU IqJWVz7/0fAqh7H5VvdPR0tyVFyizuy5l5QzcvtCn/Kj7j66stXO5kQBshL7cFIf GptRu87Z0t4hjqEw7x+DgtvaPp/knsJqjyfAiP5CoZpGXoLtzRmmVXmwlBUHR51H IhCq/1V4Hmd57N6DogCh7ZM2acIDe5TXxjPqaUgbJiFUJtts48RnT33+QIwIYimf LixdzROj/ZnRYmt8JVoDhzfT4Il5pRCnRjYH3PnJ4U4PYaOiif3MuhzG6kvhftBu 1Y0RZZycScesm1oAHsf2TvQhZL0X5aL7TO1urWrtBLkvEcqmXI8IdRteVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK3Qwz9D9PLnOQpuqxKOPfJasER4MB8GA1UdIwQY MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0 LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFPYCA8Q mvc7avUBEXkVnDSwOYi0QNY8TakghUgzAyW3p7bsMjmOPHmTsjOJ/jKYakA6/GwD pRELnEmRBIBqFOr9oPXOcAsg7Vop2yKqvZHL2/6Zi6RnzPNddOlABma4pvg2SbM5 iMkM6GnvY/TUiMcYVRoQac9o1rhPQDteWHmlV93tTN8Qlc1i6uQF/rGB4lUsMcZx 1pM60FFKYUUr58OZYiT3xXJ4FBhIMKFzIfUviutBBaao2Fn3GM9yxbPVFoAJhg5q fSiPNQaD71CJdSiym+Ag2Xid8AmpqH+VpVeBW6Ts5eCTqX2zFeTosDV8t9dIxGap H3MeRVDet7SRHw== -----END CERTIFICATE-----Generated at Sat Dec 6 16:50:54 2025 by rpki-client