This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft File: hnkOzbhqxvqivMfusg0nTPpGULA.mft (raw, json) Hash identifier: DQD2IjvRTpOfQmj0KjxHN1sszhA+j0J0OGgU8PyMht8= Subject key identifier: 0C:3C:39:DE:58:8B:EF:D7:7F:BF:02:C2:6D:42:D6:FE:78:F8:AA:D2 Authority key identifier: 86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0 Certificate issuer: /CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0 Certificate serial: 019AF2E4594BD4B9284E7D948DAF9FAFAF8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft Manifest number: 013B Signing time: Sat 06 Dec 2025 09:00:42 +0000 Manifest this update: Sat 06 Dec 2025 09:00:42 +0000 Manifest next update: Sun 07 Dec 2025 09:00:42 +0000 Files and hashes: 1: hnkOzbhqxvqivMfusg0nTPpGULA.crl (hash: tfH5lvQ7jLKWpyeuPx4WZBDCGkx5fslbioWZxBEakws=) 2: tR9T-2FvtEGouyPVT6CL-0oJmZs.roa (hash: oiTzhXBQqy2Mz5Nqrcv/ZCMdCONRk6F6wZpQ15vc3o0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:59:4b:d4:b9:28:4e:7d:94:8d:af:9f:af:af:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86790ecdb86ac6faa2bcc7eeb20d274cfa4650b0 Validity Not Before: Dec 6 09:00:42 2025 GMT Not After : Dec 7 09:00:42 2025 GMT Subject: CN=0c3c39de588befd77fbf02c26d42d6fe78f8aad2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:31:2e:12:cb:33:f0:5a:60:47:ef:4c:6e:06: f1:43:fb:9f:b4:72:2c:98:66:aa:44:77:d5:fb:05: 0c:04:b2:b8:61:bc:5a:6c:9a:e2:7a:ec:95:13:36: 01:52:fd:e9:6a:4c:7f:35:3d:4c:bb:22:3d:e1:8c: 19:d3:19:fc:8e:b4:ac:97:63:37:ec:63:c9:c7:10: 46:94:b6:f3:26:3e:9d:0c:77:ec:6b:da:26:ef:a9: d4:01:c3:67:0f:d1:bb:6c:da:b3:c6:ef:8b:68:2b: fe:64:54:54:40:b8:d0:a6:c4:88:1f:ba:2c:25:81: 44:65:b0:81:38:14:73:a9:62:51:c9:81:95:99:fa: a4:f7:04:78:ad:dd:7a:e8:6a:56:ce:3d:49:30:8a: 1e:39:53:1f:00:60:23:12:69:41:c9:d6:89:ff:de: 9b:d4:e8:91:fe:b7:68:5b:68:b8:80:b9:37:03:bd: 9e:10:6d:c8:b9:56:f5:84:a5:ca:a9:e5:e5:a4:82: 4d:44:2c:9e:7f:57:5b:d1:df:6f:3d:ff:56:0d:c2: 86:9b:30:e5:6c:78:47:b0:64:67:1a:b6:3d:ed:18: bd:6c:d4:21:d2:08:5d:7e:e8:da:d4:76:e6:d0:6d: cb:2e:dd:05:66:c9:af:01:d0:8c:1b:2e:ba:0b:cd: b3:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:3C:39:DE:58:8B:EF:D7:7F:BF:02:C2:6D:42:D6:FE:78:F8:AA:D2 X509v3 Authority Key Identifier: keyid:86:79:0E:CD:B8:6A:C6:FA:A2:BC:C7:EE:B2:0D:27:4C:FA:46:50:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnkOzbhqxvqivMfusg0nTPpGULA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/32be63-eb23-4505-abe0-e0f6e315f5b8/1/hnkOzbhqxvqivMfusg0nTPpGULA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:9e:9b:0c:b4:46:0e:5a:e7:40:11:e1:2d:10:c9:c6:d3:9d: a9:ec:07:19:1e:15:d7:78:66:3d:a4:af:b4:26:d7:90:88:6e: 54:9c:ca:12:ca:df:03:b4:52:c7:95:54:1b:a2:17:9f:c4:3d: c4:76:04:88:ff:a7:c2:1c:f4:17:45:e4:dc:c2:97:81:0c:f7: ad:98:9b:af:39:54:43:81:ee:a3:da:39:59:30:2a:f6:15:fd: f7:ea:f0:a0:08:6e:e0:45:84:c9:81:32:fe:4e:1c:ee:1c:88: c7:08:7e:68:b0:56:9c:09:21:81:e2:f3:32:cc:b1:4d:f9:38: 65:5e:7c:a3:62:2b:c9:a5:31:43:6e:ef:3f:d6:99:09:1e:62: 72:a9:bd:d2:72:5e:e0:6c:c9:85:54:1c:b9:39:1d:77:93:00: 93:07:fb:f3:86:78:a2:ea:f9:9a:64:46:ff:69:9e:23:24:09: af:dd:70:b5:37:2b:e3:cf:30:6a:43:02:0a:58:f4:7c:32:f5: 04:a7:3b:e1:ed:49:10:37:d2:5e:a1:92:14:40:95:4d:b0:85: 8a:31:b0:e4:89:24:7b:11:33:02:8e:38:19:51:f2:ac:37:20: 6d:cd:1c:3b:b4:2c:8b:df:6a:95:29:ce:52:ad:ab:f2:c3:c9: d9:25:f2:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5FlL1LkoTn2Uja+fr6+OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NzkwZWNkYjg2YWM2ZmFhMmJjYzdlZWIyMGQyNzRjZmE0 NjUwYjAwHhcNMjUxMjA2MDkwMDQyWhcNMjUxMjA3MDkwMDQyWjAzMTEwLwYDVQQD EygwYzNjMzlkZTU4OGJlZmQ3N2ZiZjAyYzI2ZDQyZDZmZTc4ZjhhYWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzEuEssz8FpgR+9MbgbxQ/uftHIs mGaqRHfV+wUMBLK4YbxabJrieuyVEzYBUv3pakx/NT1MuyI94YwZ0xn8jrSsl2M3 7GPJxxBGlLbzJj6dDHfsa9om76nUAcNnD9G7bNqzxu+LaCv+ZFRUQLjQpsSIH7os JYFEZbCBOBRzqWJRyYGVmfqk9wR4rd166GpWzj1JMIoeOVMfAGAjEmlBydaJ/96b 1OiR/rdoW2i4gLk3A72eEG3IuVb1hKXKqeXlpIJNRCyef1db0d9vPf9WDcKGmzDl bHhHsGRnGrY97Ri9bNQh0ghdfuja1Hbm0G3LLt0FZsmvAdCMGy66C82zPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAw8Od5Yi+/Xf78Cwm1C1v54+KrSMB8GA1UdIwQY MBaAFIZ5Ds24asb6orzH7rINJ0z6RlCwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAt ZTBmNmUzMTVmNWI4LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8zMmJlNjMtZWIyMy00NTA1LWFiZTAtZTBmNmUzMTVmNWI4 LzEvaG5rT3piaHF4dnFpdk1mdXNnMG5UUHBHVUxBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX56bDLRG DlrnQBHhLRDJxtOdqewHGR4V13hmPaSvtCbXkIhuVJzKEsrfA7RSx5VUG6IXn8Q9 xHYEiP+nwhz0F0Xk3MKXgQz3rZibrzlUQ4Huo9o5WTAq9hX99+rwoAhu4EWEyYEy /k4c7hyIxwh+aLBWnAkhgeLzMsyxTfk4ZV58o2IryaUxQ27vP9aZCR5icqm90nJe 4GzJhVQcuTkdd5MAkwf784Z4our5mmRG/2meIyQJr91wtTcr488wakMCClj0fDL1 BKc74e1JEDfSXqGSFECVTbCFijGw5IkkexEzAo44GVHyrDcgbc0cO7Qsi99qlSnO Uq2r8sPJ2SXyQQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:43:41 2025 by rpki-client