This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft File: hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json) Hash identifier: W/eHXYL8Zel6SYQ/kU+QSf4NAbMC+JCEatfeWJAGMXU= Subject key identifier: A6:A0:E8:D1:74:41:02:8A:83:6D:C6:26:52:02:CC:1B:B7:1D:5E:68 Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67 Certificate issuer: /CN=86985bae0d938de24385c4053cda391b74450267 Certificate serial: 019AF31B2B0C16C828974D89154838B773B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft Manifest number: 0AD2 Signing time: Sat 06 Dec 2025 10:00:35 +0000 Manifest this update: Sat 06 Dec 2025 10:00:35 +0000 Manifest next update: Sun 07 Dec 2025 10:00:35 +0000 Files and hashes: 1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: 6uVHqZR1cbTUXUPJu41O+/n6URxsZUaTgvB97c/1UQw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:2b:0c:16:c8:28:97:4d:89:15:48:38:b7:73:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86985bae0d938de24385c4053cda391b74450267 Validity Not Before: Dec 6 10:00:35 2025 GMT Not After : Dec 7 10:00:35 2025 GMT Subject: CN=a6a0e8d17441028a836dc6265202cc1bb71d5e68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:b3:0f:27:d1:c2:a9:35:6a:99:ed:cc:e4:b4: 34:c7:55:be:21:49:66:0e:b1:6a:3b:e8:ca:22:e3: 83:ad:fc:3d:5b:20:7b:ee:65:b8:5d:96:9a:2b:27: 6b:7c:3f:a3:fe:95:61:cd:5b:c3:ff:fb:e1:db:6e: 12:59:59:f1:86:25:ed:2b:dc:87:6f:cd:ad:61:f3: 9f:1a:d9:a0:8d:63:68:4c:fd:84:39:bb:92:05:19: 97:f9:8d:d4:ba:ed:5c:97:47:74:d9:ab:29:6e:87: 1c:01:3d:c6:c5:e4:d8:d7:f2:71:97:45:73:3d:da: 05:ee:c3:6d:8f:61:59:a6:ec:0c:98:b9:6f:60:45: 77:31:e0:6b:ae:ee:1b:69:87:13:3f:8f:d3:39:0b: 5f:0d:f8:9e:b3:fc:fb:eb:9b:61:90:fa:af:96:93: a8:bc:e9:4e:bb:6d:86:df:2e:cf:a6:b8:b5:a8:2a: 5a:43:9f:7c:2d:50:fc:ae:b3:b3:01:8a:7b:54:72: f9:8b:e6:a1:ba:55:f8:c7:27:db:ae:2d:8f:d5:17: ae:52:cb:b0:04:b0:b1:1f:97:5d:f5:a2:64:a1:98: ff:f2:44:ec:6c:e0:b6:fd:83:c2:cb:92:e5:d6:6a: 48:af:55:62:4c:a9:84:25:95:f3:29:38:0e:ee:55: e8:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:A0:E8:D1:74:41:02:8A:83:6D:C6:26:52:02:CC:1B:B7:1D:5E:68 X509v3 Authority Key Identifier: keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:85:e1:ad:13:f5:c3:23:4d:a7:b5:11:43:0d:fd:33:cc:2c: 6d:14:09:d4:df:01:f1:d4:d7:7e:f1:b7:98:06:2a:80:c0:ee: a4:80:fc:e2:10:0e:f3:f7:b1:2b:2d:96:da:b1:6d:6c:6a:dc: 22:91:09:76:3f:a4:60:1a:ca:15:fc:3a:0a:03:1e:3c:73:a2: 73:47:2f:4e:fd:b6:da:a1:11:31:39:e2:56:0c:7e:9a:66:b7: e0:03:5d:ec:ec:1c:97:d9:4b:d1:ae:1a:be:b4:6b:56:71:bb: d9:86:cc:7f:cd:b1:ed:22:c5:db:1a:bb:d4:1a:8a:2a:b4:00: 73:8d:fb:d2:9b:8a:d7:12:93:ce:f5:21:8e:17:75:d4:c4:85: e3:8a:cb:18:7a:e3:e3:06:75:3b:3e:cd:a8:fa:4b:a6:f7:d8: d1:82:92:bd:74:18:cf:94:c2:8e:b5:ab:be:ef:df:1f:3b:47: be:d3:b1:89:b3:c9:5a:b7:f1:e3:44:38:14:0c:cb:6b:01:5f: ed:cb:71:16:7b:63:3f:91:20:b3:4b:ea:75:16:23:0f:a5:4f: 03:bb:14:83:09:48:8b:40:09:3e:1d:af:f4:b2:24:da:f0:76: 54:6d:de:e9:43:7e:fd:00:3a:33:3f:e6:a1:7e:47:0c:08:db: d8:e7:a9:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGysMFsgol02JFUg4t3OyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0 NTAyNjcwHhcNMjUxMjA2MTAwMDM1WhcNMjUxMjA3MTAwMDM1WjAzMTEwLwYDVQQD EyhhNmEwZThkMTc0NDEwMjhhODM2ZGM2MjY1MjAyY2MxYmI3MWQ1ZTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrMPJ9HCqTVqme3M5LQ0x1W+IUlm DrFqO+jKIuODrfw9WyB77mW4XZaaKydrfD+j/pVhzVvD//vh224SWVnxhiXtK9yH b82tYfOfGtmgjWNoTP2EObuSBRmX+Y3Uuu1cl0d02aspboccAT3GxeTY1/Jxl0Vz PdoF7sNtj2FZpuwMmLlvYEV3MeBrru4baYcTP4/TOQtfDfies/z765thkPqvlpOo vOlOu22G3y7Ppri1qCpaQ598LVD8rrOzAYp7VHL5i+ahulX4xyfbri2P1ReuUsuw BLCxH5dd9aJkoZj/8kTsbOC2/YPCy5Ll1mpIr1ViTKmEJZXzKTgO7lXo3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKag6NF0QQKKg23GJlICzBu3HV5oMB8GA1UdIwQY MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYXhrRP1 wyNNp7URQw39M8wsbRQJ1N8B8dTXfvG3mAYqgMDupID84hAO8/exKy2W2rFtbGrc IpEJdj+kYBrKFfw6CgMePHOic0cvTv222qERMTniVgx+mma34ANd7Owcl9lL0a4a vrRrVnG72YbMf82x7SLF2xq71BqKKrQAc4370puK1xKTzvUhjhd11MSF44rLGHrj 4wZ1Oz7NqPpLpvfY0YKSvXQYz5TCjrWrvu/fHztHvtOxibPJWrfx40Q4FAzLawFf 7ctxFntjP5Egs0vqdRYjD6VPA7sUgwlIi0AJPh2v9LIk2vB2VG3e6UN+/QA6Mz/m oX5HDAjb2OepZg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:49:56 2025 by rpki-client