This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft File: HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft (raw, json) Hash identifier: aGG0ls0MI7rtk6FqwixrJSr5ax6jbAIpNdtk/cw0Q+Y= Subject key identifier: E7:D8:11:02:A5:7A:EC:6D:B1:34:6A:DD:D5:4F:D2:94:8F:C2:70:1B Authority key identifier: 1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D Certificate issuer: /CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d Certificate serial: 019AF1D22EA28F6B28EFAF61C0272EDFF94C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft Manifest number: 14AE Signing time: Sat 06 Dec 2025 04:01:14 +0000 Manifest this update: Sat 06 Dec 2025 04:01:14 +0000 Manifest next update: Sun 07 Dec 2025 04:01:14 +0000 Files and hashes: 1: HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl (hash: h5EA/4lceiY02HLLjg7iW+2f6v9gn4cGzQlN3w8FXJM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:2e:a2:8f:6b:28:ef:af:61:c0:27:2e:df:f9:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d Validity Not Before: Dec 6 04:01:14 2025 GMT Not After : Dec 7 04:01:14 2025 GMT Subject: CN=e7d81102a57aec6db1346addd54fd2948fc2701b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5b:06:ad:39:e4:df:33:53:29:02:a4:f6:1d: a0:cf:85:5c:d3:11:cf:fa:c3:c7:34:1d:40:b8:b9: fe:bc:39:20:fa:8b:c3:10:b1:9e:24:1d:e9:97:34: 6a:bd:79:53:ac:d9:e2:82:48:95:0e:e8:c1:e0:76: 78:e8:e5:ae:3e:db:57:ff:c1:54:e2:9c:04:26:a3: 44:02:13:cf:65:df:79:2c:88:d3:5f:00:6a:6b:dd: 6a:0a:9e:ba:2e:06:01:32:13:bd:99:84:fd:2e:6d: 8d:00:42:0f:87:21:a4:ea:1b:05:fa:97:85:27:c1: 61:85:eb:0d:fa:f3:b9:14:58:83:1b:d5:68:8b:b7: e8:cc:5d:6c:93:5d:52:88:4e:d2:43:0b:5b:a2:12: 06:fe:cc:ae:b7:50:28:6d:e7:68:2a:8d:37:6d:3c: 2e:c6:15:7e:e4:6e:1f:94:82:63:67:c9:5d:e3:65: 35:28:12:78:a2:85:ad:6f:17:9d:4b:49:97:6f:ee: 53:ea:48:87:0a:5c:63:33:99:35:00:a7:51:87:ab: 77:36:d7:fe:ea:ee:85:39:0c:6c:a1:16:43:c4:a3: 1b:f2:23:d4:cd:f9:57:b5:91:f3:6c:4b:77:9a:a8: d4:10:40:d4:9b:0c:e3:0f:b7:8c:12:7e:03:3b:ef: 69:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:D8:11:02:A5:7A:EC:6D:B1:34:6A:DD:D5:4F:D2:94:8F:C2:70:1B X509v3 Authority Key Identifier: keyid:1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:e1:e3:ab:a1:bc:fc:bb:c2:33:11:07:b2:5f:ac:5d:5b:44: 03:53:6f:8d:1b:1f:fe:c5:0b:9f:a5:e8:b2:bd:47:e5:56:f4: 6c:b1:0f:2a:1e:6c:19:ee:c4:68:57:78:0c:11:ee:75:0b:13: 9c:fa:e0:10:36:b0:ec:6e:0c:8a:2d:18:42:2c:ed:c2:5f:4b: 97:39:e9:f6:5a:d5:64:b0:09:34:35:79:06:ad:ba:65:4c:20: 35:27:1b:c6:18:2b:6f:9b:c8:f2:1c:8e:9d:02:a7:c2:84:7d: e7:9e:54:4a:66:3c:93:be:1b:af:58:78:49:39:54:aa:3e:68: 7d:b1:92:14:4a:53:c5:64:df:26:87:3e:0c:12:71:87:63:1c: f1:0f:d7:f3:4d:ca:ba:3c:d8:48:ae:dc:6c:b0:1d:e0:f2:4b: 12:81:1e:da:6a:3d:f9:55:a5:26:81:61:3e:8a:8a:92:3e:ec: 2e:ea:c7:3f:c8:7d:1e:99:e3:ae:98:23:3b:29:ac:bd:b3:83: 1a:ef:b8:7a:a7:0e:da:f8:18:3f:a8:f3:1d:cf:2a:a7:97:37: 69:37:a9:70:74:41:a2:66:ce:29:5a:5e:76:8c:49:d2:b5:4c: 51:29:21:15:b0:e1:21:22:1f:05:8e:4b:e4:a8:8c:ff:15:37: 68:93:f0:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0i6ij2so769hwCcu3/lMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMGMzOTFlZGQ1Y2JlZTFhMTRlMGFiM2Y5M2Q4MzRmYWU1 MTFlNGQwHhcNMjUxMjA2MDQwMTE0WhcNMjUxMjA3MDQwMTE0WjAzMTEwLwYDVQQD EyhlN2Q4MTEwMmE1N2FlYzZkYjEzNDZhZGRkNTRmZDI5NDhmYzI3MDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFsGrTnk3zNTKQKk9h2gz4Vc0xHP +sPHNB1AuLn+vDkg+ovDELGeJB3plzRqvXlTrNnigkiVDujB4HZ46OWuPttX/8FU 4pwEJqNEAhPPZd95LIjTXwBqa91qCp66LgYBMhO9mYT9Lm2NAEIPhyGk6hsF+peF J8FhhesN+vO5FFiDG9Voi7fozF1sk11SiE7SQwtbohIG/syut1AobedoKo03bTwu xhV+5G4flIJjZ8ld42U1KBJ4ooWtbxedS0mXb+5T6kiHClxjM5k1AKdRh6t3Ntf+ 6u6FOQxsoRZDxKMb8iPUzflXtZHzbEt3mqjUEEDUmwzjD7eMEn4DO+9p/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOfYEQKleuxtsTRq3dVP0pSPwnAbMB8GA1UdIwQY MBaAFB0MOR7dXL7hoU4Ks/k9g0+uUR5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQt MGY4OTllMGMyMGNkLzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQtMGY4OTllMGMyMGNk LzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfuHjq6G8 /LvCMxEHsl+sXVtEA1NvjRsf/sULn6Xosr1H5Vb0bLEPKh5sGe7EaFd4DBHudQsT nPrgEDaw7G4Mii0YQiztwl9Llznp9lrVZLAJNDV5Bq26ZUwgNScbxhgrb5vI8hyO nQKnwoR9555USmY8k74br1h4STlUqj5ofbGSFEpTxWTfJoc+DBJxh2Mc8Q/X803K ujzYSK7cbLAd4PJLEoEe2mo9+VWlJoFhPoqKkj7sLurHP8h9HpnjrpgjOymsvbOD Gu+4eqcO2vgYP6jzHc8qp5c3aTepcHRBombOKVpedoxJ0rVMUSkhFbDhISIfBY5L 5KiM/xU3aJPwqg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:57 2025 by rpki-client