This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft File: hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json) Hash identifier: 0jJnEKq0XOmvq5t2wcsFqvlMP1eSDwBkkrqqMeJlLUk= Subject key identifier: 8C:A7:61:7D:17:49:E9:0A:09:EC:54:AD:D4:60:EF:FA:FA:CE:FF:37 Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 Certificate issuer: /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Certificate serial: 019AF19B089CC29B9CB9B2B47E805DF4D513 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft Manifest number: 0B08 Signing time: Sat 06 Dec 2025 03:01:00 +0000 Manifest this update: Sat 06 Dec 2025 03:01:00 +0000 Manifest next update: Sun 07 Dec 2025 03:01:00 +0000 Files and hashes: 1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: jGp+w/tlU127+heZxeb1z72jH0AiUKHilWCN7t+stNM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:08:9c:c2:9b:9c:b9:b2:b4:7e:80:5d:f4:d5:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Validity Not Before: Dec 6 03:01:00 2025 GMT Not After : Dec 7 03:01:00 2025 GMT Subject: CN=8ca7617d1749e90a09ec54add460effafaceff37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c4:19:fe:c1:55:91:02:2b:84:94:b1:90:c7: 2d:3e:83:5f:1e:9b:02:68:28:88:34:95:cc:8b:27: 19:80:2c:27:d4:5c:e6:55:df:22:6f:5a:be:b9:78: 4c:08:fd:55:b7:fc:e0:c3:a8:8f:7d:c8:88:93:3e: 48:6b:b4:26:bf:aa:37:83:02:19:f4:f0:14:69:e8: b6:c5:03:21:08:8a:65:01:ec:6f:c1:3c:13:cf:f8: a9:72:15:87:da:67:b2:83:04:84:82:b7:44:a5:51: 2e:02:6a:0d:7d:76:1b:89:9e:84:83:97:f4:09:50: 1a:68:6a:79:a4:b0:88:7f:9c:29:36:ae:f8:97:b6: 78:a3:fa:9c:e5:27:66:0f:9c:a4:04:f1:c3:9a:09: 04:17:c1:66:ae:5e:1c:3f:31:09:89:ee:c5:15:99: 6c:50:70:b1:24:6b:4e:71:01:5d:85:32:0a:0a:ad: d2:0d:68:da:af:f1:d5:cf:8c:d8:04:ea:0e:e6:cc: 78:10:6b:5e:c8:40:62:94:cf:a8:c8:82:7a:58:b2: c8:fe:1c:5a:4e:c9:2f:ea:c7:2f:12:36:cc:c5:49: 8d:37:7f:f4:73:08:ef:a7:6b:a1:f9:d8:25:85:93: ca:57:3f:c1:db:df:d8:3c:4e:2e:40:bf:cd:59:cf: 2b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:A7:61:7D:17:49:E9:0A:09:EC:54:AD:D4:60:EF:FA:FA:CE:FF:37 X509v3 Authority Key Identifier: keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:b7:49:a3:0a:1f:e0:28:89:46:82:72:57:cb:21:79:0c:18: 82:80:ac:17:71:85:eb:98:2c:00:3f:83:80:80:57:40:3b:42: 92:61:20:4e:09:c0:0d:62:06:8c:9d:38:02:02:f5:41:51:d2: 98:4b:e7:7c:7c:ff:0a:45:93:7d:fa:fc:b2:6f:4e:7e:c2:fa: 48:9e:70:e1:af:32:3a:ae:26:bc:ad:2c:a7:31:8b:15:a7:77: 47:4a:b5:cf:f4:ad:7a:e9:71:d1:2a:c5:fc:07:ee:47:bd:09: a5:f5:b3:e5:ec:3e:be:53:1a:50:f2:a6:77:d6:44:77:3a:98: c9:8b:7b:a7:1a:b2:66:2a:9d:84:31:3f:42:85:56:19:41:21: fb:9c:75:9a:ed:ff:a7:be:6f:6f:ae:b5:e0:10:12:e9:eb:6e: 3c:7a:3f:72:e0:74:1c:0e:4e:cb:fd:98:5a:95:13:6a:3f:d0: dd:89:18:da:38:e0:4d:e6:2d:ba:a4:7a:a7:41:a9:35:dc:df: 19:68:f5:a4:a8:97:0a:ef:51:b5:cc:ed:e6:50:3b:f7:8d:7e: 46:1a:97:cc:b3:44:a7:a4:00:1c:51:92:a9:3e:e4:2f:52:f7: b2:84:2f:a8:3d:ca:19:e2:f3:04:74:2d:8a:62:f7:c0:60:4a: a4:9c:7d:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmwicwpucubK0foBd9NUTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx YmZlMzMwHhcNMjUxMjA2MDMwMTAwWhcNMjUxMjA3MDMwMTAwWjAzMTEwLwYDVQQD Eyg4Y2E3NjE3ZDE3NDllOTBhMDllYzU0YWRkNDYwZWZmYWZhY2VmZjM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsQZ/sFVkQIrhJSxkMctPoNfHpsC aCiINJXMiycZgCwn1FzmVd8ib1q+uXhMCP1Vt/zgw6iPfciIkz5Ia7Qmv6o3gwIZ 9PAUaei2xQMhCIplAexvwTwTz/ipchWH2meygwSEgrdEpVEuAmoNfXYbiZ6Eg5f0 CVAaaGp5pLCIf5wpNq74l7Z4o/qc5SdmD5ykBPHDmgkEF8Fmrl4cPzEJie7FFZls UHCxJGtOcQFdhTIKCq3SDWjar/HVz4zYBOoO5sx4EGteyEBilM+oyIJ6WLLI/hxa Tskv6scvEjbMxUmNN3/0cwjvp2uh+dglhZPKVz/B29/YPE4uQL/NWc8rvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIynYX0XSekKCexUrdRg7/r6zv83MB8GA1UdIwQY MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAprdJowof 4CiJRoJyV8sheQwYgoCsF3GF65gsAD+DgIBXQDtCkmEgTgnADWIGjJ04AgL1QVHS mEvnfHz/CkWTffr8sm9OfsL6SJ5w4a8yOq4mvK0spzGLFad3R0q1z/Steulx0SrF /AfuR70JpfWz5ew+vlMaUPKmd9ZEdzqYyYt7pxqyZiqdhDE/QoVWGUEh+5x1mu3/ p75vb6614BAS6etuPHo/cuB0HA5Oy/2YWpUTaj/Q3YkY2jjgTeYtuqR6p0GpNdzf GWj1pKiXCu9Rtczt5lA7941+RhqXzLNEp6QAHFGSqT7kL1L3soQvqD3KGeLzBHQt imL3wGBKpJx93g== -----END CERTIFICATE-----Generated at Sat Dec 6 09:02:40 2025 by rpki-client