This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/30af46-27ed-4482-840e-65f856f1249e/1/hChNZ8mrr2-o_qYUKlslWMnLz3Q.mft File: hChNZ8mrr2-o_qYUKlslWMnLz3Q.mft (raw, json) Hash identifier: Ek18on1EqTumafeD8HeDs2oELtqy3xugJ3IU45K3vDA= Subject key identifier: 4D:5F:76:D9:56:4B:9D:E2:74:5A:CD:3A:E2:BB:99:9B:C5:63:FD:2E Authority key identifier: 84:28:4D:67:C9:AB:AF:6F:A8:FE:A6:14:2A:5B:25:58:C9:CB:CF:74 Certificate issuer: /CN=84284d67c9abaf6fa8fea6142a5b2558c9cbcf74 Certificate serial: 019AF12EAC0B9023CBFEA4EEAC47C6A8C0BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hChNZ8mrr2-o_qYUKlslWMnLz3Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/30af46-27ed-4482-840e-65f856f1249e/1/hChNZ8mrr2-o_qYUKlslWMnLz3Q.mft Manifest number: 119D Signing time: Sat 06 Dec 2025 01:02:38 +0000 Manifest this update: Sat 06 Dec 2025 01:02:38 +0000 Manifest next update: Sun 07 Dec 2025 01:02:38 +0000 Files and hashes: 1: hChNZ8mrr2-o_qYUKlslWMnLz3Q.crl (hash: eNI5t9FvgUZsjzQNjx/lXxxw3pIY5c0dTNA0Ncky+WA=) 2: lJmvvXMVP9NKaYHWsyd-BJftiCc.roa (hash: eBBiq38eKi7tQKUMPizst8SumCc0cZEMghR739L+M0A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/30af46-27ed-4482-840e-65f856f1249e/1/hChNZ8mrr2-o_qYUKlslWMnLz3Q.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/30af46-27ed-4482-840e-65f856f1249e/1/hChNZ8mrr2-o_qYUKlslWMnLz3Q.mft rsync://rpki.ripe.net/repository/DEFAULT/hChNZ8mrr2-o_qYUKlslWMnLz3Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:ac:0b:90:23:cb:fe:a4:ee:ac:47:c6:a8:c0:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84284d67c9abaf6fa8fea6142a5b2558c9cbcf74 Validity Not Before: Dec 6 01:02:38 2025 GMT Not After : Dec 7 01:02:38 2025 GMT Subject: CN=4d5f76d9564b9de2745acd3ae2bb999bc563fd2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:9a:c5:60:c5:ed:a4:32:8e:34:54:d2:05:12: ad:41:f4:15:93:72:43:3a:2c:28:3d:a2:f9:77:ca: ef:54:d4:a5:63:6f:40:1f:b9:61:e0:5f:e8:07:35: 73:8c:ef:f2:71:52:00:8e:e8:00:78:77:b5:71:87: 27:5c:05:56:5d:52:67:ce:f8:56:0b:e6:08:2c:5c: 04:b9:a8:f0:14:cd:f6:07:b7:1a:da:80:41:7f:5e: 4d:b6:c4:a5:91:9c:51:f9:d4:9d:b4:ad:a7:33:08: cf:90:56:ed:69:5b:9b:8d:60:bb:5f:7a:97:56:9f: a0:76:a3:32:ba:6f:3f:98:82:01:8a:31:85:ee:dd: 7c:da:10:4f:06:72:18:f6:b5:4c:5d:66:aa:3c:c8: 11:fe:6f:bf:ec:20:27:f2:15:20:9d:f2:8d:70:92: e9:4f:42:7c:5b:02:19:5c:65:ab:90:71:84:52:dd: 2d:0d:08:5f:80:ae:d4:63:88:fc:4c:26:86:da:c9: 58:b6:5f:f5:13:ba:97:9a:86:d9:8d:2d:57:e3:73: 59:92:a4:26:99:f5:ce:7a:51:49:02:55:de:bf:71: e1:6f:47:2d:02:d8:8a:1e:61:24:bc:82:3d:04:97: 9b:99:ca:b9:fb:68:24:1e:08:93:07:39:28:db:da: dd:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:5F:76:D9:56:4B:9D:E2:74:5A:CD:3A:E2:BB:99:9B:C5:63:FD:2E X509v3 Authority Key Identifier: keyid:84:28:4D:67:C9:AB:AF:6F:A8:FE:A6:14:2A:5B:25:58:C9:CB:CF:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hChNZ8mrr2-o_qYUKlslWMnLz3Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/30af46-27ed-4482-840e-65f856f1249e/1/hChNZ8mrr2-o_qYUKlslWMnLz3Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/30af46-27ed-4482-840e-65f856f1249e/1/hChNZ8mrr2-o_qYUKlslWMnLz3Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:fb:6d:53:64:45:bf:25:b3:07:12:b7:60:04:15:26:e3:b3: 7a:0d:bd:2a:37:0b:a7:c0:f1:4d:93:88:fa:ce:3a:8b:33:43: 42:8a:c4:f1:24:f7:de:f3:f0:d2:66:ea:fb:d2:b2:5e:ba:28: 09:b4:ad:43:15:41:bb:85:58:c1:7e:8b:89:56:c0:d9:4f:12: 60:6f:4c:18:1d:b1:7d:43:21:53:69:12:93:2f:c6:73:f6:35: 2c:c6:1c:50:b3:0a:87:3c:d9:54:8a:db:9d:77:e4:70:0a:0c: 44:e8:4b:0e:09:58:d7:e0:64:e5:a0:64:13:66:a1:07:73:90: ec:a5:81:84:4b:ce:2b:47:a2:84:91:f3:90:40:a1:74:e3:1d: a6:70:e7:d6:5b:fa:c5:f4:28:2a:84:45:06:d6:d8:23:41:1c: d0:8d:fe:58:b8:80:5f:c7:49:86:fe:03:12:e4:b6:56:b9:9f: d5:df:13:38:cf:ee:4f:1f:d3:4a:b9:73:0d:79:53:17:ba:9f: e7:4c:19:8f:7c:e5:d8:ae:2b:8e:09:e3:48:04:1e:2f:b6:5b: 55:f1:d0:69:20:4f:3f:f7:f7:88:38:89:b3:00:b5:04:f0:65: 6b:0b:bf:fb:d0:4d:2a:42:86:82:d3:88:43:88:17:4e:69:c6: 01:24:1d:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqwLkCPL/qTurEfGqMC8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0Mjg0ZDY3YzlhYmFmNmZhOGZlYTYxNDJhNWIyNTU4Yzlj YmNmNzQwHhcNMjUxMjA2MDEwMjM4WhcNMjUxMjA3MDEwMjM4WjAzMTEwLwYDVQQD Eyg0ZDVmNzZkOTU2NGI5ZGUyNzQ1YWNkM2FlMmJiOTk5YmM1NjNmZDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZrFYMXtpDKONFTSBRKtQfQVk3JD OiwoPaL5d8rvVNSlY29AH7lh4F/oBzVzjO/ycVIAjugAeHe1cYcnXAVWXVJnzvhW C+YILFwEuajwFM32B7ca2oBBf15NtsSlkZxR+dSdtK2nMwjPkFbtaVubjWC7X3qX Vp+gdqMyum8/mIIBijGF7t182hBPBnIY9rVMXWaqPMgR/m+/7CAn8hUgnfKNcJLp T0J8WwIZXGWrkHGEUt0tDQhfgK7UY4j8TCaG2slYtl/1E7qXmobZjS1X43NZkqQm mfXOelFJAlXev3Hhb0ctAtiKHmEkvII9BJebmcq5+2gkHgiTBzko29rdKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1fdtlWS53idFrNOuK7mZvFY/0uMB8GA1UdIwQY MBaAFIQoTWfJq69vqP6mFCpbJVjJy890MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaENoTlo4bXJyMi1vX3FZVUtsc2xXTW5MejNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zMGFmNDYtMjdlZC00NDgyLTg0MGUt NjVmODU2ZjEyNDllLzEvaENoTlo4bXJyMi1vX3FZVUtsc2xXTW5MejNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8zMGFmNDYtMjdlZC00NDgyLTg0MGUtNjVmODU2ZjEyNDll LzEvaENoTlo4bXJyMi1vX3FZVUtsc2xXTW5MejNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/ttU2RF vyWzBxK3YAQVJuOzeg29KjcLp8DxTZOI+s46izNDQorE8ST33vPw0mbq+9KyXroo CbStQxVBu4VYwX6LiVbA2U8SYG9MGB2xfUMhU2kSky/Gc/Y1LMYcULMKhzzZVIrb nXfkcAoMROhLDglY1+Bk5aBkE2ahB3OQ7KWBhEvOK0eihJHzkEChdOMdpnDn1lv6 xfQoKoRFBtbYI0Ec0I3+WLiAX8dJhv4DEuS2Vrmf1d8TOM/uTx/TSrlzDXlTF7qf 50wZj3zl2K4rjgnjSAQeL7ZbVfHQaSBPP/f3iDiJswC1BPBlawu/+9BNKkKGgtOI Q4gXTmnGASQd9g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:16:06 2025 by rpki-client