This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft File: HpICrmewRlNH1t35D2Ri-ubk5kM.mft (raw, json) Hash identifier: FdmQhzB5e5Ea8T+vgbyNH0gC3TmdIUJ+0mIav1Y00FI= Subject key identifier: 63:6E:13:72:0E:EE:E2:57:D3:2F:E1:B2:42:E6:10:58:AE:BC:46:C7 Authority key identifier: 1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43 Certificate issuer: /CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643 Certificate serial: 019AF2097B95566DD5EFB76E3DD5F7B7A74F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft Manifest number: 0C0B Signing time: Sat 06 Dec 2025 05:01:38 +0000 Manifest this update: Sat 06 Dec 2025 05:01:38 +0000 Manifest next update: Sun 07 Dec 2025 05:01:38 +0000 Files and hashes: 1: HpICrmewRlNH1t35D2Ri-ubk5kM.crl (hash: JXnF46KgYmYziftSIJ2/UtztU4ISc3yfXzQUW9GxJu4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:7b:95:56:6d:d5:ef:b7:6e:3d:d5:f7:b7:a7:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e9202ae67b0465347d6ddf90f6462fae6e4e643 Validity Not Before: Dec 6 05:01:38 2025 GMT Not After : Dec 7 05:01:38 2025 GMT Subject: CN=636e13720eeee257d32fe1b242e61058aebc46c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0f:69:b6:70:aa:04:90:23:90:50:99:5c:35: cf:33:e8:8f:6b:b7:c8:8f:da:da:43:06:70:a7:9d: 4b:e0:de:69:2c:20:e1:26:6b:f0:ab:b0:81:3a:be: 65:e2:87:21:78:a1:b1:f8:96:34:82:17:74:d7:3c: 0a:ce:57:4c:5a:3b:2a:f8:d4:e1:03:95:e9:a1:34: 2a:56:2a:64:85:e1:3d:4f:7d:50:1b:54:bb:9d:74: 7c:a8:26:b9:12:cd:9a:51:9a:db:9d:4b:9e:e4:9f: aa:5f:47:0d:22:a7:3c:d6:63:3c:57:d3:49:ae:b3: 3e:1a:1d:4f:3e:7a:c9:a9:0c:15:a8:9e:de:1c:23: 77:cf:f9:24:b7:22:d2:b8:ee:d0:6b:cc:2c:5a:4f: ca:fc:9f:58:13:5e:9d:e7:d4:10:4d:d5:27:ee:c1: a7:1a:d7:ca:e5:1e:11:4d:d7:29:96:cf:76:81:40: 93:a2:92:55:bc:55:18:14:9a:31:53:a8:b5:06:6b: 61:d2:2e:33:83:52:07:75:24:0c:8f:8c:01:f1:6f: df:29:8a:15:c1:a6:49:77:41:16:90:db:40:55:7a: d8:2e:99:ca:b0:0f:dd:3c:de:c3:11:13:1c:4d:81: 30:9e:f1:50:e4:5c:6d:58:38:72:bc:23:e8:5c:b9: b5:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:6E:13:72:0E:EE:E2:57:D3:2F:E1:B2:42:E6:10:58:AE:BC:46:C7 X509v3 Authority Key Identifier: keyid:1E:92:02:AE:67:B0:46:53:47:D6:DD:F9:0F:64:62:FA:E6:E4:E6:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpICrmewRlNH1t35D2Ri-ubk5kM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5efdd5-0ccc-425f-9301-540a348dd223/1/HpICrmewRlNH1t35D2Ri-ubk5kM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:a0:48:de:d1:99:0d:b1:0b:21:65:21:5e:0e:7a:dc:ed:a6: 13:3b:7b:17:59:87:69:ce:b6:72:93:31:03:82:bd:34:11:15: c3:1d:da:d4:5a:eb:63:67:64:b7:cf:85:47:a4:8e:88:72:10: f5:26:42:15:42:ef:cf:fe:f5:a5:a3:e1:1e:d7:e4:0a:66:b5: 54:5c:28:17:c4:0f:bd:21:c2:15:ac:9c:a4:fb:f1:c2:84:15: db:6f:87:9b:35:37:d4:62:04:e3:94:4f:be:3c:7c:01:a5:2c: e2:d8:e5:56:bf:44:00:f6:e0:bd:0f:d5:64:b2:49:3b:5a:75: 76:3e:65:04:53:58:81:6a:4e:09:bd:bd:3f:0a:d8:62:d5:b8: 4c:78:e4:0e:99:46:b5:44:65:dd:f6:73:fc:e9:c2:fb:54:71: 8c:2e:9d:b3:7b:52:f4:b2:ed:e6:7c:be:be:52:0f:4a:11:c6: 01:d5:2e:d7:72:b2:5c:b5:59:b5:78:eb:ac:d3:97:63:dc:39: 02:93:9a:e3:2e:f8:82:dd:25:58:e2:de:96:33:11:dc:8c:65: bc:fa:da:ed:85:fd:ed:6d:8b:2b:11:49:58:b3:79:50:a6:48: 35:c0:42:3a:a5:80:d5:d7:b0:1f:15:0a:5f:ad:a1:d7:49:5a: 86:6d:f9:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCXuVVm3V77duPdX3t6dPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlOTIwMmFlNjdiMDQ2NTM0N2Q2ZGRmOTBmNjQ2MmZhZTZl NGU2NDMwHhcNMjUxMjA2MDUwMTM4WhcNMjUxMjA3MDUwMTM4WjAzMTEwLwYDVQQD Eyg2MzZlMTM3MjBlZWVlMjU3ZDMyZmUxYjI0MmU2MTA1OGFlYmM0NmM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg9ptnCqBJAjkFCZXDXPM+iPa7fI j9raQwZwp51L4N5pLCDhJmvwq7CBOr5l4ocheKGx+JY0ghd01zwKzldMWjsq+NTh A5XpoTQqVipkheE9T31QG1S7nXR8qCa5Es2aUZrbnUue5J+qX0cNIqc81mM8V9NJ rrM+Gh1PPnrJqQwVqJ7eHCN3z/kktyLSuO7Qa8wsWk/K/J9YE16d59QQTdUn7sGn GtfK5R4RTdcpls92gUCTopJVvFUYFJoxU6i1Bmth0i4zg1IHdSQMj4wB8W/fKYoV waZJd0EWkNtAVXrYLpnKsA/dPN7DERMcTYEwnvFQ5FxtWDhyvCPoXLm1RQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGNuE3IO7uJX0y/hskLmEFiuvEbHMB8GA1UdIwQY MBaAFB6SAq5nsEZTR9bd+Q9kYvrm5OZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEt NTQwYTM0OGRkMjIzLzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS81ZWZkZDUtMGNjYy00MjVmLTkzMDEtNTQwYTM0OGRkMjIz LzEvSHBJQ3JtZXdSbE5IMXQzNUQyUmktdWJrNWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKBI3tGZ DbELIWUhXg563O2mEzt7F1mHac62cpMxA4K9NBEVwx3a1FrrY2dkt8+FR6SOiHIQ 9SZCFULvz/71paPhHtfkCma1VFwoF8QPvSHCFaycpPvxwoQV22+HmzU31GIE45RP vjx8AaUs4tjlVr9EAPbgvQ/VZLJJO1p1dj5lBFNYgWpOCb29PwrYYtW4THjkDplG tURl3fZz/OnC+1RxjC6ds3tS9LLt5ny+vlIPShHGAdUu13KyXLVZtXjrrNOXY9w5 ApOa4y74gt0lWOLeljMR3IxlvPra7YX97W2LKxFJWLN5UKZINcBCOqWA1dewHxUK X62h10lahm35/A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:16 2025 by rpki-client