This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.mft File: hPQw2a2cucQsS9ZpDp9YEqRXoC8.mft (raw, json) Hash identifier: HGqfdUfG0dXc6aKIPUYwxOV4bYYmAARVHW1oXX6O42Q= Subject key identifier: 3F:98:EF:FF:8B:A0:5F:0A:CE:BB:00:A3:C1:EC:E5:7F:81:BF:8B:A7 Authority key identifier: 84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F Certificate issuer: /CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f Certificate serial: 019AF19B216118023E4C2C81605E954AF227 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.mft Manifest number: 1215 Signing time: Sat 06 Dec 2025 03:01:06 +0000 Manifest this update: Sat 06 Dec 2025 03:01:06 +0000 Manifest next update: Sun 07 Dec 2025 03:01:06 +0000 Files and hashes: 1: 9IYJ3JT9uAsxxt2lyjGjJVqXG38.roa (hash: Fm2Q+Megk5GLVl9u0EHQZ20RgFMN11FSbY9n50k8CTU=) 2: hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl (hash: LVfOchXiwTjJ+8Wo3nMOXWEOAs2l/2qMjXNr0sMjWiU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.mft rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:21:61:18:02:3e:4c:2c:81:60:5e:95:4a:f2:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f Validity Not Before: Dec 6 03:01:06 2025 GMT Not After : Dec 7 03:01:06 2025 GMT Subject: CN=3f98efff8ba05f0acebb00a3c1ece57f81bf8ba7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:56:51:f9:bf:d9:32:53:d1:a4:77:7c:7a:49: f1:d8:bb:01:52:0e:d3:60:3c:da:f4:78:10:45:c2: a7:c6:cb:82:62:0b:74:59:0a:c4:a6:20:aa:d5:5c: df:04:82:7c:8f:a2:07:2b:d8:89:df:d1:c4:e6:9c: 11:ac:98:83:62:bf:7a:c9:8f:48:70:e7:f2:7e:c2: e9:f9:fe:fb:f3:ba:7d:78:d9:ba:7c:a9:18:f2:e3: 02:e0:26:94:1a:e3:19:13:59:c0:8a:a4:1d:5c:2b: 1e:c0:55:b0:6d:1d:1d:84:07:c1:7a:5e:b3:31:29: 9f:98:37:5e:cd:11:31:c6:cd:12:1a:02:1a:70:62: 96:ed:c0:27:37:da:1a:ed:62:91:c4:57:b2:7b:b4: b1:af:e0:7f:21:5c:ba:17:22:5f:fc:1f:cc:b7:b0: cd:3b:9e:21:3d:28:d3:ca:6b:32:b4:69:3b:7a:74: de:33:06:b6:8f:cc:3e:6f:96:7e:26:ba:b9:3d:65: 95:c1:1d:da:8f:8c:ca:ac:e7:2b:18:07:7b:82:5c: 80:92:ab:86:e0:c1:7f:eb:55:58:10:e0:31:4a:cd: 34:e6:ae:91:cc:0f:98:9b:a0:e8:92:40:13:e5:54: a8:83:78:e0:24:c8:96:5f:68:55:27:f0:2d:74:65: 50:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:98:EF:FF:8B:A0:5F:0A:CE:BB:00:A3:C1:EC:E5:7F:81:BF:8B:A7 X509v3 Authority Key Identifier: keyid:84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:6d:e3:7f:0a:21:d6:81:e3:52:dd:97:7a:f2:86:dc:08:62: 31:50:0b:1c:1b:7c:e1:63:ea:a8:6f:a0:bc:2d:e3:24:44:bb: 38:19:e4:02:e7:a7:ff:21:9a:8d:d3:e8:e0:e5:f9:ed:53:17: 5a:a2:14:8d:e6:c6:7b:8f:cc:67:c6:d5:71:d9:4b:58:b4:74: 66:ab:7b:fc:e3:a3:eb:25:ee:a6:05:ab:b2:a0:f2:a5:f3:a7: df:e0:f8:62:a7:4f:d4:18:03:97:2e:e2:07:db:a6:fd:b8:06: 2c:97:95:76:27:08:58:be:ba:3d:ee:fd:34:f9:16:40:91:d0: 5f:78:86:f3:71:ee:fd:e5:09:39:d6:cc:75:d8:61:c4:38:bc: e0:0c:9b:8d:84:e1:91:a9:69:3a:30:fb:6e:da:23:fb:87:d9: 54:a2:df:0a:e9:04:f5:f3:c2:f1:2b:17:83:de:48:3c:3f:4f: 5d:4f:53:18:bc:04:ca:d3:af:fa:ba:4a:17:91:44:15:15:52: b7:63:33:15:b5:86:78:ef:af:76:30:31:f8:f7:92:24:3b:11: 01:cf:e0:55:f2:c5:3a:93:00:44:c2:42:5e:2c:b1:f0:e3:3a: 86:88:53:fe:01:f6:b5:68:f7:5d:12:c6:de:97:bc:07:f8:7f: 9a:5f:fd:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmyFhGAI+TCyBYF6VSvInMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0ZjQzMGQ5YWQ5Y2I5YzQyYzRiZDY2OTBlOWY1ODEyYTQ1 N2EwMmYwHhcNMjUxMjA2MDMwMTA2WhcNMjUxMjA3MDMwMTA2WjAzMTEwLwYDVQQD EygzZjk4ZWZmZjhiYTA1ZjBhY2ViYjAwYTNjMWVjZTU3ZjgxYmY4YmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1ZR+b/ZMlPRpHd8eknx2LsBUg7T YDza9HgQRcKnxsuCYgt0WQrEpiCq1VzfBIJ8j6IHK9iJ39HE5pwRrJiDYr96yY9I cOfyfsLp+f7787p9eNm6fKkY8uMC4CaUGuMZE1nAiqQdXCsewFWwbR0dhAfBel6z MSmfmDdezRExxs0SGgIacGKW7cAnN9oa7WKRxFeye7Sxr+B/IVy6FyJf/B/Mt7DN O54hPSjTymsytGk7enTeMwa2j8w+b5Z+Jrq5PWWVwR3aj4zKrOcrGAd7glyAkquG 4MF/61VYEOAxSs005q6RzA+Ym6DokkAT5VSog3jgJMiWX2hVJ/AtdGVQoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD+Y7/+LoF8KzrsAo8Hs5X+Bv4unMB8GA1UdIwQY MBaAFIT0MNmtnLnELEvWaQ6fWBKkV6AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hYmQwMDQtYzY4Zi00OWIxLWEyYzQt YjkwNTZlYmJjNTc2LzEvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hYmQwMDQtYzY4Zi00OWIxLWEyYzQtYjkwNTZlYmJjNTc2 LzEvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXG3jfwoh 1oHjUt2XevKG3AhiMVALHBt84WPqqG+gvC3jJES7OBnkAuen/yGajdPo4OX57VMX WqIUjebGe4/MZ8bVcdlLWLR0Zqt7/OOj6yXupgWrsqDypfOn3+D4YqdP1BgDly7i B9um/bgGLJeVdicIWL66Pe79NPkWQJHQX3iG83Hu/eUJOdbMddhhxDi84AybjYTh kalpOjD7btoj+4fZVKLfCukE9fPC8SsXg95IPD9PXU9TGLwEytOv+rpKF5FEFRVS t2MzFbWGeO+vdjAx+PeSJDsRAc/gVfLFOpMARMJCXiyx8OM6hohT/gH2tWj3XRLG 3pe8B/h/ml/9Eg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:08:54 2025 by rpki-client