This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft File: hfR7ZaUlMyab0hmBOlIDr92eXb4.mft (raw, json) Hash identifier: gbyvrE5VIlMHSEYk41X/YC3j8SQeCinjezOm1SsTZtY= Subject key identifier: 82:4E:32:AE:19:63:57:2A:38:08:29:B1:CF:E3:AA:87:B3:7D:78:A9 Authority key identifier: 85:F4:7B:65:A5:25:33:26:9B:D2:19:81:3A:52:03:AF:DD:9E:5D:BE Certificate issuer: /CN=85f47b65a52533269bd219813a5203afdd9e5dbe Certificate serial: 019AF19B5CCAD054C3C21072BB9D4C5ADF86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfR7ZaUlMyab0hmBOlIDr92eXb4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft Manifest number: 1353 Signing time: Sat 06 Dec 2025 03:01:22 +0000 Manifest this update: Sat 06 Dec 2025 03:01:22 +0000 Manifest next update: Sun 07 Dec 2025 03:01:22 +0000 Files and hashes: 1: hfR7ZaUlMyab0hmBOlIDr92eXb4.crl (hash: v5H8zYZ40wLCp2I5N9rv5RyOS956WFH6CkPlOnWQ9g8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft rsync://rpki.ripe.net/repository/DEFAULT/hfR7ZaUlMyab0hmBOlIDr92eXb4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:5c:ca:d0:54:c3:c2:10:72:bb:9d:4c:5a:df:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85f47b65a52533269bd219813a5203afdd9e5dbe Validity Not Before: Dec 6 03:01:22 2025 GMT Not After : Dec 7 03:01:22 2025 GMT Subject: CN=824e32ae1963572a380829b1cfe3aa87b37d78a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:43:b0:b1:ff:61:d1:ab:8c:a7:6b:4b:b7:4f: b4:e3:82:6b:6c:cc:b6:d6:e6:aa:0b:3c:d4:49:db: b3:53:42:4f:32:22:d6:fa:94:bc:02:11:d1:8e:68: 88:0f:6a:99:75:10:5d:a2:87:fe:59:7b:e0:ba:7e: 24:88:c5:6a:6d:85:e2:fc:03:fc:8e:b3:58:82:d7: 5f:66:58:29:21:d8:f1:60:6d:1f:d6:f1:b8:90:71: 7f:61:b3:17:5f:3d:15:78:52:d6:4d:22:51:b8:a4: 0c:65:94:eb:b7:c0:68:6b:47:57:84:52:73:4a:dc: 92:2a:bf:56:56:25:16:4c:cb:69:1f:53:12:ba:a4: 17:a8:cf:f0:81:a3:2d:fa:64:59:7c:d9:85:28:cf: f5:2b:4f:22:11:d7:85:33:e7:b5:03:ac:34:e8:52: 57:57:40:41:a1:27:de:d3:84:d6:6a:e9:12:ac:6b: 7c:be:ac:cb:e4:4f:07:77:ab:f6:92:3a:4b:a7:b9: 8f:54:bb:8f:8c:0f:dc:95:6e:b1:20:5b:13:b9:63: d7:bd:7e:db:84:d7:7e:e2:41:e3:ad:a6:36:60:31: 06:c6:4f:f2:7f:58:74:b8:c3:2f:b1:00:67:20:a1: d6:23:e0:7b:20:d8:2e:58:e7:0f:06:f7:e6:b7:41: d5:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:4E:32:AE:19:63:57:2A:38:08:29:B1:CF:E3:AA:87:B3:7D:78:A9 X509v3 Authority Key Identifier: keyid:85:F4:7B:65:A5:25:33:26:9B:D2:19:81:3A:52:03:AF:DD:9E:5D:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfR7ZaUlMyab0hmBOlIDr92eXb4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/633ff4-46e8-4204-b636-2413782c7166/1/hfR7ZaUlMyab0hmBOlIDr92eXb4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:9f:f6:83:87:98:fc:83:49:c3:e0:50:55:47:78:ce:c2:d9: 04:f0:4d:a0:da:6f:bc:57:9c:d7:e1:8b:37:f8:5c:58:ff:34: b8:d8:8b:19:19:5e:fe:95:66:d8:d9:f9:6b:09:90:45:6e:20: cd:1b:93:ec:82:2f:2b:bb:32:db:44:1d:54:40:1a:bc:17:fb: 1a:29:fd:cf:d1:6a:ba:fe:9d:19:dd:46:e0:a5:67:c3:16:9a: 96:da:6c:a9:45:68:5b:57:49:21:c3:15:d4:3a:8a:ad:25:85: 4c:ba:b3:51:68:22:bb:4b:47:a6:2f:63:47:e0:d7:9b:1d:d2: 45:d1:5b:17:e0:ef:c8:7b:03:71:51:48:33:a1:1f:3b:66:67: 89:a5:a5:eb:54:7d:4f:90:17:4c:6b:bf:53:7c:77:83:09:c2: ef:f9:98:58:77:07:de:c1:6e:ab:19:d2:bf:9d:b5:b1:ad:53: ec:5a:a4:7c:15:e9:bb:70:e1:16:8f:06:1b:82:14:de:f8:f4: b5:8b:69:6f:95:ef:8f:21:9e:47:92:b7:a5:5d:25:c4:4d:f2: c8:b0:b4:b9:41:d4:90:27:6e:64:e0:e8:62:24:58:f5:cc:04: 07:c7:be:ee:3d:8d:1c:0f:da:9c:92:2b:9d:84:63:78:c2:cf: ef:08:1f:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm1zK0FTDwhByu51MWt+GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZjQ3YjY1YTUyNTMzMjY5YmQyMTk4MTNhNTIwM2FmZGQ5 ZTVkYmUwHhcNMjUxMjA2MDMwMTIyWhcNMjUxMjA3MDMwMTIyWjAzMTEwLwYDVQQD Eyg4MjRlMzJhZTE5NjM1NzJhMzgwODI5YjFjZmUzYWE4N2IzN2Q3OGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40Owsf9h0auMp2tLt0+044JrbMy2 1uaqCzzUSduzU0JPMiLW+pS8AhHRjmiID2qZdRBdoof+WXvgun4kiMVqbYXi/AP8 jrNYgtdfZlgpIdjxYG0f1vG4kHF/YbMXXz0VeFLWTSJRuKQMZZTrt8Boa0dXhFJz StySKr9WViUWTMtpH1MSuqQXqM/wgaMt+mRZfNmFKM/1K08iEdeFM+e1A6w06FJX V0BBoSfe04TWaukSrGt8vqzL5E8Hd6v2kjpLp7mPVLuPjA/clW6xIFsTuWPXvX7b hNd+4kHjraY2YDEGxk/yf1h0uMMvsQBnIKHWI+B7INguWOcPBvfmt0HVeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIJOMq4ZY1cqOAgpsc/jqoezfXipMB8GA1UdIwQY MBaAFIX0e2WlJTMmm9IZgTpSA6/dnl2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZSN1phVWxNeWFiMGhtQk9sSURyOTJlWGI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy82MzNmZjQtNDZlOC00MjA0LWI2MzYt MjQxMzc4MmM3MTY2LzEvaGZSN1phVWxNeWFiMGhtQk9sSURyOTJlWGI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy82MzNmZjQtNDZlOC00MjA0LWI2MzYtMjQxMzc4MmM3MTY2 LzEvaGZSN1phVWxNeWFiMGhtQk9sSURyOTJlWGI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIp/2g4eY /INJw+BQVUd4zsLZBPBNoNpvvFec1+GLN/hcWP80uNiLGRle/pVm2Nn5awmQRW4g zRuT7IIvK7sy20QdVEAavBf7Gin9z9Fquv6dGd1G4KVnwxaaltpsqUVoW1dJIcMV 1DqKrSWFTLqzUWgiu0tHpi9jR+DXmx3SRdFbF+DvyHsDcVFIM6EfO2ZniaWl61R9 T5AXTGu/U3x3gwnC7/mYWHcH3sFuqxnSv521sa1T7FqkfBXpu3DhFo8GG4IU3vj0 tYtpb5XvjyGeR5K3pV0lxE3yyLC0uUHUkCduZODoYiRY9cwEB8e+7j2NHA/anJIr nYRjeMLP7wgfXA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:37:57 2025 by rpki-client