This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft File: hheg4tbmBy6I03dN18z78HochjI.mft (raw, json) Hash identifier: nmZYwlNdV0ZJ47iUCqCkaLP+bPWxLlW4k6RAZYgmukg= Subject key identifier: B4:D0:F0:8F:FA:A3:01:08:70:CB:27:33:4E:47:EB:88:6F:8A:80:15 Authority key identifier: 86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32 Certificate issuer: /CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632 Certificate serial: 019AF464AE06B2AD60CD58DCE0F77BBB3972 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft Manifest number: 1354 Signing time: Sat 06 Dec 2025 16:00:30 +0000 Manifest this update: Sat 06 Dec 2025 16:00:30 +0000 Manifest next update: Sun 07 Dec 2025 16:00:30 +0000 Files and hashes: 1: hheg4tbmBy6I03dN18z78HochjI.crl (hash: mHPZ7KPlqW0sz7O27ENKC9o6R4UAkQH3ACGJmj2sPdo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:ae:06:b2:ad:60:cd:58:dc:e0:f7:7b:bb:39:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8617a0e2d6e6072e88d3774dd7ccfbf07a1c8632 Validity Not Before: Dec 6 16:00:30 2025 GMT Not After : Dec 7 16:00:30 2025 GMT Subject: CN=b4d0f08ffaa3010870cb27334e47eb886f8a8015 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:79:00:82:31:2b:1c:9d:ce:9a:1e:1a:c7:87: 04:a4:c7:38:04:47:65:97:eb:2d:b8:a4:e9:67:e4: 35:cd:a1:8a:8e:60:a9:2b:a6:c1:31:73:0e:4a:1a: e8:51:a8:2e:1d:9e:eb:40:fa:68:6b:ff:63:68:57: a3:c6:d0:88:99:fd:3d:8b:55:83:aa:fd:c2:7f:87: 82:10:70:7b:8a:1a:27:51:6a:4c:f5:30:47:66:66: 91:19:22:50:86:70:5d:26:ac:49:47:2c:b6:20:fe: d0:a9:30:70:90:d5:40:8e:b0:d9:ba:d9:64:12:fc: d1:14:3d:38:c3:d5:9f:f2:a3:8f:30:e1:dc:e9:64: 57:e8:ab:c9:6a:1a:c1:4b:e0:1f:b9:fd:c9:47:88: 12:12:d1:b7:82:cc:a2:ff:82:9a:3d:55:9b:52:4c: e5:c3:50:e3:e8:f9:84:9e:39:0c:f2:1d:5e:4c:6f: a6:6c:cb:8b:10:6b:fd:06:87:08:ef:ed:8c:5d:97: 6d:9b:b1:61:46:5b:b0:e6:50:4a:a9:49:a6:6f:f7: 95:a2:f9:de:d6:e2:fe:25:76:e7:25:22:35:65:65: da:32:41:76:e1:b4:9e:a1:18:8d:6f:2c:c9:77:3c: ce:64:ea:8c:6d:26:3d:81:b8:df:ea:c9:fb:4f:0d: cf:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:D0:F0:8F:FA:A3:01:08:70:CB:27:33:4E:47:EB:88:6F:8A:80:15 X509v3 Authority Key Identifier: keyid:86:17:A0:E2:D6:E6:07:2E:88:D3:77:4D:D7:CC:FB:F0:7A:1C:86:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hheg4tbmBy6I03dN18z78HochjI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2d18af-5892-407f-b968-ebdc32a6ab27/1/hheg4tbmBy6I03dN18z78HochjI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:c0:ce:8d:63:2c:58:5e:c4:56:e3:64:c0:e3:b3:62:87:9d: b6:f6:7c:d5:bc:ed:9f:5d:4d:4f:6d:70:0d:29:ef:1d:40:92: 21:75:2d:f4:41:d5:ae:42:2e:a8:b9:50:ca:58:52:fd:6f:01: a8:3a:2d:6f:6c:49:79:28:b0:9c:1b:79:ba:5b:74:2a:d9:b0: 90:dd:91:27:31:df:a5:f1:71:3a:01:5a:f7:e4:23:15:22:a9: 33:8d:15:3c:fe:c2:06:a1:80:5d:90:fc:f8:c6:15:f1:40:9f: 24:e7:dd:f5:0f:72:c5:f0:38:47:b6:b5:a0:bb:1d:a0:ed:b2: e4:98:8f:1c:a2:1e:60:ca:0f:59:b4:b1:13:bb:dc:c1:d3:0f: 83:02:bb:4e:e5:66:f6:a2:ed:8c:15:39:a8:90:26:3c:43:a5: 2c:fb:5e:0f:5e:a3:73:36:de:79:c7:7c:18:32:78:78:b3:c9: e9:5e:f8:4d:0d:c6:6e:c6:c0:db:14:b5:02:8c:ff:95:00:ce: 63:34:13:6a:a9:14:93:6e:1e:b5:3c:3d:c2:7c:ce:0f:9c:9f: c0:8f:cb:58:01:52:39:84:58:81:b5:c0:ea:4c:e8:81:5f:06: e7:26:74:10:84:9a:97:9a:03:a4:36:0f:95:fc:6f:8a:ba:eb: 46:04:8d:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZK4Gsq1gzVjc4Pd7uzlyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MTdhMGUyZDZlNjA3MmU4OGQzNzc0ZGQ3Y2NmYmYwN2Ex Yzg2MzIwHhcNMjUxMjA2MTYwMDMwWhcNMjUxMjA3MTYwMDMwWjAzMTEwLwYDVQQD EyhiNGQwZjA4ZmZhYTMwMTA4NzBjYjI3MzM0ZTQ3ZWI4ODZmOGE4MDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXkAgjErHJ3Omh4ax4cEpMc4BEdl l+stuKTpZ+Q1zaGKjmCpK6bBMXMOShroUaguHZ7rQPpoa/9jaFejxtCImf09i1WD qv3Cf4eCEHB7ihonUWpM9TBHZmaRGSJQhnBdJqxJRyy2IP7QqTBwkNVAjrDZutlk EvzRFD04w9Wf8qOPMOHc6WRX6KvJahrBS+Afuf3JR4gSEtG3gsyi/4KaPVWbUkzl w1Dj6PmEnjkM8h1eTG+mbMuLEGv9BocI7+2MXZdtm7FhRluw5lBKqUmmb/eVovne 1uL+JXbnJSI1ZWXaMkF24bSeoRiNbyzJdzzOZOqMbSY9gbjf6sn7Tw3PawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLTQ8I/6owEIcMsnM05H64hvioAVMB8GA1UdIwQY MBaAFIYXoOLW5gcuiNN3TdfM+/B6HIYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5Njgt ZWJkYzMyYTZhYjI3LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC8yZDE4YWYtNTg5Mi00MDdmLWI5NjgtZWJkYzMyYTZhYjI3 LzEvaGhlZzR0Ym1CeTZJMDNkTjE4ejc4SG9jaGpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARsDOjWMs WF7EVuNkwOOzYoedtvZ81bztn11NT21wDSnvHUCSIXUt9EHVrkIuqLlQylhS/W8B qDotb2xJeSiwnBt5ult0KtmwkN2RJzHfpfFxOgFa9+QjFSKpM40VPP7CBqGAXZD8 +MYV8UCfJOfd9Q9yxfA4R7a1oLsdoO2y5JiPHKIeYMoPWbSxE7vcwdMPgwK7TuVm 9qLtjBU5qJAmPEOlLPteD16jczbeecd8GDJ4eLPJ6V74TQ3GbsbA2xS1Aoz/lQDO YzQTaqkUk24etTw9wnzOD5yfwI/LWAFSOYRYgbXA6kzogV8G5yZ0EISal5oDpDYP lfxvirrrRgSNCw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:04:30 2025 by rpki-client