This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft File: HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json) Hash identifier: Cqf/L2XB4bv5uVQMYOdV5NoNmHmz2sw+FEwbSL251io= Subject key identifier: E3:14:2A:6E:A8:5C:7C:88:E9:A9:C5:A3:63:09:B8:40:E5:28:B7:51 Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B Certificate issuer: /CN=1d102aca6cf13511385294e77dbe273768c0a04b Certificate serial: 019AF6F87F87E3F0FEBAF4D5DFE7BC14B87E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft Manifest number: 0C41 Signing time: Sun 07 Dec 2025 04:01:11 +0000 Manifest this update: Sun 07 Dec 2025 04:01:11 +0000 Manifest next update: Mon 08 Dec 2025 04:01:11 +0000 Files and hashes: 1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: VKs5wjOKcGhSDtXKdZiTXFI09ld33xRNKPfGpKWH3Zs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f8:7f:87:e3:f0:fe:ba:f4:d5:df:e7:bc:14:b8:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b Validity Not Before: Dec 7 04:01:11 2025 GMT Not After : Dec 8 04:01:11 2025 GMT Subject: CN=e3142a6ea85c7c88e9a9c5a36309b840e528b751 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:27:54:3d:10:48:f9:5d:56:a3:a7:c5:65:cb: 9b:aa:63:c1:3e:ed:27:2c:06:50:f2:56:10:52:e9: d2:09:83:bb:14:09:5b:b6:95:10:55:9f:a9:9e:26: 3a:a4:5c:e6:eb:2a:08:a0:f9:09:c7:4e:8d:ab:eb: 26:b8:68:f1:3a:81:8a:ca:11:3f:af:3a:58:df:9d: fd:fe:8f:18:ef:73:e8:8f:b0:70:0b:89:bb:6e:00: 2c:ab:8c:93:99:67:3b:78:6d:73:19:48:ad:b5:d9: 70:1d:29:5c:1a:df:fc:5d:d5:84:c6:33:dd:4b:e3: 21:ee:47:f7:c9:f6:8f:52:dc:9a:ad:57:a1:47:c5: 4e:c0:6c:ed:4c:13:50:cd:c6:89:58:a2:49:f7:69: b6:87:e7:1d:38:62:87:43:ec:6d:78:00:ff:dd:9e: 4e:0a:89:3d:8a:5c:9d:a7:a9:1a:a0:7d:ef:80:1d: 34:3a:40:06:1a:9b:31:89:d6:96:ba:4e:64:96:cd: 4b:fe:46:ee:e4:02:54:a0:bc:2a:85:2d:42:85:d2: 2d:ea:e3:66:e5:42:22:21:1c:52:36:ee:a4:75:af: 1c:df:d7:00:32:a0:b5:e8:be:72:60:81:e6:0b:8a: df:d8:9f:b1:42:4a:fb:79:ec:4c:6b:1e:75:9f:f8: 68:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:14:2A:6E:A8:5C:7C:88:E9:A9:C5:A3:63:09:B8:40:E5:28:B7:51 X509v3 Authority Key Identifier: keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:5e:59:3d:22:b1:3c:ba:3b:bd:60:61:32:86:b0:83:28:46: 05:92:ac:b4:75:a7:70:d4:79:77:c8:a2:07:fc:ca:77:21:09: da:8b:ca:80:fa:f1:41:11:b0:31:79:1f:84:d2:ec:86:f3:0e: 20:e5:c3:21:39:62:89:c9:fb:86:6e:bd:3c:32:e6:1b:06:0a: a5:c6:cb:89:02:7a:39:fb:f6:f4:c2:46:16:63:5a:a8:bf:42: dc:16:ee:ad:25:23:74:8c:41:75:c2:ea:d3:ac:5d:9c:3f:fa: 92:e5:41:3a:de:e3:da:df:5c:b2:7c:36:18:ea:a5:e9:80:05: 4e:e4:28:1a:95:26:f2:44:8f:8d:89:6f:2b:76:3c:79:2e:02: e7:8f:2c:96:46:36:98:4d:94:70:cc:43:4f:b1:b3:44:35:69: f7:61:15:7c:ca:68:68:19:fe:56:0e:c6:e2:95:ef:df:93:bc: fc:c0:95:7d:af:1d:e2:e0:12:91:ad:7c:7a:25:66:6f:40:1d: f4:47:74:23:66:8c:2e:d9:5f:d3:0c:01:a6:bd:21:b7:26:f1: c8:ec:07:9e:78:0a:2d:64:4e:ca:85:91:e6:4c:c4:a6:df:7b: 20:c6:f3:79:3e:99:13:d7:7b:ad:0e:b9:91:98:7b:e2:35:fc: de:96:8c:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+H+H4/D+uvTV3+e8FLh+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj MGEwNGIwHhcNMjUxMjA3MDQwMTExWhcNMjUxMjA4MDQwMTExWjAzMTEwLwYDVQQD EyhlMzE0MmE2ZWE4NWM3Yzg4ZTlhOWM1YTM2MzA5Yjg0MGU1MjhiNzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzydUPRBI+V1Wo6fFZcubqmPBPu0n LAZQ8lYQUunSCYO7FAlbtpUQVZ+pniY6pFzm6yoIoPkJx06Nq+smuGjxOoGKyhE/ rzpY3539/o8Y73Poj7BwC4m7bgAsq4yTmWc7eG1zGUittdlwHSlcGt/8XdWExjPd S+Mh7kf3yfaPUtyarVehR8VOwGztTBNQzcaJWKJJ92m2h+cdOGKHQ+xteAD/3Z5O Cok9ilydp6kaoH3vgB00OkAGGpsxidaWuk5kls1L/kbu5AJUoLwqhS1ChdIt6uNm 5UIiIRxSNu6kda8c39cAMqC16L5yYIHmC4rf2J+xQkr7eexMax51n/hoFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOMUKm6oXHyI6anFo2MJuEDlKLdRMB8GA1UdIwQY MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4 LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs15ZPSKx PLo7vWBhMoawgyhGBZKstHWncNR5d8iiB/zKdyEJ2ovKgPrxQRGwMXkfhNLshvMO IOXDITliicn7hm69PDLmGwYKpcbLiQJ6Ofv29MJGFmNaqL9C3BburSUjdIxBdcLq 06xdnD/6kuVBOt7j2t9csnw2GOql6YAFTuQoGpUm8kSPjYlvK3Y8eS4C548slkY2 mE2UcMxDT7GzRDVp92EVfMpoaBn+Vg7G4pXv35O8/MCVfa8d4uASka18eiVmb0Ad 9Ed0I2aMLtlf0wwBpr0htybxyOwHnngKLWROyoWR5kzEpt97IMbzeT6ZE9d7rQ65 kZh74jX83paMvg== -----END CERTIFICATE-----Generated at Sun Dec 7 08:21:23 2025 by rpki-client