This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft File: sHATRrrVXff13IGLu7z7t9sQcKs.mft (raw, json) Hash identifier: 1qKN86d04yOixJ9dMBP6bTOJTmZA+rT+3x57TQ9elxY= Subject key identifier: 74:9D:2A:27:B5:40:CB:41:51:F2:6A:39:D7:61:EF:6A:B5:08:44:9F Authority key identifier: B0:70:13:46:BA:D5:5D:F7:F5:DC:81:8B:BB:BC:FB:B7:DB:10:70:AB Certificate issuer: /CN=b0701346bad55df7f5dc818bbbbcfbb7db1070ab Certificate serial: 019AF1646633CC754CF5E83E909192CEBAA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft Manifest number: 0935 Signing time: Sat 06 Dec 2025 02:01:20 +0000 Manifest this update: Sat 06 Dec 2025 02:01:20 +0000 Manifest next update: Sun 07 Dec 2025 02:01:20 +0000 Files and hashes: 1: 2vj5B04hPRrl36o4PSEreNmSh7Y.roa (hash: IJqTeCNZ6pF/BafJ55wl0YbKPxsnvPNim6xG4D9/f0M=) 2: sHATRrrVXff13IGLu7z7t9sQcKs.crl (hash: qV55PReOV2/WGGUyK0HhB4qPEzrgmQT5Z+7w6ytuba8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.crl rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:66:33:cc:75:4c:f5:e8:3e:90:91:92:ce:ba:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0701346bad55df7f5dc818bbbbcfbb7db1070ab Validity Not Before: Dec 6 02:01:20 2025 GMT Not After : Dec 7 02:01:20 2025 GMT Subject: CN=749d2a27b540cb4151f26a39d761ef6ab508449f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ed:ec:22:3c:c0:78:e4:21:04:af:82:f5:0e: d1:22:b0:e4:64:28:ba:b5:bd:b9:50:6c:70:29:fc: ce:38:25:95:79:c0:ac:37:34:cf:e9:d2:f6:88:9d: b2:14:65:b0:30:7f:d3:58:dc:8c:e2:c9:f3:4c:50: d0:07:c3:e3:b5:a1:d2:72:50:6e:43:73:5b:2f:52: f9:3f:82:3e:88:08:29:45:0e:0d:86:42:a8:92:83: 6a:d7:fe:96:ac:8b:aa:ab:77:d8:7d:09:a6:85:a0: 53:b5:a9:7b:07:2c:47:8e:37:b5:de:2f:7b:21:24: 30:43:66:ce:3c:16:99:64:58:a1:ce:5b:9a:24:02: 7d:11:ba:64:1e:8a:68:bc:93:3f:38:2a:bc:15:7d: a5:ae:e1:72:9f:ed:13:34:85:30:24:97:36:c0:50: 7f:7a:a2:fc:84:00:60:b5:d6:92:cf:8d:c8:f4:39: b3:1b:ce:94:78:e7:07:ed:d2:a2:e9:f5:4a:04:15: 41:5b:47:06:82:68:5d:03:52:99:b3:f3:62:7b:e2: 66:47:4c:57:b6:26:8c:5a:ba:68:55:93:09:fc:92: aa:27:9f:bf:e2:65:36:2a:f4:48:fd:52:81:c8:39: 77:80:8f:69:26:ea:5d:7d:ed:3f:e7:21:99:4d:9b: ba:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:9D:2A:27:B5:40:CB:41:51:F2:6A:39:D7:61:EF:6A:B5:08:44:9F X509v3 Authority Key Identifier: keyid:B0:70:13:46:BA:D5:5D:F7:F5:DC:81:8B:BB:BC:FB:B7:DB:10:70:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:b3:52:fc:68:02:df:1d:78:1e:3e:59:88:1c:74:dc:22:7b: 32:3d:dc:c9:50:e8:f2:1c:55:30:30:72:a2:f3:0d:06:e6:be: 06:47:57:2e:4c:31:2d:22:6d:7a:cc:74:01:0e:d5:92:2d:7a: 47:cb:2b:11:00:3d:be:92:27:34:2c:e6:36:26:21:b4:09:da: a1:57:60:07:9c:16:94:b9:c3:4e:1a:f8:ea:e8:ae:39:b1:2c: 98:61:34:02:5d:71:eb:12:9c:00:94:39:64:c5:5c:a3:50:29: 34:88:2d:45:c0:63:11:8a:f4:a5:d1:99:27:e7:ce:13:2d:93: c2:ee:d3:ab:f9:1b:62:60:42:b8:7f:2f:b7:3a:40:62:ae:36: 0d:2e:3a:50:18:51:c9:d9:a5:a2:5b:93:17:50:e4:b0:7f:82: 28:07:70:b4:52:ca:84:20:87:09:e1:44:17:fa:24:24:c3:1d: 59:05:9d:17:57:95:b8:a4:ba:14:43:ea:07:ce:c7:cf:d4:42: 8c:83:bb:15:1b:b3:2e:88:41:0f:2c:06:a3:b2:9a:43:e4:41: 7b:9e:03:1c:8b:98:38:6c:cd:9c:61:1d:07:02:2d:4c:f6:9d: 8d:aa:17:81:75:dc:47:3f:4c:ba:ac:8a:4d:d8:e1:06:68:9a: 7e:a7:4b:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZGYzzHVM9eg+kJGSzrqoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwNzAxMzQ2YmFkNTVkZjdmNWRjODE4YmJiYmNmYmI3ZGIx MDcwYWIwHhcNMjUxMjA2MDIwMTIwWhcNMjUxMjA3MDIwMTIwWjAzMTEwLwYDVQQD Eyg3NDlkMmEyN2I1NDBjYjQxNTFmMjZhMzlkNzYxZWY2YWI1MDg0NDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+3sIjzAeOQhBK+C9Q7RIrDkZCi6 tb25UGxwKfzOOCWVecCsNzTP6dL2iJ2yFGWwMH/TWNyM4snzTFDQB8PjtaHSclBu Q3NbL1L5P4I+iAgpRQ4NhkKokoNq1/6WrIuqq3fYfQmmhaBTtal7ByxHjje13i97 ISQwQ2bOPBaZZFihzluaJAJ9EbpkHopovJM/OCq8FX2lruFyn+0TNIUwJJc2wFB/ eqL8hABgtdaSz43I9DmzG86UeOcH7dKi6fVKBBVBW0cGgmhdA1KZs/Nie+JmR0xX tiaMWrpoVZMJ/JKqJ5+/4mU2KvRI/VKByDl3gI9pJupdfe0/5yGZTZu6MQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHSdKie1QMtBUfJqOddh72q1CESfMB8GA1UdIwQY MBaAFLBwE0a61V339dyBi7u8+7fbEHCrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yZjVmMjItNzQzOS00MjA4LThiMzkt N2QxMWZjZjE3MTIzLzEvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny8yZjVmMjItNzQzOS00MjA4LThiMzktN2QxMWZjZjE3MTIz LzEvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADLNS/GgC 3x14Hj5ZiBx03CJ7Mj3cyVDo8hxVMDByovMNBua+BkdXLkwxLSJtesx0AQ7Vki16 R8srEQA9vpInNCzmNiYhtAnaoVdgB5wWlLnDThr46uiuObEsmGE0Al1x6xKcAJQ5 ZMVco1ApNIgtRcBjEYr0pdGZJ+fOEy2Twu7Tq/kbYmBCuH8vtzpAYq42DS46UBhR ydmloluTF1DksH+CKAdwtFLKhCCHCeFEF/okJMMdWQWdF1eVuKS6FEPqB87Hz9RC jIO7FRuzLohBDywGo7KaQ+RBe54DHIuYOGzNnGEdBwItTPadjaoXgXXcRz9MuqyK TdjhBmiafqdLlg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:41:31 2025 by rpki-client