This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft File: hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft (raw, json) Hash identifier: BhlXlWVS8apC/cmOsrbdBx5e9sThCyoqmNxm9ANBgrg= Subject key identifier: C3:85:4B:DA:F9:EC:6A:F5:12:54:00:2D:51:E1:DD:D9:F4:47:19:75 Authority key identifier: 85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74 Certificate issuer: /CN=859d5177077b90818c6f90ae4e44332d8cacbb74 Certificate serial: 019AF12E05549985866EE2000B3EE7342A8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 01:01:56 +0000 Manifest this update: Sat 06 Dec 2025 01:01:56 +0000 Manifest next update: Sun 07 Dec 2025 01:01:56 +0000 Files and hashes: 1: PbEykFk95Qp-GzLhGQEzPuqSxmk.roa (hash: Hvk7rTnua0DJqMwP5Nyh8b4Zk2rUSg2r4snTzFoJ1wk=) 2: hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl (hash: 0+jH3/pthSAJbuTY5A42CMQ5pQGhKjp1uEHcg7kWxhg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:05:54:99:85:86:6e:e2:00:0b:3e:e7:34:2a:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=859d5177077b90818c6f90ae4e44332d8cacbb74 Validity Not Before: Dec 6 01:01:56 2025 GMT Not After : Dec 7 01:01:56 2025 GMT Subject: CN=c3854bdaf9ec6af51254002d51e1ddd9f4471975 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c5:a5:75:b3:95:6b:a2:5b:51:c6:6a:3a:fb: e1:61:d8:f6:65:ae:a5:d1:87:e6:4e:3e:ff:90:01: e3:10:23:2f:d0:79:d2:4f:8d:46:b7:7e:54:97:67: be:58:15:02:c4:76:4a:a5:67:a6:3d:b8:77:29:36: 94:66:07:17:8f:46:f7:e5:4f:22:34:11:17:43:11: 76:df:ba:58:59:19:cf:44:5c:3a:6f:04:54:cc:b8: 4a:82:9f:e6:bb:c3:71:40:be:b1:64:24:71:e0:7a: cd:8b:c3:81:5e:74:b2:3e:b6:f5:11:e3:96:cd:49: 17:dc:cd:db:bd:91:66:6f:79:1a:b9:e2:64:2e:ae: 70:12:d9:7b:ff:31:8c:f6:1b:fd:17:40:ca:a1:bb: 17:eb:f0:0c:17:8c:f7:65:9d:03:6b:18:80:05:d2: 55:d7:b1:6c:03:f1:93:45:06:46:45:5d:b3:9e:06: 1d:b7:e5:cb:ee:53:67:ea:59:b5:bb:32:a4:9d:85: 08:ae:20:2c:34:c0:13:71:e6:57:1a:7d:c4:9a:99: e5:c9:ba:5c:56:8a:1b:78:e9:48:9f:6b:34:25:3e: 4d:8e:bd:52:2f:b9:b7:45:d2:b1:bf:f2:4f:71:21: 7c:ac:c0:21:89:a7:8b:94:51:08:46:99:10:ea:65: 65:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:85:4B:DA:F9:EC:6A:F5:12:54:00:2D:51:E1:DD:D9:F4:47:19:75 X509v3 Authority Key Identifier: keyid:85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:b8:dc:92:f2:bc:30:a1:16:6c:63:be:54:ed:bc:e0:36:bd: 5d:9f:1a:74:70:c0:57:77:ad:88:cb:16:04:b9:a6:0b:42:e1: f7:67:f6:dc:cd:13:d8:30:cb:5a:e9:ec:89:07:8c:3a:05:c9: 86:ca:e7:52:64:c9:f2:1a:6f:a7:31:08:6b:c2:18:c0:28:0d: 95:c2:69:5b:78:62:ae:11:94:d4:e0:6e:95:29:7d:05:0a:28: 13:16:19:8d:ae:94:43:31:93:dc:d6:51:91:54:eb:65:2a:2a: 7a:54:6e:49:05:8a:0a:f8:24:c6:b8:34:4f:f8:58:ba:0f:34: d1:bc:ab:1b:08:be:0c:6a:b1:c5:7a:8e:83:cd:0b:d8:eb:e8: 15:c8:11:9f:9a:88:64:c2:fe:9e:e9:c3:6b:88:f4:98:59:e0: 6c:86:cf:47:95:c6:9f:ec:c3:77:4a:c4:83:e8:6e:d8:13:30: 7d:04:1c:67:1c:23:17:17:36:a9:b9:44:3c:42:53:64:7d:49: c8:b1:91:4f:c7:e2:b1:50:42:6d:07:43:0a:ed:99:fd:c3:93: 18:75:a7:2a:09:aa:b0:f2:76:fa:b2:9d:d1:57:e3:89:53:15: 3c:db:33:68:97:8e:ec:66:ce:57:08:10:e4:08:fa:97:bc:1c: d5:90:a6:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLgVUmYWGbuIACz7nNCqLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1OWQ1MTc3MDc3YjkwODE4YzZmOTBhZTRlNDQzMzJkOGNh Y2JiNzQwHhcNMjUxMjA2MDEwMTU2WhcNMjUxMjA3MDEwMTU2WjAzMTEwLwYDVQQD EyhjMzg1NGJkYWY5ZWM2YWY1MTI1NDAwMmQ1MWUxZGRkOWY0NDcxOTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MWldbOVa6JbUcZqOvvhYdj2Za6l 0YfmTj7/kAHjECMv0HnST41Gt35Ul2e+WBUCxHZKpWemPbh3KTaUZgcXj0b35U8i NBEXQxF237pYWRnPRFw6bwRUzLhKgp/mu8NxQL6xZCRx4HrNi8OBXnSyPrb1EeOW zUkX3M3bvZFmb3kaueJkLq5wEtl7/zGM9hv9F0DKobsX6/AMF4z3ZZ0DaxiABdJV 17FsA/GTRQZGRV2zngYdt+XL7lNn6lm1uzKknYUIriAsNMATceZXGn3Empnlybpc VoobeOlIn2s0JT5Njr1SL7m3RdKxv/JPcSF8rMAhiaeLlFEIRpkQ6mVlBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMOFS9r57Gr1ElQALVHh3dn0Rxl1MB8GA1UdIwQY MBaAFIWdUXcHe5CBjG+Qrk5EMy2MrLt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9mYWVhNDMtZjMzMy00NTA5LWE2ZGIt M2FjOTZiZTI4NWUwLzEvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi9mYWVhNDMtZjMzMy00NTA5LWE2ZGItM2FjOTZiZTI4NWUw LzEvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGbjckvK8 MKEWbGO+VO284Da9XZ8adHDAV3etiMsWBLmmC0Lh92f23M0T2DDLWunsiQeMOgXJ hsrnUmTJ8hpvpzEIa8IYwCgNlcJpW3hirhGU1OBulSl9BQooExYZja6UQzGT3NZR kVTrZSoqelRuSQWKCvgkxrg0T/hYug800byrGwi+DGqxxXqOg80L2OvoFcgRn5qI ZML+nunDa4j0mFngbIbPR5XGn+zDd0rEg+hu2BMwfQQcZxwjFxc2qblEPEJTZH1J yLGRT8fisVBCbQdDCu2Z/cOTGHWnKgmqsPJ2+rKd0VfjiVMVPNszaJeO7GbOVwgQ 5Aj6l7wc1ZCmKw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:27 2025 by rpki-client