This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft File: h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json) Hash identifier: 8Eyk/CG6TOeMPlRLE2ZV8jp0Tcd/Gc/qb7DfTtZ0Zlw= Subject key identifier: B7:D7:28:31:5F:6D:D4:33:CA:38:84:32:C3:47:17:4C:4F:21:D3:B1 Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97 Certificate issuer: /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97 Certificate serial: 019B3231FD27009DECD3F79B2FA37B579EAE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft Manifest number: 0CC7 Signing time: Thu 18 Dec 2025 16:01:35 +0000 Manifest this update: Thu 18 Dec 2025 16:01:35 +0000 Manifest next update: Fri 19 Dec 2025 16:01:35 +0000 Files and hashes: 1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: l8uGQjQrSnoM7UiGxVre+21mN82QAWKCHXTRIPO0Inc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:fd:27:00:9d:ec:d3:f7:9b:2f:a3:7b:57:9e:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97 Validity Not Before: Dec 18 16:01:35 2025 GMT Not After : Dec 19 16:01:35 2025 GMT Subject: CN=b7d728315f6dd433ca388432c347174c4f21d3b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:61:10:be:14:b4:b9:1b:85:35:53:4a:b0:72: bc:d6:8c:46:59:09:9f:92:ac:f5:af:22:4d:c4:db: 1d:6b:0e:a7:2a:a9:f3:93:05:da:09:0e:33:97:65: 87:e9:d8:d8:d4:89:25:85:4e:fa:98:dc:15:8a:37: 9f:01:95:2c:a8:b0:bb:da:2e:16:e4:40:6f:fc:6d: 66:18:aa:da:cb:ac:4f:59:13:5f:42:14:6c:82:e1: e5:f7:76:57:b3:59:c9:fd:ba:cb:3b:dd:0d:56:0f: 19:b3:47:fd:8e:a1:d3:72:fe:56:e7:01:89:65:92: c9:14:e1:4a:98:7a:49:3f:10:c3:e7:5d:94:b7:33: d1:52:1f:c4:d4:cf:d1:77:89:98:c4:2d:9c:aa:00: 63:e0:0e:7d:f5:f9:98:f3:e3:97:48:b3:24:1e:82: 71:22:4b:74:3a:f6:8a:87:d7:31:a8:43:51:d7:40: 62:db:b9:c7:4e:e2:56:2d:2f:f7:92:c0:e5:4c:2f: cf:04:fd:5a:55:f1:7d:3d:ab:aa:a2:58:33:43:3b: 5d:aa:d7:cb:d1:6d:2e:96:42:ee:37:35:b0:ae:cc: fb:83:94:b3:0b:cf:d9:21:ec:89:db:96:67:cc:36: 37:ce:99:c1:8d:38:d4:a3:b2:a5:ec:10:9e:fc:f6: 50:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:D7:28:31:5F:6D:D4:33:CA:38:84:32:C3:47:17:4C:4F:21:D3:B1 X509v3 Authority Key Identifier: keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:ab:fd:75:03:95:92:e7:9d:27:27:2e:63:78:ad:d3:33:37: d4:c6:47:58:fe:16:a7:fd:c2:66:61:b9:a7:fa:21:00:97:af: f9:20:6b:85:2d:ba:a6:ac:47:bb:f3:56:da:c5:8f:99:92:a2: 50:9c:3a:3a:c9:43:fc:c8:4a:89:de:2f:8a:aa:0f:02:cd:42: ca:78:62:cd:05:6c:66:e5:10:80:af:a8:22:59:a8:41:c8:58: 4a:7b:97:ea:96:d6:de:a5:35:79:af:0b:43:c3:0f:c8:52:da: 1d:a5:04:59:d1:e3:ab:b6:51:b8:ed:bc:5e:03:d3:8e:81:50: 3e:25:f9:70:54:ac:c9:41:1d:4e:d6:67:6c:ee:32:7d:0e:67: 4e:fd:92:4c:25:4b:fe:ba:3d:f9:07:35:95:a7:a6:a0:13:cb: 2a:8d:d9:5d:01:62:39:23:63:52:e4:34:1b:ad:07:90:4c:2b: 0e:2b:a5:18:1a:04:e6:bc:67:f8:7e:7d:0b:a5:31:60:cc:9a: 13:8f:28:0d:47:08:67:25:a9:97:0e:fb:41:96:2d:5b:d4:db: 85:55:c9:ab:a2:76:e9:36:0c:86:84:0f:85:46:1a:c5:ba:48: 8b:f9:13:0c:12:fa:49:63:70:32:79:c3:65:2d:05:55:28:a3: 31:60:6a:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMf0nAJ3s0/ebL6N7V56uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5 NTVlOTcwHhcNMjUxMjE4MTYwMTM1WhcNMjUxMjE5MTYwMTM1WjAzMTEwLwYDVQQD EyhiN2Q3MjgzMTVmNmRkNDMzY2EzODg0MzJjMzQ3MTc0YzRmMjFkM2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2EQvhS0uRuFNVNKsHK81oxGWQmf kqz1ryJNxNsdaw6nKqnzkwXaCQ4zl2WH6djY1IklhU76mNwVijefAZUsqLC72i4W 5EBv/G1mGKray6xPWRNfQhRsguHl93ZXs1nJ/brLO90NVg8Zs0f9jqHTcv5W5wGJ ZZLJFOFKmHpJPxDD512UtzPRUh/E1M/Rd4mYxC2cqgBj4A599fmY8+OXSLMkHoJx Ikt0OvaKh9cxqENR10Bi27nHTuJWLS/3ksDlTC/PBP1aVfF9PauqolgzQztdqtfL 0W0ulkLuNzWwrsz7g5SzC8/ZIeyJ25ZnzDY3zpnBjTjUo7Kl7BCe/PZQnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLfXKDFfbdQzyjiEMsNHF0xPIdOxMB8GA1UdIwQY MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqv9dQOV kuedJycuY3it0zM31MZHWP4Wp/3CZmG5p/ohAJev+SBrhS26pqxHu/NW2sWPmZKi UJw6OslD/MhKid4viqoPAs1CynhizQVsZuUQgK+oIlmoQchYSnuX6pbW3qU1ea8L Q8MPyFLaHaUEWdHjq7ZRuO28XgPTjoFQPiX5cFSsyUEdTtZnbO4yfQ5nTv2STCVL /ro9+Qc1laemoBPLKo3ZXQFiOSNjUuQ0G60HkEwrDiulGBoE5rxn+H59C6UxYMya E48oDUcIZyWplw77QZYtW9TbhVXJq6J26TYMhoQPhUYaxbpIi/kTDBL6SWNwMnnD ZS0FVSijMWBqOw== -----END CERTIFICATE-----Generated at Thu Dec 18 20:33:01 2025 by rpki-client