This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft File: hESS25y7Cg62v2nCXIaWH0kYPJs.mft (raw, json) Hash identifier: gLOXLsxaIDtjG+bLMIfn3xmI+tt0ojvVPZCShm0rbIM= Subject key identifier: 0F:38:A9:CB:25:6A:48:38:A1:72:A7:59:56:89:F2:A6:17:94:5D:99 Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b Certificate serial: 019AF2ADAD7979C0D58826105E4FA4575FC1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft Manifest number: 07E3 Signing time: Sat 06 Dec 2025 08:00:59 +0000 Manifest this update: Sat 06 Dec 2025 08:00:59 +0000 Manifest next update: Sun 07 Dec 2025 08:00:59 +0000 Files and hashes: 1: HYrkvDrpfrVGKAcaIbn8RvGgwng.roa (hash: kLdog1pfyl1ivWrdhRaD9T/MX0DUf8jLwgmi9P1eRT8=) 2: TYiDdMg7jFYESVHenYkZA0H7wJM.roa (hash: nVrivhjrdRI0cWTmcIVa/wHRsP8sZBjo+02UhnnNCZw=) 3: bAtdqWOn7XIMZb40RJnvw-dOPu0.roa (hash: ajLP5I+MW9lN2Pm4hOADp3bTpGVbkghpKs5apJzZVDw=) 4: hESS25y7Cg62v2nCXIaWH0kYPJs.crl (hash: 7KZGk9sBZ2iNqQt1lZLgCcuaIj4L28XEzPFulAceTOI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:ad:79:79:c0:d5:88:26:10:5e:4f:a4:57:5f:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b Validity Not Before: Dec 6 08:00:59 2025 GMT Not After : Dec 7 08:00:59 2025 GMT Subject: CN=0f38a9cb256a4838a172a7595689f2a617945d99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:89:f7:8d:61:e3:88:23:7a:d9:1d:89:77:49: 23:a7:9b:ee:9d:ad:96:e5:8b:d7:53:e1:78:43:72: 8a:26:b8:7c:b6:01:e9:44:b6:c6:40:08:19:47:49: d4:29:18:90:75:ba:1d:b6:58:24:4a:ea:92:bd:44: 3e:f5:60:9e:0e:32:43:3b:78:90:01:ee:39:d8:da: f3:7f:ca:d8:7a:cf:8e:b2:90:ba:87:a9:5f:30:55: e7:fd:90:62:f2:f5:81:a0:f7:34:52:35:0b:e5:c6: fd:60:b1:c3:c6:05:80:c9:a4:b7:57:58:29:0e:c3: 32:a0:f0:ad:93:c9:34:c0:33:fa:e9:be:f9:e7:ba: fd:9e:65:90:e1:85:2c:fc:85:40:27:9b:54:2b:51: 93:27:ee:85:b2:29:24:84:f7:58:23:84:72:b2:70: 9f:09:fc:97:45:25:3b:7e:7d:8e:3e:5b:c6:11:e6: 24:26:9c:7d:57:2e:9c:69:d8:98:28:46:9b:4f:70: 36:da:01:d0:5a:fb:2f:b0:67:52:3a:02:96:e8:e1: 22:b7:80:d9:10:7c:89:a2:df:50:91:48:a5:6c:9a: 78:a3:cf:8f:93:01:1c:66:44:60:a6:72:74:cd:91: fd:7c:8e:e0:2e:54:40:5f:e0:db:07:85:f7:97:b6: fd:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:38:A9:CB:25:6A:48:38:A1:72:A7:59:56:89:F2:A6:17:94:5D:99 X509v3 Authority Key Identifier: keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:11:37:f4:ff:11:44:fc:33:48:8b:3b:67:f3:f3:d7:c4:1c: d3:1c:10:31:2f:fc:32:af:cf:08:9c:bc:03:b9:1a:38:85:c6: 46:6b:4c:67:b0:51:3e:06:a2:24:84:9c:73:56:ee:d9:c7:9c: 81:89:ea:0b:a4:08:8e:44:1c:33:8b:13:92:85:c2:f0:c8:5e: c0:a1:90:db:53:39:6d:87:2a:bc:18:02:4c:d7:a8:cd:8c:03: 25:ca:a1:67:ac:ff:03:fe:a2:a3:53:44:15:08:c0:72:26:af: 06:4a:29:fc:22:06:53:d0:a6:08:90:56:ca:eb:6c:05:42:79: 34:cb:18:9d:15:00:16:43:ef:fa:df:31:d3:73:44:6e:d8:e6: 86:0b:a9:96:07:0e:e4:20:15:b2:25:ba:05:8b:f3:65:dd:fd: f4:9c:49:1c:3b:d4:62:b0:0d:1e:74:1c:a3:7f:6c:81:89:69: 9c:5d:71:3e:d4:64:47:dd:8e:2e:e0:4a:31:ab:81:c8:be:fc: ec:02:f1:61:9b:eb:33:9d:90:a7:7b:46:f0:59:b6:c3:60:6b: 34:0a:15:d3:8f:c6:e9:42:d3:b9:47:c2:30:89:c6:4d:af:07: 37:30:45:26:12:c6:77:91:3b:44:c8:89:6f:ce:26:a2:e9:a6: ca:29:fb:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryra15ecDViCYQXk+kV1/BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx ODNjOWIwHhcNMjUxMjA2MDgwMDU5WhcNMjUxMjA3MDgwMDU5WjAzMTEwLwYDVQQD EygwZjM4YTljYjI1NmE0ODM4YTE3MmE3NTk1Njg5ZjJhNjE3OTQ1ZDk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Yn3jWHjiCN62R2Jd0kjp5vuna2W 5YvXU+F4Q3KKJrh8tgHpRLbGQAgZR0nUKRiQdbodtlgkSuqSvUQ+9WCeDjJDO3iQ Ae452Nrzf8rYes+OspC6h6lfMFXn/ZBi8vWBoPc0UjUL5cb9YLHDxgWAyaS3V1gp DsMyoPCtk8k0wDP66b7557r9nmWQ4YUs/IVAJ5tUK1GTJ+6FsikkhPdYI4RysnCf CfyXRSU7fn2OPlvGEeYkJpx9Vy6cadiYKEabT3A22gHQWvsvsGdSOgKW6OEit4DZ EHyJot9QkUilbJp4o8+PkwEcZkRgpnJ0zZH9fI7gLlRAX+DbB4X3l7b98QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA84qcslakg4oXKnWVaJ8qYXlF2ZMB8GA1UdIwQY MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct YTFlMGRiMWExN2RmLzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghE39P8R RPwzSIs7Z/Pz18Qc0xwQMS/8Mq/PCJy8A7kaOIXGRmtMZ7BRPgaiJIScc1bu2cec gYnqC6QIjkQcM4sTkoXC8MhewKGQ21M5bYcqvBgCTNeozYwDJcqhZ6z/A/6io1NE FQjAciavBkop/CIGU9CmCJBWyutsBUJ5NMsYnRUAFkPv+t8x03NEbtjmhguplgcO 5CAVsiW6BYvzZd399JxJHDvUYrANHnQco39sgYlpnF1xPtRkR92OLuBKMauByL78 7ALxYZvrM52Qp3tG8Fm2w2BrNAoV04/G6ULTuUfCMInGTa8HNzBFJhLGd5E7RMiJ b84moummyin7iQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:02:07 2025 by rpki-client