This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft File: hGy8NY5qqP7tbgMmoECJt-XyqYk.mft (raw, json) Hash identifier: AFNqr/aFDNcUFKjoHfPbzOdACNNqIG5q/LZkumMM7FI= Subject key identifier: 78:25:6F:CA:85:73:64:8F:EA:9F:E6:56:69:7B:9A:91:D3:9B:0F:AD Authority key identifier: 84:6C:BC:35:8E:6A:A8:FE:ED:6E:03:26:A0:40:89:B7:E5:F2:A9:89 Certificate issuer: /CN=846cbc358e6aa8feed6e0326a04089b7e5f2a989 Certificate serial: 019AF50B0E1A3A95E5C1BF427CA1D8C8EA81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft Manifest number: 0BC4 Signing time: Sat 06 Dec 2025 19:02:13 +0000 Manifest this update: Sat 06 Dec 2025 19:02:13 +0000 Manifest next update: Sun 07 Dec 2025 19:02:13 +0000 Files and hashes: 1: hGy8NY5qqP7tbgMmoECJt-XyqYk.crl (hash: Gsy65nEnBZQIPO82WpxmhkBSMcQzsZaNdgaShOxuYrk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.crl rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:0e:1a:3a:95:e5:c1:bf:42:7c:a1:d8:c8:ea:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=846cbc358e6aa8feed6e0326a04089b7e5f2a989 Validity Not Before: Dec 6 19:02:13 2025 GMT Not After : Dec 7 19:02:13 2025 GMT Subject: CN=78256fca8573648fea9fe656697b9a91d39b0fad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d4:2a:a0:0a:67:5a:1d:97:0b:41:9a:c5:ac: cb:84:da:ef:37:f8:19:28:85:b3:1e:4c:e3:2c:1f: df:44:27:55:40:b2:a9:ce:d7:ce:70:4b:df:b9:6d: 44:da:38:b9:37:bf:41:99:31:1e:2c:0a:c5:3d:84: 38:d4:f4:f4:6a:ea:f9:ad:06:a2:ba:8e:90:c6:c2: 0e:b0:55:89:90:b6:5c:45:35:ae:84:1e:dc:f8:c7: 1a:b2:8c:28:9f:04:f1:af:eb:14:b0:46:a4:2a:28: f8:0a:05:af:30:c9:79:92:a1:1d:8d:01:5d:c4:cc: a9:36:65:fd:e1:38:8b:74:66:43:8e:2f:40:59:e2: 5a:7c:a5:c6:d8:dc:7e:21:59:a9:16:1f:73:19:19: 9c:ad:8b:45:d6:90:54:bb:e6:0a:de:dc:89:ac:e6: ee:70:e3:74:a7:d9:3a:38:63:5b:37:24:63:b3:0f: 5a:44:84:19:1b:b1:58:36:72:03:72:48:12:18:79: e5:29:71:0c:c7:05:59:f0:23:12:7c:bc:fc:81:44: 55:8c:e0:40:28:50:e5:83:da:cd:52:83:1a:67:77: 5b:d7:58:08:d7:fa:85:97:54:15:41:6a:e7:ba:0c: 13:54:49:5f:e4:ef:31:f2:bd:d5:99:25:29:9f:70: a1:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:25:6F:CA:85:73:64:8F:EA:9F:E6:56:69:7B:9A:91:D3:9B:0F:AD X509v3 Authority Key Identifier: keyid:84:6C:BC:35:8E:6A:A8:FE:ED:6E:03:26:A0:40:89:B7:E5:F2:A9:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGy8NY5qqP7tbgMmoECJt-XyqYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/5f3d45-00d0-455a-acc8-3f7d81baf7b7/1/hGy8NY5qqP7tbgMmoECJt-XyqYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:f4:0f:fc:68:e0:3b:75:23:37:db:46:44:73:a5:48:af:b3: 9a:75:09:a2:56:5d:9e:92:91:19:7f:b6:cb:06:dc:5d:63:e3: f4:a7:7a:0e:e2:66:db:14:ed:86:63:20:18:9b:5f:55:89:2a: 36:b7:72:66:ff:79:84:b9:0c:82:b5:e6:66:37:09:a1:7a:43: 69:3a:74:ac:27:b1:f8:d3:f8:6f:f9:80:65:f8:20:0c:ad:2a: 5c:3d:28:11:c8:74:9f:ac:96:14:c3:6c:72:d3:75:89:d4:39: 10:3a:fb:dc:69:d2:ec:f4:82:46:08:77:71:79:69:38:ac:84: 01:a3:ca:4b:42:4b:dc:b5:da:fc:4f:3f:50:e0:d0:bc:b0:b0: 63:73:29:01:5a:2e:0a:ac:ac:7d:cb:c6:12:24:67:57:64:83: f2:13:ec:6c:75:5e:11:16:97:45:68:9e:2f:0a:c3:ad:4c:9d: 7d:53:c9:13:e5:07:2f:67:33:b7:95:cb:31:ff:3b:52:64:73: 3b:c4:d9:e3:86:dc:d9:7e:da:27:a3:c9:db:e5:31:fb:9b:1f: b5:27:f2:ab:87:29:c7:05:cc:bb:98:2f:1d:aa:f6:f5:e0:fb: b9:cf:21:60:a0:28:32:7e:a1:db:ef:9f:01:0b:bd:f3:15:d0: 71:3d:b5:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cw4aOpXlwb9CfKHYyOqBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NmNiYzM1OGU2YWE4ZmVlZDZlMDMyNmEwNDA4OWI3ZTVm MmE5ODkwHhcNMjUxMjA2MTkwMjEzWhcNMjUxMjA3MTkwMjEzWjAzMTEwLwYDVQQD Eyg3ODI1NmZjYTg1NzM2NDhmZWE5ZmU2NTY2OTdiOWE5MWQzOWIwZmFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9QqoApnWh2XC0GaxazLhNrvN/gZ KIWzHkzjLB/fRCdVQLKpztfOcEvfuW1E2ji5N79BmTEeLArFPYQ41PT0aur5rQai uo6QxsIOsFWJkLZcRTWuhB7c+McasowonwTxr+sUsEakKij4CgWvMMl5kqEdjQFd xMypNmX94TiLdGZDji9AWeJafKXG2Nx+IVmpFh9zGRmcrYtF1pBUu+YK3tyJrObu cON0p9k6OGNbNyRjsw9aRIQZG7FYNnIDckgSGHnlKXEMxwVZ8CMSfLz8gURVjOBA KFDlg9rNUoMaZ3db11gI1/qFl1QVQWrnugwTVElf5O8x8r3VmSUpn3ChuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHglb8qFc2SP6p/mVml7mpHTmw+tMB8GA1UdIwQY MBaAFIRsvDWOaqj+7W4DJqBAibfl8qmJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS81ZjNkNDUtMDBkMC00NTVhLWFjYzgt M2Y3ZDgxYmFmN2I3LzEvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS81ZjNkNDUtMDBkMC00NTVhLWFjYzgtM2Y3ZDgxYmFmN2I3 LzEvaEd5OE5ZNXFxUDd0YmdNbW9FQ0p0LVh5cVlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp/QP/Gjg O3UjN9tGRHOlSK+zmnUJolZdnpKRGX+2ywbcXWPj9Kd6DuJm2xTthmMgGJtfVYkq NrdyZv95hLkMgrXmZjcJoXpDaTp0rCex+NP4b/mAZfggDK0qXD0oEch0n6yWFMNs ctN1idQ5EDr73GnS7PSCRgh3cXlpOKyEAaPKS0JL3LXa/E8/UODQvLCwY3MpAVou CqysfcvGEiRnV2SD8hPsbHVeERaXRWieLwrDrUydfVPJE+UHL2czt5XLMf87UmRz O8TZ44bc2X7aJ6PJ2+Ux+5sftSfyq4cpxwXMu5gvHar29eD7uc8hYKAoMn6h2++f AQu98xXQcT215A== -----END CERTIFICATE-----Generated at Sat Dec 6 22:55:46 2025 by rpki-client