This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json) Hash identifier: gCMgUVCsPyA8nz+UJ34knx0EYlgkoS3Yl09ppJUqhAo= Subject key identifier: 71:97:5E:DB:E7:FB:F9:73:E0:18:A3:6E:64:B9:55:63:4D:B6:38:01 Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64 Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64 Certificate serial: 019AF1D24FDE5052A1C371B7F41EAE554D44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft Manifest number: 132E Signing time: Sat 06 Dec 2025 04:01:23 +0000 Manifest this update: Sat 06 Dec 2025 04:01:23 +0000 Manifest next update: Sun 07 Dec 2025 04:01:23 +0000 Files and hashes: 1: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (hash: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=) 2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: GDE6eR4PoMsWHUS8ZWgT94MelHiU0hFauYM9kBI2Wp0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:4f:de:50:52:a1:c3:71:b7:f4:1e:ae:55:4d:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86497682e9307c4687935008173147d132a28c64 Validity Not Before: Dec 6 04:01:23 2025 GMT Not After : Dec 7 04:01:23 2025 GMT Subject: CN=71975edbe7fbf973e018a36e64b955634db63801 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:d7:e1:15:84:1e:bd:0f:3d:b5:8b:28:ac:ae: 97:30:14:8d:da:c4:5a:b6:6f:14:bd:ea:e9:f6:af: 51:f9:29:ac:5a:d1:5b:f1:13:76:e8:d4:d4:19:94: 5a:fa:97:85:30:ca:d4:b7:78:1c:89:42:62:f2:b9: a7:99:d4:6e:ad:94:00:4e:f4:d9:13:07:0c:5f:81: 3c:38:12:04:88:17:21:57:5a:f6:80:1a:37:aa:2b: 17:d7:4c:26:cf:33:3a:50:13:05:17:7b:6b:eb:15: ef:3b:47:76:5a:4e:8f:fe:a3:45:18:8c:c8:db:cb: 46:bf:02:90:69:13:d5:03:05:c7:16:94:e5:df:4a: 33:07:f0:31:ed:aa:b4:ad:22:8c:f6:3e:e0:f8:bc: 32:fa:2a:c4:db:1f:0f:4c:62:e0:8e:ed:7b:fe:b0: 18:00:ca:ce:65:c1:1b:6f:4e:a1:8a:98:f0:91:f3: 8d:6c:c7:ae:9b:74:25:dd:8b:47:07:fa:2e:b8:39: b0:ef:4a:e8:6c:06:98:ce:a9:6f:02:3e:4d:cf:3e: b1:48:03:af:57:b5:f5:48:7b:93:e6:c5:93:a8:51: ea:64:02:88:b6:77:ce:9c:3d:e2:cd:7d:45:23:ed: 49:de:71:b1:ac:83:c5:79:18:d9:49:ce:ab:ed:e4: 4e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:97:5E:DB:E7:FB:F9:73:E0:18:A3:6E:64:B9:55:63:4D:B6:38:01 X509v3 Authority Key Identifier: keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:9e:21:81:8d:c0:9a:01:d7:1b:7a:02:2f:8e:b8:3a:7c:89: 86:f3:15:20:b3:54:3a:5c:5e:58:25:03:40:0a:ca:bb:dc:3e: 7e:7f:b6:ce:55:5b:41:94:ca:15:a7:08:25:c8:51:40:cd:9f: 83:71:df:d0:11:38:1a:cd:73:92:a2:28:3a:cd:78:dc:42:74: 33:bb:c3:14:a7:80:62:03:f8:b0:01:41:f6:e7:1e:d1:26:19: d9:3a:e0:b9:4d:32:84:8e:5e:c5:00:94:89:c1:87:39:88:eb: cf:30:26:db:6d:8b:0f:47:56:32:93:f2:3a:e2:d2:50:58:d3: 27:f8:57:a7:b7:57:d2:77:a2:a8:84:34:e8:79:c7:fe:51:bf: d0:b8:29:ec:01:07:ea:2a:4d:90:3b:50:c0:4f:c9:20:60:9b: 9d:0f:6e:44:0f:3f:0c:ea:02:51:b3:ef:5a:10:07:39:da:52: 8c:e4:60:fc:ae:29:cc:84:b5:0f:aa:d3:38:b1:49:de:00:9e: 85:e7:76:09:2e:75:ca:33:49:15:b5:23:73:9b:1b:ca:f4:d9: 76:e7:2b:f3:16:c3:0c:4d:d3:ec:7d:ef:17:77:aa:d2:60:5d: 21:12:93:ad:b5:b8:0a:b6:db:0b:39:4e:0d:7e:de:f0:55:cb: 2b:60:e7:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0k/eUFKhw3G39B6uVU1EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh MjhjNjQwHhcNMjUxMjA2MDQwMTIzWhcNMjUxMjA3MDQwMTIzWjAzMTEwLwYDVQQD Eyg3MTk3NWVkYmU3ZmJmOTczZTAxOGEzNmU2NGI5NTU2MzRkYjYzODAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dfhFYQevQ89tYsorK6XMBSN2sRa tm8Uverp9q9R+SmsWtFb8RN26NTUGZRa+peFMMrUt3gciUJi8rmnmdRurZQATvTZ EwcMX4E8OBIEiBchV1r2gBo3qisX10wmzzM6UBMFF3tr6xXvO0d2Wk6P/qNFGIzI 28tGvwKQaRPVAwXHFpTl30ozB/Ax7aq0rSKM9j7g+Lwy+irE2x8PTGLgju17/rAY AMrOZcEbb06hipjwkfONbMeum3Ql3YtHB/ouuDmw70robAaYzqlvAj5Nzz6xSAOv V7X1SHuT5sWTqFHqZAKItnfOnD3izX1FI+1J3nGxrIPFeRjZSc6r7eROOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHGXXtvn+/lz4BijbmS5VWNNtjgBMB8GA1UdIwQY MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJ4hgY3A mgHXG3oCL464OnyJhvMVILNUOlxeWCUDQArKu9w+fn+2zlVbQZTKFacIJchRQM2f g3Hf0BE4Gs1zkqIoOs143EJ0M7vDFKeAYgP4sAFB9uce0SYZ2TrguU0yhI5exQCU icGHOYjrzzAm222LD0dWMpPyOuLSUFjTJ/hXp7dX0neiqIQ06HnH/lG/0Lgp7AEH 6ipNkDtQwE/JIGCbnQ9uRA8/DOoCUbPvWhAHOdpSjORg/K4pzIS1D6rTOLFJ3gCe hed2CS51yjNJFbUjc5sbyvTZducr8xbDDE3T7H3vF3eq0mBdIRKTrbW4CrbbCzlO DX7e8FXLK2Dn2A== -----END CERTIFICATE-----Generated at Sat Dec 6 13:35:44 2025 by rpki-client