This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft File: Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json) Hash identifier: 1ysu3czAMVDwYoF/wXWhAUHVBiX7BpFAjHNIe3lhNB4= Subject key identifier: 23:E8:65:01:28:FF:3C:C1:A0:E8:9B:DE:63:19:35:D2:DD:30:AD:99 Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2 Certificate issuer: /CN=1de93273ced592894c9d355148bb1facc10f72a2 Certificate serial: 019AF31BF21F506AA0EB85531CA7815AE8F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft Manifest number: 1344 Signing time: Sat 06 Dec 2025 10:01:26 +0000 Manifest this update: Sat 06 Dec 2025 10:01:26 +0000 Manifest next update: Sun 07 Dec 2025 10:01:26 +0000 Files and hashes: 1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: v1C8HBUptxkSbIwOGHzUxfwIPZT/izmsqRrWSm+qe8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:f2:1f:50:6a:a0:eb:85:53:1c:a7:81:5a:e8:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2 Validity Not Before: Dec 6 10:01:26 2025 GMT Not After : Dec 7 10:01:26 2025 GMT Subject: CN=23e8650128ff3cc1a0e89bde631935d2dd30ad99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1c:f4:f7:32:64:b7:e6:51:39:24:bf:bc:20: e0:fa:56:4b:f8:24:79:49:8a:89:2c:54:27:60:bc: 40:94:ea:66:23:b1:ff:5b:7c:0a:5b:dc:ea:f8:fe: 64:35:aa:73:e8:4c:65:a8:c8:a4:b6:ff:65:0f:fe: 69:55:04:f6:e5:58:83:62:5e:e0:12:fa:1a:be:a3: c3:f1:e5:f6:47:a8:66:fe:ce:6b:12:ba:f1:02:27: e8:5a:91:bb:c3:d3:7b:61:0a:28:e7:3c:d3:9f:52: bd:a9:80:ce:23:20:43:3d:21:bb:4a:d9:6a:05:50: a8:31:ad:f7:d4:a6:25:35:73:4b:a4:17:91:ce:b0: fc:4f:aa:bb:4f:2e:8e:a5:61:8b:0e:ed:7a:1e:f7: 8b:f6:fd:7a:da:c2:8b:9a:31:a4:0e:24:47:8d:17: 2c:d8:4f:50:1f:7f:f1:22:17:17:77:7a:72:5c:6f: 3d:9a:6b:3a:70:0a:c0:18:85:61:3e:c3:e5:cb:fe: fc:c1:aa:b5:bd:01:b1:0a:10:fe:b4:fd:97:a6:32: e3:42:01:0c:da:44:2a:48:53:44:e7:96:ba:f9:d8: 7d:69:2e:e1:d5:92:2a:4d:59:7a:46:1f:81:4b:6e: 1a:1f:a4:5e:25:66:47:0f:a0:a2:3a:d4:cd:9c:ff: 6d:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:E8:65:01:28:FF:3C:C1:A0:E8:9B:DE:63:19:35:D2:DD:30:AD:99 X509v3 Authority Key Identifier: keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:d2:db:08:08:b5:34:50:2b:08:c2:b5:4a:d1:eb:84:91:d2: 18:38:42:44:0f:ce:0c:59:fd:b5:3a:93:ea:66:b3:d4:13:24: e0:8c:27:df:86:2d:e5:3e:c2:08:df:78:40:83:35:fa:4c:fd: 09:6d:9a:11:05:ff:81:1a:9a:e6:4b:9c:22:e7:78:42:72:18: 03:60:4c:94:07:e9:38:52:6a:e6:98:bb:d2:bf:f6:b1:02:bb: 77:38:bb:fe:8d:54:a6:de:d8:e5:65:ef:1c:23:5e:92:57:05: fb:7a:a4:47:fd:1e:69:f7:e7:38:34:f4:a1:1a:d6:99:55:04: 38:50:e8:19:81:e2:d2:be:f2:f4:80:d7:57:c7:ee:f1:46:de: f5:2e:1e:dd:3f:26:31:bf:02:19:eb:57:cd:63:3d:b0:0c:38: 9e:06:f8:af:bb:e3:5a:2d:c6:1f:79:b9:32:e3:9e:3f:af:8c: 6f:4b:20:35:ba:1f:34:2d:15:23:eb:42:0c:d0:2f:86:12:b5: b1:5a:c1:54:93:cf:f8:41:df:39:0c:5c:49:94:4f:7e:a2:ba: 5b:3a:76:5c:54:06:d4:a8:19:f9:a3:4b:33:ce:9a:19:da:01: d9:45:5b:db:43:21:6e:ad:cb:af:7d:cf:c3:1b:a4:69:f8:d8: a1:a1:dd:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG/IfUGqg64VTHKeBWujzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw ZjcyYTIwHhcNMjUxMjA2MTAwMTI2WhcNMjUxMjA3MTAwMTI2WjAzMTEwLwYDVQQD EygyM2U4NjUwMTI4ZmYzY2MxYTBlODliZGU2MzE5MzVkMmRkMzBhZDk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxz09zJkt+ZROSS/vCDg+lZL+CR5 SYqJLFQnYLxAlOpmI7H/W3wKW9zq+P5kNapz6ExlqMiktv9lD/5pVQT25ViDYl7g EvoavqPD8eX2R6hm/s5rErrxAifoWpG7w9N7YQoo5zzTn1K9qYDOIyBDPSG7Stlq BVCoMa331KYlNXNLpBeRzrD8T6q7Ty6OpWGLDu16HveL9v162sKLmjGkDiRHjRcs 2E9QH3/xIhcXd3pyXG89mms6cArAGIVhPsPly/78waq1vQGxChD+tP2XpjLjQgEM 2kQqSFNE55a6+dh9aS7h1ZIqTVl6Rh+BS24aH6ReJWZHD6CiOtTNnP9tkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPoZQEo/zzBoOib3mMZNdLdMK2ZMB8GA1UdIwQY MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAktLbCAi1 NFArCMK1StHrhJHSGDhCRA/ODFn9tTqT6maz1BMk4Iwn34Yt5T7CCN94QIM1+kz9 CW2aEQX/gRqa5kucIud4QnIYA2BMlAfpOFJq5pi70r/2sQK7dzi7/o1Upt7Y5WXv HCNeklcF+3qkR/0eaffnODT0oRrWmVUEOFDoGYHi0r7y9IDXV8fu8Ube9S4e3T8m Mb8CGetXzWM9sAw4ngb4r7vjWi3GH3m5MuOeP6+Mb0sgNbofNC0VI+tCDNAvhhK1 sVrBVJPP+EHfOQxcSZRPfqK6Wzp2XFQG1KgZ+aNLM86aGdoB2UVb20Mhbq3Lr33P wxukafjYoaHdxw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:50:36 2025 by rpki-client