This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6f679e-62be-4e22-8b2c-24001919eade/1/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.mft File: Hz2d1Kof8utQ2g1Ayuxb_aaOczc.mft (raw, json) Hash identifier: 319LdXwltXLL5xTNSgctCHQ5Gnbwo2WgIJb+6iOw/eI= Subject key identifier: 42:91:9C:4B:24:78:3F:BA:AC:E9:C7:8D:06:27:63:99:A0:E2:34:F1 Authority key identifier: 1F:3D:9D:D4:AA:1F:F2:EB:50:DA:0D:40:CA:EC:5B:FD:A6:8E:73:37 Certificate issuer: /CN=1f3d9dd4aa1ff2eb50da0d40caec5bfda68e7337 Certificate serial: 019AF1D1A7D5C409959F710F1F3A4C505C9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6f679e-62be-4e22-8b2c-24001919eade/1/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.mft Manifest number: B9 Signing time: Sat 06 Dec 2025 04:00:40 +0000 Manifest this update: Sat 06 Dec 2025 04:00:40 +0000 Manifest next update: Sun 07 Dec 2025 04:00:40 +0000 Files and hashes: 1: Hz2d1Kof8utQ2g1Ayuxb_aaOczc.crl (hash: zvKKjoNRNxotLj/1PSfumtZN81Mnl+PrumIcbSK3Gf0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/6f679e-62be-4e22-8b2c-24001919eade/1/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/6f679e-62be-4e22-8b2c-24001919eade/1/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.mft rsync://rpki.ripe.net/repository/DEFAULT/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a7:d5:c4:09:95:9f:71:0f:1f:3a:4c:50:5c:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3d9dd4aa1ff2eb50da0d40caec5bfda68e7337 Validity Not Before: Dec 6 04:00:40 2025 GMT Not After : Dec 7 04:00:40 2025 GMT Subject: CN=42919c4b24783fbaace9c78d06276399a0e234f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c5:55:bc:0f:dc:4b:75:6d:53:e2:67:7e:3a: ad:fb:1f:8b:ee:c6:25:21:bc:aa:89:19:27:89:c8: 40:7a:d7:9c:01:83:7d:45:da:b7:80:93:52:b0:fa: 92:c0:93:ec:52:19:af:59:b8:a4:80:0e:ee:1e:e3: 99:46:a7:7d:01:72:fe:da:62:d3:98:ad:cf:2f:ff: db:45:52:7c:16:de:00:7d:26:d8:5e:8a:6f:75:eb: b8:ed:0e:e0:95:51:32:ee:dc:0a:70:94:0b:fa:be: 02:88:f7:43:08:3b:c5:ca:aa:dc:52:cf:6c:3a:0c: b4:3e:53:33:56:3f:e9:1a:b7:5b:6c:be:27:e2:b2: 3a:93:3b:90:a3:04:5b:99:91:5b:82:c9:ba:43:3d: c4:b2:1c:f0:26:ac:15:4a:ea:a1:61:c2:9a:22:10: 69:92:dc:d0:08:73:f7:b2:db:b5:b7:4f:e3:08:fc: 75:b0:05:07:da:7c:a0:41:8d:b9:c7:dd:ef:ba:68: ff:b4:ee:cc:b1:07:ef:60:e0:f5:4e:93:fb:e4:e2: b5:b9:c0:58:4e:35:1f:24:05:1a:e3:cf:32:5a:99: ef:6b:81:76:67:3c:56:6d:8d:e6:57:0d:c8:a7:49: 2b:97:f7:69:3e:f1:a3:b4:af:a8:7e:92:0a:99:77: 7f:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:91:9C:4B:24:78:3F:BA:AC:E9:C7:8D:06:27:63:99:A0:E2:34:F1 X509v3 Authority Key Identifier: keyid:1F:3D:9D:D4:AA:1F:F2:EB:50:DA:0D:40:CA:EC:5B:FD:A6:8E:73:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6f679e-62be-4e22-8b2c-24001919eade/1/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6f679e-62be-4e22-8b2c-24001919eade/1/Hz2d1Kof8utQ2g1Ayuxb_aaOczc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:4f:e5:59:6b:2d:32:4c:21:af:fb:a5:83:1c:33:cf:e5:2a: 56:0b:b1:04:95:ae:47:94:bb:e0:b6:74:8a:3e:85:fa:9a:0e: 2a:6f:4c:e5:d6:83:1d:23:c7:17:9f:b4:5d:b8:cc:05:f6:99: f3:ca:14:1b:e0:78:8f:ed:b5:d1:91:d3:61:61:b7:f2:bf:3f: c9:4d:44:f4:21:4e:0a:39:2c:fc:4b:d2:83:0c:ba:fb:64:e0: 82:0a:9f:0b:aa:e5:49:cb:69:4f:07:28:7f:74:5c:ff:f4:31: 3f:68:af:a4:dd:89:f5:3e:f8:88:17:0e:40:8d:bc:c1:0b:69: cc:b1:93:0d:9a:4d:ab:1f:32:85:5b:a4:1c:6b:ae:be:35:c2: 7e:aa:41:d1:88:5d:d6:33:89:0f:67:ab:89:94:6f:ab:74:7e: 68:72:42:f2:45:66:f5:20:37:61:10:12:41:2c:4a:0b:69:e5: a1:b2:ad:52:92:45:d5:f8:a9:de:49:d7:c1:4c:7c:32:11:31: b6:5c:2d:17:5d:e8:6e:4b:2a:6b:58:60:05:0a:08:06:73:47: 58:60:14:ab:d2:08:41:82:46:d6:39:7a:c7:bd:2b:e8:60:b9: ef:11:f3:7d:55:a1:ee:8c:89:a6:64:70:3a:14:00:cb:6c:9b: 92:14:79:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0afVxAmVn3EPHzpMUFycMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmM2Q5ZGQ0YWExZmYyZWI1MGRhMGQ0MGNhZWM1YmZkYTY4 ZTczMzcwHhcNMjUxMjA2MDQwMDQwWhcNMjUxMjA3MDQwMDQwWjAzMTEwLwYDVQQD Eyg0MjkxOWM0YjI0NzgzZmJhYWNlOWM3OGQwNjI3NjM5OWEwZTIzNGYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMVVvA/cS3VtU+Jnfjqt+x+L7sYl IbyqiRknichAetecAYN9Rdq3gJNSsPqSwJPsUhmvWbikgA7uHuOZRqd9AXL+2mLT mK3PL//bRVJ8Ft4AfSbYXopvdeu47Q7glVEy7twKcJQL+r4CiPdDCDvFyqrcUs9s Ogy0PlMzVj/pGrdbbL4n4rI6kzuQowRbmZFbgsm6Qz3EshzwJqwVSuqhYcKaIhBp ktzQCHP3stu1t0/jCPx1sAUH2nygQY25x93vumj/tO7MsQfvYOD1TpP75OK1ucBY TjUfJAUa488yWpnva4F2ZzxWbY3mVw3Ip0krl/dpPvGjtK+ofpIKmXd/BQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEKRnEskeD+6rOnHjQYnY5mg4jTxMB8GA1UdIwQY MBaAFB89ndSqH/LrUNoNQMrsW/2mjnM3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHoyZDFLb2Y4dXRRMmcxQXl1eGJfYWFPY3pjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82ZjY3OWUtNjJiZS00ZTIyLThiMmMt MjQwMDE5MTllYWRlLzEvSHoyZDFLb2Y4dXRRMmcxQXl1eGJfYWFPY3pjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC82ZjY3OWUtNjJiZS00ZTIyLThiMmMtMjQwMDE5MTllYWRl LzEvSHoyZDFLb2Y4dXRRMmcxQXl1eGJfYWFPY3pjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0/lWWst Mkwhr/ulgxwzz+UqVguxBJWuR5S74LZ0ij6F+poOKm9M5daDHSPHF5+0XbjMBfaZ 88oUG+B4j+210ZHTYWG38r8/yU1E9CFOCjks/EvSgwy6+2TgggqfC6rlSctpTwco f3Rc//QxP2ivpN2J9T74iBcOQI28wQtpzLGTDZpNqx8yhVukHGuuvjXCfqpB0Yhd 1jOJD2eriZRvq3R+aHJC8kVm9SA3YRASQSxKC2nlobKtUpJF1fip3knXwUx8MhEx tlwtF13obksqa1hgBQoIBnNHWGAUq9IIQYJG1jl6x70r6GC57xHzfVWh7oyJpmRw OhQAy2ybkhR5tw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:19:27 2025 by rpki-client