This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft File: hUxfKY2BrMVXP9WfsF3YbyCry6g.mft (raw, json) Hash identifier: NB8v/XY2/n5qNf3KbQgHOkUx9D5cN0+pBf/3rYOBSPI= Subject key identifier: 37:9F:87:13:D2:64:65:05:0A:D9:F9:A4:C2:6A:4D:D5:BB:79:EB:63 Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8 Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8 Certificate serial: 019AF509E4D2843F87E1069486F4686B6E79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft Manifest number: 11E2 Signing time: Sat 06 Dec 2025 19:00:57 +0000 Manifest this update: Sat 06 Dec 2025 19:00:57 +0000 Manifest next update: Sun 07 Dec 2025 19:00:57 +0000 Files and hashes: 1: CJqITen207ZODHzo1XtCMdI_VBo.roa (hash: f1FWG5pswdJQTpL1NXAace6jGLQD4G1flmSN2+tjCMo=) 2: hUxfKY2BrMVXP9WfsF3YbyCry6g.crl (hash: GSGpok144yL5Qezki3I9TT9NZISlK9QDvDjTznSclvM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:e4:d2:84:3f:87:e1:06:94:86:f4:68:6b:6e:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8 Validity Not Before: Dec 6 19:00:57 2025 GMT Not After : Dec 7 19:00:57 2025 GMT Subject: CN=379f8713d26465050ad9f9a4c26a4dd5bb79eb63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:76:2c:b4:c6:ec:93:4f:a2:eb:5d:f7:02:3a: 21:3a:6b:0f:89:9c:35:50:88:e8:43:a8:81:34:cd: a1:2f:a1:4c:63:67:96:ee:8e:7b:3e:5b:09:0e:a0: 6d:db:94:7f:ad:72:66:9d:e1:5c:04:74:5f:b9:2d: ea:0b:6b:77:70:e3:4d:52:42:7e:58:af:13:43:2f: b4:69:0b:78:c8:2d:d6:96:b2:37:fe:2e:55:1b:f6: 72:53:e9:a0:d3:37:22:b2:8c:36:2c:31:36:17:7a: 9b:d9:dc:80:6b:23:88:98:13:90:fa:ea:2d:c3:7b: 89:c0:de:55:e4:3c:d8:9b:b9:a9:b0:32:12:09:7a: 06:b7:31:ec:ee:67:ad:8e:94:1b:74:d4:84:13:8a: 14:9a:c1:67:71:68:df:9c:53:e3:a8:1e:69:47:79: 49:78:8e:d9:42:3b:24:75:8a:b0:7c:c8:39:4a:01: 58:80:48:6b:7d:fd:b3:fa:be:80:6b:55:d3:d0:be: 2d:7e:fd:13:74:c4:bd:8d:5b:28:7d:96:8b:c7:f6: c3:32:42:b4:0a:c0:a4:69:60:e1:7e:40:07:2d:63: de:17:d4:8d:35:47:31:c9:3f:81:ef:0d:6a:f0:40: 5f:35:9b:4d:ae:75:f8:aa:af:84:bc:c1:21:ff:cf: e3:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:9F:87:13:D2:64:65:05:0A:D9:F9:A4:C2:6A:4D:D5:BB:79:EB:63 X509v3 Authority Key Identifier: keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:42:a4:c8:26:c9:0e:df:73:fe:ef:5c:87:76:5c:a8:7a:6f: 1e:9c:7d:40:8d:78:e7:bd:29:33:51:b5:53:a4:96:9d:db:e9: 41:55:cc:06:3f:2b:15:1f:15:96:0f:23:9c:b3:7e:f8:17:cd: da:29:94:0b:9e:0c:41:07:c0:19:52:23:71:f4:28:c1:74:63: 72:6e:b0:74:4e:ec:ac:86:f8:b8:60:c8:89:fc:ba:f1:50:e6: 48:55:2f:01:40:58:d9:5e:92:d7:52:24:18:5c:6b:a9:72:b8: 84:1f:12:1f:19:3c:67:0d:80:42:fe:51:90:58:c0:23:93:3e: 3f:1b:c7:08:63:8f:22:e9:36:b4:4a:02:87:84:2d:73:74:56: f0:2f:e6:06:11:c6:8d:46:57:0c:04:77:0a:6b:40:63:7a:56: 69:ed:a8:7b:72:94:8e:8c:94:df:8c:b1:78:a4:97:88:e0:73: d0:a1:6b:2b:90:55:54:d2:bd:38:12:49:68:15:6d:1d:31:b9: 40:ff:62:8d:2b:13:3a:1b:6c:65:24:a4:51:ff:3a:6f:29:b5: 9a:8b:07:c7:f8:ad:07:ea:24:5f:2d:d0:98:2b:d8:2b:f7:c6: 20:d5:05:7b:76:be:18:de:0b:21:dc:65:b8:88:d7:88:d4:2e: 57:72:26:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CeTShD+H4QaUhvRoa255MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh YmNiYTgwHhcNMjUxMjA2MTkwMDU3WhcNMjUxMjA3MTkwMDU3WjAzMTEwLwYDVQQD EygzNzlmODcxM2QyNjQ2NTA1MGFkOWY5YTRjMjZhNGRkNWJiNzllYjYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHYstMbsk0+i6133AjohOmsPiZw1 UIjoQ6iBNM2hL6FMY2eW7o57PlsJDqBt25R/rXJmneFcBHRfuS3qC2t3cONNUkJ+ WK8TQy+0aQt4yC3WlrI3/i5VG/ZyU+mg0zcisow2LDE2F3qb2dyAayOImBOQ+uot w3uJwN5V5DzYm7mpsDISCXoGtzHs7metjpQbdNSEE4oUmsFncWjfnFPjqB5pR3lJ eI7ZQjskdYqwfMg5SgFYgEhrff2z+r6Aa1XT0L4tfv0TdMS9jVsofZaLx/bDMkK0 CsCkaWDhfkAHLWPeF9SNNUcxyT+B7w1q8EBfNZtNrnX4qq+EvMEh/8/j2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDefhxPSZGUFCtn5pMJqTdW7eetjMB8GA1UdIwQY MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt NzUyZDU5YTA0MmMyLzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU0KkyCbJ Dt9z/u9ch3ZcqHpvHpx9QI14570pM1G1U6SWndvpQVXMBj8rFR8Vlg8jnLN++BfN 2imUC54MQQfAGVIjcfQowXRjcm6wdE7srIb4uGDIify68VDmSFUvAUBY2V6S11Ik GFxrqXK4hB8SHxk8Zw2AQv5RkFjAI5M+PxvHCGOPIuk2tEoCh4Qtc3RW8C/mBhHG jUZXDAR3CmtAY3pWae2oe3KUjoyU34yxeKSXiOBz0KFrK5BVVNK9OBJJaBVtHTG5 QP9ijSsTOhtsZSSkUf86bym1mosHx/itB+okXy3QmCvYK/fGINUFe3a+GN4LIdxl uIjXiNQuV3Im9Q== -----END CERTIFICATE-----Generated at Sat Dec 6 22:54:55 2025 by rpki-client