This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft File: hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft (raw, json) Hash identifier: kCPCN1UqFKUqKlbouvnijpGUIogNqVThna8q0f2/g7k= Subject key identifier: 62:AF:CA:B3:3F:8D:B4:C4:59:0D:6B:1B:18:94:AE:61:29:0C:3B:BA Authority key identifier: 85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84 Certificate issuer: /CN=8521d103fc73e9075dcf1e22bc8242b70f98c884 Certificate serial: 019AF5E568637032D8F5602A0FF0DAECB22D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft Manifest number: 078F Signing time: Sat 06 Dec 2025 23:00:43 +0000 Manifest this update: Sat 06 Dec 2025 23:00:43 +0000 Manifest next update: Sun 07 Dec 2025 23:00:43 +0000 Files and hashes: 1: 5RI4SZ7klYwbXOltWz9mLe7dxD8.roa (hash: GWR45JMOb96igm8o2PgndioWHr8iBdYB9L2Wx8rR7YM=) 2: hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl (hash: JmdtNyr2tV62ABhc8ZZd449nyhUQwL70Jz0gS0NjRnk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e5:68:63:70:32:d8:f5:60:2a:0f:f0:da:ec:b2:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8521d103fc73e9075dcf1e22bc8242b70f98c884 Validity Not Before: Dec 6 23:00:43 2025 GMT Not After : Dec 7 23:00:43 2025 GMT Subject: CN=62afcab33f8db4c4590d6b1b1894ae61290c3bba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:c6:c8:aa:c0:22:a1:e4:78:99:13:c6:55:4e: e3:1d:b6:f0:c7:fd:71:d9:b6:20:a1:d0:0c:01:ea: e1:8a:95:0c:d3:5d:91:fe:48:c3:b7:86:c6:12:86: f4:1d:59:1b:d5:81:f3:78:1e:2b:68:47:0b:bb:c1: dd:5d:0f:23:da:92:59:2d:8c:31:f9:1a:01:62:10: 58:16:eb:d1:ef:cf:4d:f3:8b:48:b1:67:52:51:69: 19:b1:c8:bb:59:c9:72:77:05:f9:10:cb:9b:e0:d0: 0c:70:93:5c:9b:8c:8d:33:30:5d:00:97:35:4a:1d: a4:e7:00:fe:a1:b7:95:01:56:f6:97:c7:c2:3f:23: 1d:01:35:a5:22:8b:b9:e2:b3:e3:bd:43:78:3b:aa: a7:0d:8c:1c:ed:e2:37:76:eb:33:6d:f6:f9:ac:3c: eb:29:90:22:dd:77:fc:fd:52:6f:5e:74:c3:09:64: 1e:67:0e:1d:99:1d:b2:0a:ef:fb:7d:33:fd:32:fa: af:4c:b0:0a:3a:72:dc:26:c6:0b:c2:61:d3:b9:53: 28:74:55:ef:60:c5:ac:13:88:51:9d:40:13:69:70: 4d:30:a0:1d:ec:09:85:4c:e1:a9:44:56:8a:d6:b1: 68:a1:e4:d8:19:ee:7b:96:f6:d8:bf:e0:59:0a:40: a7:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:AF:CA:B3:3F:8D:B4:C4:59:0D:6B:1B:18:94:AE:61:29:0C:3B:BA X509v3 Authority Key Identifier: keyid:85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:40:71:8b:8b:b9:9b:73:dc:ba:b5:63:0c:59:e5:f2:aa:85: d9:46:19:54:30:5e:e7:19:96:ce:32:b3:cb:ad:46:52:bf:6f: 25:50:8d:79:a3:f5:82:3f:e0:11:5c:41:c6:7a:6c:c3:ab:f4: 4c:10:bd:e2:80:13:df:9a:3c:f9:fe:32:a0:53:d6:e1:46:db: 79:75:6e:6f:f0:57:f1:66:4f:95:0f:f2:3c:79:2c:ae:05:06: 05:b5:46:cb:d4:ce:ed:d6:bf:94:0f:1f:4a:b4:fc:86:79:f7: 0f:5f:ec:44:25:59:1d:af:38:3f:3a:04:46:35:b1:ad:96:83: 24:fa:9f:58:61:cf:37:13:a7:f8:e2:ad:4b:de:75:3e:cc:00: 07:8a:24:1c:7d:55:f6:ae:0f:41:17:05:0b:04:31:3d:f5:f4: fc:51:5b:41:65:af:20:00:c2:9e:08:c4:cb:5f:2a:81:04:0f: d8:d2:ca:3d:f7:04:28:17:88:5a:96:f5:13:41:24:5e:be:a4: d3:d5:a4:3d:28:13:58:d8:a1:41:15:49:b5:cd:b3:62:70:c3: b3:a4:0b:1f:4c:05:d7:04:74:78:c7:a4:b2:f1:0c:af:02:3f: d4:f5:70:02:e5:3b:40:d2:9e:4b:5e:2c:79:a4:7b:6a:7f:9f: d1:68:e2:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15WhjcDLY9WAqD/Da7LItMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MjFkMTAzZmM3M2U5MDc1ZGNmMWUyMmJjODI0MmI3MGY5 OGM4ODQwHhcNMjUxMjA2MjMwMDQzWhcNMjUxMjA3MjMwMDQzWjAzMTEwLwYDVQQD Eyg2MmFmY2FiMzNmOGRiNGM0NTkwZDZiMWIxODk0YWU2MTI5MGMzYmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MbIqsAioeR4mRPGVU7jHbbwx/1x 2bYgodAMAerhipUM012R/kjDt4bGEob0HVkb1YHzeB4raEcLu8HdXQ8j2pJZLYwx +RoBYhBYFuvR789N84tIsWdSUWkZsci7WclydwX5EMub4NAMcJNcm4yNMzBdAJc1 Sh2k5wD+obeVAVb2l8fCPyMdATWlIou54rPjvUN4O6qnDYwc7eI3duszbfb5rDzr KZAi3Xf8/VJvXnTDCWQeZw4dmR2yCu/7fTP9MvqvTLAKOnLcJsYLwmHTuVModFXv YMWsE4hRnUATaXBNMKAd7AmFTOGpRFaK1rFooeTYGe57lvbYv+BZCkCnhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGKvyrM/jbTEWQ1rGxiUrmEpDDu6MB8GA1UdIwQY MBaAFIUh0QP8c+kHXc8eIryCQrcPmMiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUt ZTQwZGUwODQxM2ZhLzEvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUtZTQwZGUwODQxM2Zh LzEvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv0Bxi4u5 m3PcurVjDFnl8qqF2UYZVDBe5xmWzjKzy61GUr9vJVCNeaP1gj/gEVxBxnpsw6v0 TBC94oAT35o8+f4yoFPW4UbbeXVub/BX8WZPlQ/yPHksrgUGBbVGy9TO7da/lA8f SrT8hnn3D1/sRCVZHa84PzoERjWxrZaDJPqfWGHPNxOn+OKtS951PswAB4okHH1V 9q4PQRcFCwQxPfX0/FFbQWWvIADCngjEy18qgQQP2NLKPfcEKBeIWpb1E0EkXr6k 09WkPSgTWNihQRVJtc2zYnDDs6QLH0wF1wR0eMeksvEMrwI/1PVwAuU7QNKeS14s eaR7an+f0WjiZg== -----END CERTIFICATE-----Generated at Sun Dec 7 03:42:40 2025 by rpki-client