This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft File: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft (raw, json) Hash identifier: JJfuP+KtIoJpRWm59poh3vG8y6F8LVb2SQ6LYEVdMQg= Subject key identifier: 83:AC:87:A5:9F:B7:64:6C:44:1E:4D:ED:3D:FF:88:9D:46:87:C9:4A Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8 Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8 Certificate serial: 019AF19B591E97A70A09EA83DC2D7B2172B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft Manifest number: 030A Signing time: Sat 06 Dec 2025 03:01:21 +0000 Manifest this update: Sat 06 Dec 2025 03:01:21 +0000 Manifest next update: Sun 07 Dec 2025 03:01:21 +0000 Files and hashes: 1: cllA8kNp-t480y7IfyyWuiklziY.roa (hash: 5bq8pPC98WVuN+UCw7i3OOCXOObrhETW5cCP805rEU4=) 2: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl (hash: jBsheTmAmG+TaHaeFMIQ613e3uSNIBJjZXb8xf9OlsI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:59:1e:97:a7:0a:09:ea:83:dc:2d:7b:21:72:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8 Validity Not Before: Dec 6 03:01:21 2025 GMT Not After : Dec 7 03:01:21 2025 GMT Subject: CN=83ac87a59fb7646c441e4ded3dff889d4687c94a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ce:b9:66:51:a1:f8:57:09:c1:15:ad:20:c3: 40:08:07:af:e8:bf:37:5e:19:4e:58:8a:f5:d3:e6: 96:f6:28:a6:7f:66:89:06:23:dd:39:db:a1:43:a3: 64:fd:67:87:01:4d:d0:d6:72:15:88:fa:a7:bf:13: 65:a9:cc:a5:c5:65:1d:29:61:de:3d:3b:49:8c:26: 75:bb:46:0c:35:2c:5a:23:0e:59:5b:ae:5a:9c:b1: 4b:6b:f4:e8:0c:dd:4f:4d:8d:4f:ba:ac:c2:db:d0: 55:a2:6e:55:ec:ef:f9:30:70:7d:86:b1:c8:99:29: 66:2d:c0:20:8d:26:14:99:9d:15:50:00:fa:8e:66: 44:d7:f4:f6:4d:e3:2f:a0:f2:ec:a0:32:6a:39:d1: 47:df:9b:94:49:c0:71:c8:0e:65:b6:f0:ad:dd:82: 1d:ce:f2:f7:d1:1f:9e:40:af:7c:36:22:20:e4:98: cc:1a:5a:bd:16:3d:6e:6e:9c:17:9c:be:a5:16:c9: 34:c9:b1:55:e9:25:91:28:41:82:0d:39:5f:1a:a8: e6:50:30:ce:8d:cd:c0:28:f4:ce:f4:76:5c:09:db: bc:67:88:ac:f1:61:d4:5f:c7:d2:1f:86:96:0a:31: 68:88:71:d6:d9:37:54:6d:08:bb:c4:1e:50:b6:f7: 77:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:AC:87:A5:9F:B7:64:6C:44:1E:4D:ED:3D:FF:88:9D:46:87:C9:4A X509v3 Authority Key Identifier: keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:2d:19:47:86:3c:1c:d4:ba:8e:3c:00:46:90:ab:d3:d4:45: 91:72:65:b7:3c:93:f8:b9:4c:b3:53:04:56:01:dc:f6:4e:62: 36:5e:78:e9:56:e8:e6:5f:33:14:c0:95:2d:67:21:fa:07:72: b6:e7:e8:bd:1e:b5:2a:16:d1:27:86:03:cb:a0:ee:d0:bb:54: cc:c4:b9:b4:eb:33:e1:66:63:a8:5d:31:19:19:fa:60:16:de: dd:e3:54:63:26:9e:8c:3c:0d:06:fd:11:96:b3:44:3c:e8:da: 80:d5:33:ab:1e:b2:81:c9:f3:40:5a:83:aa:e4:37:f3:3b:f1: ef:b8:69:4f:af:68:0a:12:85:31:df:c0:bf:d6:7a:1a:37:55: ee:74:3b:b3:c4:15:11:cf:64:aa:5a:e9:cd:c8:db:fb:2f:23: 99:f3:42:31:ad:9a:c9:c4:e2:f2:a3:99:68:f6:4f:5d:45:a9: 4c:86:d3:2f:3b:d7:23:5c:cd:61:d2:1c:f2:f9:21:f1:65:32: 67:45:b5:0d:85:06:4f:05:67:be:81:eb:49:c3:52:f0:27:b9: 66:63:ab:53:47:8b:ad:98:df:96:15:fe:94:89:bf:ac:23:2a: 61:33:bb:a3:80:86:db:9f:90:a4:37:b9:93:3e:41:60:90:56: 73:fc:28:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm1kel6cKCeqD3C17IXK2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0 YTM3ZDgwHhcNMjUxMjA2MDMwMTIxWhcNMjUxMjA3MDMwMTIxWjAzMTEwLwYDVQQD Eyg4M2FjODdhNTlmYjc2NDZjNDQxZTRkZWQzZGZmODg5ZDQ2ODdjOTRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM65ZlGh+FcJwRWtIMNACAev6L83 XhlOWIr10+aW9iimf2aJBiPdOduhQ6Nk/WeHAU3Q1nIViPqnvxNlqcylxWUdKWHe PTtJjCZ1u0YMNSxaIw5ZW65anLFLa/ToDN1PTY1PuqzC29BVom5V7O/5MHB9hrHI mSlmLcAgjSYUmZ0VUAD6jmZE1/T2TeMvoPLsoDJqOdFH35uUScBxyA5ltvCt3YId zvL30R+eQK98NiIg5JjMGlq9Fj1ubpwXnL6lFsk0ybFV6SWRKEGCDTlfGqjmUDDO jc3AKPTO9HZcCdu8Z4is8WHUX8fSH4aWCjFoiHHW2TdUbQi7xB5Qtvd39wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIOsh6Wft2RsRB5N7T3/iJ1Gh8lKMB8GA1UdIwQY MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt ZWE4NGE1MWViM2RjLzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoi0ZR4Y8 HNS6jjwARpCr09RFkXJltzyT+LlMs1MEVgHc9k5iNl546Vbo5l8zFMCVLWch+gdy tufovR61KhbRJ4YDy6Du0LtUzMS5tOsz4WZjqF0xGRn6YBbe3eNUYyaejDwNBv0R lrNEPOjagNUzqx6ygcnzQFqDquQ38zvx77hpT69oChKFMd/Av9Z6GjdV7nQ7s8QV Ec9kqlrpzcjb+y8jmfNCMa2aycTi8qOZaPZPXUWpTIbTLzvXI1zNYdIc8vkh8WUy Z0W1DYUGTwVnvoHrScNS8Ce5ZmOrU0eLrZjflhX+lIm/rCMqYTO7o4CG25+QpDe5 kz5BYJBWc/woiQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:14:24 2025 by rpki-client