This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.mft File: hGbpF0La0bn0x5ayOzfres2FgWE.mft (raw, json) Hash identifier: YHlxBepZhVL5/+DCY9+np7VYopDxHQnIW4ZRPDrJnjQ= Subject key identifier: C9:C8:E4:C0:F2:2F:E2:BE:62:25:28:7A:28:1B:27:5D:D5:66:DD:22 Authority key identifier: 84:66:E9:17:42:DA:D1:B9:F4:C7:96:B2:3B:37:EB:7A:CD:85:81:61 Certificate issuer: /CN=8466e91742dad1b9f4c796b23b37eb7acd858161 Certificate serial: 019AF19AC4F3BB7117EE3A98A0845C393A6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGbpF0La0bn0x5ayOzfres2FgWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.mft Manifest number: 1202 Signing time: Sat 06 Dec 2025 03:00:43 +0000 Manifest this update: Sat 06 Dec 2025 03:00:43 +0000 Manifest next update: Sun 07 Dec 2025 03:00:43 +0000 Files and hashes: 1: bbcA4RxlQmcQjNn0rG4goHNMuOU.roa (hash: R2hOoSIVcz11ndb2ZPvvYv6Kv8fgZfMkny+ajnRe2GQ=) 2: hGbpF0La0bn0x5ayOzfres2FgWE.crl (hash: Eo4Xj0uSvmiGmG63Bvg5vdEoECTZ6R1/r41JQpf7mgw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.mft rsync://rpki.ripe.net/repository/DEFAULT/hGbpF0La0bn0x5ayOzfres2FgWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:c4:f3:bb:71:17:ee:3a:98:a0:84:5c:39:3a:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8466e91742dad1b9f4c796b23b37eb7acd858161 Validity Not Before: Dec 6 03:00:43 2025 GMT Not After : Dec 7 03:00:43 2025 GMT Subject: CN=c9c8e4c0f22fe2be6225287a281b275dd566dd22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:85:20:d7:35:7d:08:9c:09:89:28:41:6e:7b: 54:e6:bf:42:b7:23:ab:9d:72:33:ab:00:b2:88:21: 43:52:80:99:18:48:4b:6a:ed:18:11:26:7f:a0:5f: 2b:ca:bf:bc:d8:9e:8f:85:3c:ec:84:6f:37:89:21: 2c:00:6a:da:4f:f0:81:2e:d4:36:4d:0b:5b:e0:b0: b0:91:81:54:d0:16:8e:c0:71:13:28:87:20:9c:98: fe:e6:c7:c0:f9:f2:0c:d8:dc:ff:f8:65:14:4d:51: 07:9a:6c:e0:dd:20:fb:bb:f6:57:da:2d:b1:c5:43: d8:4e:d4:e2:dc:1f:ab:56:b0:7e:7a:b3:01:b3:03: 48:74:54:5e:a8:67:cb:52:af:4c:7d:d8:ce:40:bc: 0f:25:f4:fd:3f:8f:59:6b:01:ae:5c:0b:a2:f3:19: 55:23:05:61:5e:4f:50:78:58:34:7e:b0:7d:e6:6f: a2:f2:44:b4:fd:a2:c0:37:51:35:0a:15:bb:79:5a: bb:b4:aa:96:37:c4:60:6e:17:a4:9c:67:0a:ea:d1: c6:68:20:13:e0:83:f1:2c:c3:84:2d:c5:45:a3:e1: 6d:b2:0b:2d:18:5a:92:b8:af:7e:13:1c:fa:46:e4: 2c:ba:92:d6:1b:86:45:27:de:47:9e:21:86:80:2c: 0c:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:C8:E4:C0:F2:2F:E2:BE:62:25:28:7A:28:1B:27:5D:D5:66:DD:22 X509v3 Authority Key Identifier: keyid:84:66:E9:17:42:DA:D1:B9:F4:C7:96:B2:3B:37:EB:7A:CD:85:81:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGbpF0La0bn0x5ayOzfres2FgWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a669b7-0779-459a-9220-4e32c8b8ee36/1/hGbpF0La0bn0x5ayOzfres2FgWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:75:ed:45:dd:f3:b2:e9:a8:8f:79:8f:f2:99:a7:66:5e:a1: db:35:76:1e:35:e0:36:86:d3:38:59:91:3e:83:19:ce:3e:c4: 1b:f6:c7:a8:46:a3:37:33:0b:ab:6e:f2:1b:9c:66:5d:5e:13: 91:3c:35:42:e7:0a:a3:75:23:34:60:a8:a5:72:0a:7b:87:ef: 2a:28:24:52:c5:ee:e4:87:f4:5a:cc:11:b1:de:4d:9b:6b:68: 5c:e0:7b:e2:3e:a6:26:aa:8c:97:73:7c:f6:61:57:37:43:7a: 89:5b:e5:16:27:99:fa:93:ea:60:08:d7:fc:ab:59:2d:1f:28: 24:46:c1:ff:b2:36:5d:55:4c:b9:2a:ff:1a:e3:ec:4f:ce:0b: 6c:82:0d:0a:bf:bd:29:4e:86:29:04:6b:28:9b:12:06:bb:02: 03:d2:82:f2:4d:0d:06:d5:ab:e8:7d:e1:21:59:86:b8:be:80: 83:95:93:dc:83:b7:68:00:b3:25:a9:24:ce:4e:c5:69:ff:bf: 12:72:29:e6:f8:28:80:95:23:df:2a:97:38:9c:0a:1c:1e:6c: e6:52:10:57:7e:12:a3:95:18:1b:39:ec:41:c4:1f:71:a6:76: 2d:21:d7:a9:d6:ea:12:89:fe:ed:ed:59:d5:06:2d:32:b3:8f: 8d:94:6f:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmsTzu3EX7jqYoIRcOTpuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NjZlOTE3NDJkYWQxYjlmNGM3OTZiMjNiMzdlYjdhY2Q4 NTgxNjEwHhcNMjUxMjA2MDMwMDQzWhcNMjUxMjA3MDMwMDQzWjAzMTEwLwYDVQQD EyhjOWM4ZTRjMGYyMmZlMmJlNjIyNTI4N2EyODFiMjc1ZGQ1NjZkZDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIUg1zV9CJwJiShBbntU5r9CtyOr nXIzqwCyiCFDUoCZGEhLau0YESZ/oF8ryr+82J6PhTzshG83iSEsAGraT/CBLtQ2 TQtb4LCwkYFU0BaOwHETKIcgnJj+5sfA+fIM2Nz/+GUUTVEHmmzg3SD7u/ZX2i2x xUPYTtTi3B+rVrB+erMBswNIdFReqGfLUq9MfdjOQLwPJfT9P49ZawGuXAui8xlV IwVhXk9QeFg0frB95m+i8kS0/aLAN1E1ChW7eVq7tKqWN8RgbheknGcK6tHGaCAT 4IPxLMOELcVFo+FtsgstGFqSuK9+Exz6RuQsupLWG4ZFJ95HniGGgCwMRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMnI5MDyL+K+YiUoeigbJ13VZt0iMB8GA1UdIwQY MBaAFIRm6RdC2tG59MeWsjs363rNhYFhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEdicEYwTGEwYm4weDVheU96ZnJlczJGZ1dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hNjY5YjctMDc3OS00NTlhLTkyMjAt NGUzMmM4YjhlZTM2LzEvaEdicEYwTGEwYm4weDVheU96ZnJlczJGZ1dFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9hNjY5YjctMDc3OS00NTlhLTkyMjAtNGUzMmM4YjhlZTM2 LzEvaEdicEYwTGEwYm4weDVheU96ZnJlczJGZ1dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAInXtRd3z sumoj3mP8pmnZl6h2zV2HjXgNobTOFmRPoMZzj7EG/bHqEajNzMLq27yG5xmXV4T kTw1QucKo3UjNGCopXIKe4fvKigkUsXu5If0WswRsd5Nm2toXOB74j6mJqqMl3N8 9mFXN0N6iVvlFieZ+pPqYAjX/KtZLR8oJEbB/7I2XVVMuSr/GuPsT84LbIINCr+9 KU6GKQRrKJsSBrsCA9KC8k0NBtWr6H3hIVmGuL6Ag5WT3IO3aACzJakkzk7Faf+/ EnIp5vgogJUj3yqXOJwKHB5s5lIQV34So5UYGznsQcQfcaZ2LSHXqdbqEon+7e1Z 1QYtMrOPjZRv5A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:58:22 2025 by rpki-client