This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.mft File: hZjLxOjf8YUkBKmSddIwpWERBV8.mft (raw, json) Hash identifier: 5TtJk/BZ65UIhUAb4720keOiiS2V5tjPo3IuG8GP7Lc= Subject key identifier: 22:8C:B0:2A:99:0E:B2:2F:1C:9D:EE:78:E4:BD:63:99:00:BE:7D:E0 Authority key identifier: 85:98:CB:C4:E8:DF:F1:85:24:04:A9:92:75:D2:30:A5:61:11:05:5F Certificate issuer: /CN=8598cbc4e8dff1852404a99275d230a56111055f Certificate serial: 019AF23FE35AAE505216EA42276E947A0F3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZjLxOjf8YUkBKmSddIwpWERBV8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.mft Manifest number: 07B0 Signing time: Sat 06 Dec 2025 06:01:04 +0000 Manifest this update: Sat 06 Dec 2025 06:01:04 +0000 Manifest next update: Sun 07 Dec 2025 06:01:04 +0000 Files and hashes: 1: XOOVHbvdi1PyG7OFqAlrThvaXr0.roa (hash: FXkyjiQc3j4OAi/BA8pdWLXnVuKz/SxHMWNuTxG6YRs=) 2: hZjLxOjf8YUkBKmSddIwpWERBV8.crl (hash: cjMQzITQ3Cxo2NWZO1/z0PTK5q+yXimDB13Ntp8Pnh8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.crl rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.mft rsync://rpki.ripe.net/repository/DEFAULT/hZjLxOjf8YUkBKmSddIwpWERBV8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:e3:5a:ae:50:52:16:ea:42:27:6e:94:7a:0f:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8598cbc4e8dff1852404a99275d230a56111055f Validity Not Before: Dec 6 06:01:04 2025 GMT Not After : Dec 7 06:01:04 2025 GMT Subject: CN=228cb02a990eb22f1c9dee78e4bd639900be7de0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ba:63:8c:19:1a:22:88:82:ce:11:ea:e3:8e: aa:94:2d:a7:c1:24:f3:6f:99:e2:a8:0f:47:92:31: 01:96:fe:1c:b7:81:26:a2:49:63:47:f3:ec:c8:69: 49:d0:15:c8:3d:dc:7c:f5:e3:79:87:4a:34:75:5f: 2e:ec:06:bd:72:dd:df:da:d7:a3:f2:9b:25:47:fb: a4:6b:1a:b8:2c:c7:8f:0b:df:ea:69:e0:e1:40:ba: 83:f0:bb:5b:c9:16:64:ac:92:8a:26:de:63:e7:dd: b1:14:6c:65:aa:4c:26:06:d7:7d:27:7a:91:d5:13: 2f:39:f3:5a:c5:60:a1:8d:38:76:32:79:56:d7:5e: c5:10:fa:6b:98:8f:58:9c:26:aa:b1:28:9e:be:68: e4:d6:c7:18:6a:50:c9:54:09:4e:2b:d8:7c:34:e0: 5f:7e:40:af:92:c0:9a:8a:cf:90:11:32:8f:c4:c5: 3d:13:c7:3d:2e:a4:f9:43:d6:63:d5:5e:dd:db:e7: ce:18:7d:1f:75:fa:6e:4e:01:a7:2d:5b:50:e4:79: ec:00:e6:ad:ef:4e:f9:c2:15:90:2a:bb:32:68:a9: 28:bb:57:47:71:0b:ea:1e:e5:74:a7:fb:92:27:18: 51:a8:55:59:dd:53:30:1b:da:e0:fe:9c:f2:86:56: 1c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:8C:B0:2A:99:0E:B2:2F:1C:9D:EE:78:E4:BD:63:99:00:BE:7D:E0 X509v3 Authority Key Identifier: keyid:85:98:CB:C4:E8:DF:F1:85:24:04:A9:92:75:D2:30:A5:61:11:05:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZjLxOjf8YUkBKmSddIwpWERBV8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/049ab2-9226-4b40-ab8a-51e4a5eafc8e/1/hZjLxOjf8YUkBKmSddIwpWERBV8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:e8:4f:43:1b:1c:23:d6:21:31:ff:ac:e8:58:e4:b2:6a:a0: 52:4b:a1:7c:a0:26:5c:5f:f6:9a:67:5a:b1:51:5d:07:d9:23: ec:bd:53:0f:7f:1c:51:52:e8:b8:53:63:e4:61:87:c0:53:c5: 11:27:3c:0e:9e:82:74:46:d7:69:b4:c3:6f:f8:54:96:38:4b: 43:81:8f:60:e6:eb:7e:01:e3:24:a5:c1:0b:aa:87:c6:3d:23: d3:1f:c9:dc:86:06:da:e9:bf:4b:01:31:ee:d3:d1:cd:81:47: 25:2c:c8:79:60:d9:c1:42:e9:24:0d:fa:d2:69:82:dc:96:13: 30:b5:ba:67:20:7c:3a:a6:87:c8:e9:0e:4b:93:02:1f:76:91: 0d:99:1c:e6:ed:66:0c:14:6c:94:c4:42:3b:d3:ca:d2:6b:a9: fd:5e:72:4a:32:a0:20:37:86:ea:85:a8:50:ce:3e:78:20:42: 0d:bc:ef:06:8e:ca:c9:d2:64:d7:b5:02:53:55:e8:f9:66:e9: 5e:85:45:5a:d6:49:58:b4:ef:9d:36:43:4d:88:2f:b8:3f:29: 7d:d4:70:e2:91:36:95:79:28:58:16:5a:6d:21:58:7f:45:ff: 09:43:e8:73:d4:d4:91:0b:80:67:70:3d:1b:93:4f:36:c4:53: e7:b9:59:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP+NarlBSFupCJ26Ueg8/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1OThjYmM0ZThkZmYxODUyNDA0YTk5Mjc1ZDIzMGE1NjEx MTA1NWYwHhcNMjUxMjA2MDYwMTA0WhcNMjUxMjA3MDYwMTA0WjAzMTEwLwYDVQQD EygyMjhjYjAyYTk5MGViMjJmMWM5ZGVlNzhlNGJkNjM5OTAwYmU3ZGUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37pjjBkaIoiCzhHq446qlC2nwSTz b5niqA9HkjEBlv4ct4EmokljR/PsyGlJ0BXIPdx89eN5h0o0dV8u7Aa9ct3f2tej 8pslR/ukaxq4LMePC9/qaeDhQLqD8LtbyRZkrJKKJt5j592xFGxlqkwmBtd9J3qR 1RMvOfNaxWChjTh2MnlW117FEPprmI9YnCaqsSievmjk1scYalDJVAlOK9h8NOBf fkCvksCais+QETKPxMU9E8c9LqT5Q9Zj1V7d2+fOGH0fdfpuTgGnLVtQ5HnsAOat 7075whWQKrsyaKkou1dHcQvqHuV0p/uSJxhRqFVZ3VMwG9rg/pzyhlYc0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCKMsCqZDrIvHJ3ueOS9Y5kAvn3gMB8GA1UdIwQY MBaAFIWYy8To3/GFJASpknXSMKVhEQVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFpqTHhPamY4WVVrQkttU2RkSXdwV0VSQlY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8wNDlhYjItOTIyNi00YjQwLWFiOGEt NTFlNGE1ZWFmYzhlLzEvaFpqTHhPamY4WVVrQkttU2RkSXdwV0VSQlY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8wNDlhYjItOTIyNi00YjQwLWFiOGEtNTFlNGE1ZWFmYzhl LzEvaFpqTHhPamY4WVVrQkttU2RkSXdwV0VSQlY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWuhPQxsc I9YhMf+s6FjksmqgUkuhfKAmXF/2mmdasVFdB9kj7L1TD38cUVLouFNj5GGHwFPF ESc8Dp6CdEbXabTDb/hUljhLQ4GPYObrfgHjJKXBC6qHxj0j0x/J3IYG2um/SwEx 7tPRzYFHJSzIeWDZwULpJA360mmC3JYTMLW6ZyB8OqaHyOkOS5MCH3aRDZkc5u1m DBRslMRCO9PK0mup/V5ySjKgIDeG6oWoUM4+eCBCDbzvBo7KydJk17UCU1Xo+Wbp XoVFWtZJWLTvnTZDTYgvuD8pfdRw4pE2lXkoWBZabSFYf0X/CUPoc9TUkQuAZ3A9 G5NPNsRT57lZQQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:39:46 2025 by rpki-client