This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json) Hash identifier: k8e1WhPFkrSOE800Bio7tHfwVJmz2ZE+DLB4rqZH/dQ= Subject key identifier: 84:AA:58:42:69:D8:3C:93:A9:90:67:5C:68:1F:0E:87:22:2E:97:2D Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9 Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9 Certificate serial: 019AF31B8B1D93E928BD3A53697BDA174348 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft Manifest number: 0DB7 Signing time: Sat 06 Dec 2025 10:00:59 +0000 Manifest this update: Sat 06 Dec 2025 10:00:59 +0000 Manifest next update: Sun 07 Dec 2025 10:00:59 +0000 Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: vGw/9lGiHPDNHBNmJc+8JXfXQTDDU2g+AwfkNjoxnr0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:8b:1d:93:e9:28:bd:3a:53:69:7b:da:17:43:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9 Validity Not Before: Dec 6 10:00:59 2025 GMT Not After : Dec 7 10:00:59 2025 GMT Subject: CN=84aa584269d83c93a990675c681f0e87222e972d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:17:2f:ae:97:2f:e8:a3:93:fe:9c:f8:39:e7: 65:a6:26:d6:ea:73:db:9b:2b:a3:26:e4:a6:24:39: ac:62:e8:c1:4d:3f:91:b9:38:fd:ee:f5:46:77:aa: 75:65:6d:a5:87:7f:9f:a6:46:73:4f:7d:f5:51:ca: 1a:c0:d7:7b:5e:f3:20:4e:4b:9a:cf:7f:2d:07:5d: 9e:75:81:93:7a:c1:a1:8a:e6:c6:60:e8:a9:0b:66: 02:ed:f5:15:aa:ac:00:c7:30:d3:c7:f3:7f:e7:ec: 79:56:9f:2a:fe:c7:c2:40:e2:95:19:84:99:57:5a: 9c:5a:69:f1:6f:71:22:5b:a1:73:8a:de:24:36:84: 64:33:8f:15:c2:04:5c:2c:69:91:2f:ed:4c:6a:02: 9d:b6:af:cd:01:64:f7:9b:e1:82:3d:76:ea:9c:bc: 72:67:8d:30:f2:a1:38:ce:de:10:a1:90:26:e6:d1: 59:32:7d:dd:bf:5f:ba:ed:c1:a4:81:f9:ae:fd:96: ee:11:2b:ad:8f:22:5a:15:46:2c:59:50:8c:2a:e1: af:55:16:b9:c1:b2:52:92:4d:d9:0a:40:02:a5:d2: 2b:73:a2:5e:88:07:8e:8f:31:8b:5e:23:4f:e2:5f: 8a:29:37:93:f2:01:b5:02:72:51:01:3a:0b:63:23: cc:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:AA:58:42:69:D8:3C:93:A9:90:67:5C:68:1F:0E:87:22:2E:97:2D X509v3 Authority Key Identifier: keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:f5:4b:7a:6a:69:13:59:84:62:f3:c2:47:20:d5:d8:cf:6f: 4b:4c:a0:5a:ef:cc:bb:be:ab:dd:84:9d:c5:84:ce:7a:fa:05: be:81:51:32:88:b1:26:33:e6:0d:d1:61:67:7f:cd:4d:2d:7c: cd:26:8d:79:1f:a0:8e:83:0a:ce:38:1b:04:00:91:de:16:52: 11:a9:1b:cc:57:72:45:80:04:43:e3:80:3a:4f:8c:27:b5:7f: fd:06:f1:82:24:b2:49:6d:fc:dc:45:8a:9a:9b:9b:0b:f2:72: 66:4f:29:50:e4:40:f2:61:dd:09:87:ff:c2:0b:0c:be:c2:a7: c1:9a:7a:72:c2:a7:22:7a:33:8d:d7:7e:8a:14:82:3a:cf:f6: 13:30:28:82:32:21:d3:39:f8:70:e7:c8:f4:9f:46:5c:b0:f3: 4c:70:77:21:23:e2:84:d3:d8:45:97:2e:01:69:b5:0d:e2:fb: 51:26:12:60:6e:ef:df:d7:62:74:7c:24:df:13:67:0b:b4:f1: dd:68:8f:7e:75:fc:3d:11:0c:27:6e:ca:d7:4a:17:15:22:43: 9c:25:cc:59:3b:63:75:9f:d6:3d:c6:db:e7:97:8e:bd:d0:ff: d9:c1:74:12:26:eb:16:4c:7b:5c:e7:75:a8:7c:46:15:5a:73: a7:17:ff:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG4sdk+kovTpTaXvaF0NIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw ZWVlYjkwHhcNMjUxMjA2MTAwMDU5WhcNMjUxMjA3MTAwMDU5WjAzMTEwLwYDVQQD Eyg4NGFhNTg0MjY5ZDgzYzkzYTk5MDY3NWM2ODFmMGU4NzIyMmU5NzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRcvrpcv6KOT/pz4OedlpibW6nPb myujJuSmJDmsYujBTT+RuTj97vVGd6p1ZW2lh3+fpkZzT331UcoawNd7XvMgTkua z38tB12edYGTesGhiubGYOipC2YC7fUVqqwAxzDTx/N/5+x5Vp8q/sfCQOKVGYSZ V1qcWmnxb3EiW6Fzit4kNoRkM48VwgRcLGmRL+1MagKdtq/NAWT3m+GCPXbqnLxy Z40w8qE4zt4QoZAm5tFZMn3dv1+67cGkgfmu/ZbuESutjyJaFUYsWVCMKuGvVRa5 wbJSkk3ZCkACpdIrc6JeiAeOjzGLXiNP4l+KKTeT8gG1AnJRAToLYyPMvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFISqWEJp2DyTqZBnXGgfDociLpctMB8GA1UdIwQY MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASfVLempp E1mEYvPCRyDV2M9vS0ygWu/Mu76r3YSdxYTOevoFvoFRMoixJjPmDdFhZ3/NTS18 zSaNeR+gjoMKzjgbBACR3hZSEakbzFdyRYAEQ+OAOk+MJ7V//QbxgiSySW383EWK mpubC/JyZk8pUORA8mHdCYf/wgsMvsKnwZp6csKnInozjdd+ihSCOs/2EzAogjIh 0zn4cOfI9J9GXLDzTHB3ISPihNPYRZcuAWm1DeL7USYSYG7v39didHwk3xNnC7Tx 3WiPfnX8PREMJ27K10oXFSJDnCXMWTtjdZ/WPcbb55eOvdD/2cF0EibrFkx7XOd1 qHxGFVpzpxf/og== -----END CERTIFICATE-----Generated at Sat Dec 6 13:39:04 2025 by rpki-client