This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft File: _hpSVPN9jCkbEd2r7YiwY0gdr2s.mft (raw, json) Hash identifier: ZSMl5FhKp13Q6Tl0iyQmU+ur23t/sXhKICF6skLUXC0= Subject key identifier: A7:34:A5:17:12:95:09:5F:99:8C:34:DD:7D:C7:DA:E5:DE:AB:40:F0 Authority key identifier: FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B Certificate issuer: /CN=fe1a5254f37d8c291b11ddabed88b063481daf6b Certificate serial: 019B30E90A27AD6C25F56525A8CFC5EA2BF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 10:02:17 +0000 Manifest this update: Thu 18 Dec 2025 10:02:17 +0000 Manifest next update: Fri 19 Dec 2025 10:02:17 +0000 Files and hashes: 1: _hpSVPN9jCkbEd2r7YiwY0gdr2s.crl (hash: wydTu534e4TPel5UqwElrTGkH3xqLRV6sn1oay09+9k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 10:02:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e9:0a:27:ad:6c:25:f5:65:25:a8:cf:c5:ea:2b:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe1a5254f37d8c291b11ddabed88b063481daf6b Validity Not Before: Dec 18 10:02:17 2025 GMT Not After : Dec 19 10:02:17 2025 GMT Subject: CN=a734a5171295095f998c34dd7dc7dae5deab40f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e1:1e:6e:ac:e7:67:19:fc:65:ed:d1:51:b8: a1:77:10:70:ae:cc:25:ca:0d:02:ea:5a:32:94:3e: bb:a9:8a:ef:b7:9b:51:3d:09:d6:22:77:40:47:c8: 53:b5:83:6b:2a:cc:4e:46:c9:71:76:24:50:6f:41: 36:37:96:10:55:a4:cb:3a:c3:87:e1:c8:70:2b:44: 5d:93:15:f2:df:03:63:83:d4:ee:40:18:2f:84:e0: 63:80:bd:5b:43:f5:bc:70:a2:62:66:f6:2b:c7:b2: 0d:7e:f3:c4:2e:33:07:35:a6:70:1f:63:12:b9:c4: 96:88:f5:c7:ee:68:3b:8d:cc:eb:c6:05:b3:96:bd: 6f:b7:44:1e:f0:e1:15:a3:18:1e:a2:3c:f0:97:05: 16:87:dd:85:55:ba:6a:56:ee:84:8d:f5:86:f6:b1: 71:15:04:63:9a:c2:39:7e:1f:f8:d6:72:df:f0:a2: 12:89:33:5e:c1:67:85:59:8b:d9:2c:b3:7e:7b:4f: 27:e5:94:4c:c8:17:1c:22:50:63:45:ff:25:6d:fa: 4d:bd:42:07:f6:4f:c9:e9:a7:bf:b6:5e:e7:f2:67: 7e:6f:3c:b9:3e:0a:7a:cc:1d:ad:4a:04:f0:03:66: 5c:f1:ac:12:3f:ca:b3:ab:f4:1a:a6:28:1f:78:03: b7:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:34:A5:17:12:95:09:5F:99:8C:34:DD:7D:C7:DA:E5:DE:AB:40:F0 X509v3 Authority Key Identifier: keyid:FE:1A:52:54:F3:7D:8C:29:1B:11:DD:AB:ED:88:B0:63:48:1D:AF:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_hpSVPN9jCkbEd2r7YiwY0gdr2s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/63f60a-27d7-491e-bdc2-fa0d0e805df8/1/_hpSVPN9jCkbEd2r7YiwY0gdr2s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:71:e7:30:83:a6:0e:f1:aa:fd:a0:c7:58:25:53:b4:df:e7: 31:81:9e:60:e8:bc:4e:22:d8:24:dd:f5:15:88:60:d9:d7:e3: ac:1e:ea:1f:3d:93:f0:43:cf:58:2f:17:15:89:6d:bb:5d:6e: 94:7c:40:8a:5b:ab:bb:9e:20:94:62:9e:47:2c:ff:e0:f5:b7: 7a:48:2a:25:2b:d0:c9:5e:1f:fb:5e:21:d6:59:c4:9f:5e:1d: 33:92:b3:d2:41:3b:77:2c:7c:f7:ea:0b:d3:c6:8f:5c:fb:21: ec:ac:51:63:a7:53:5c:f7:97:a5:70:9a:79:4c:30:10:22:25: 08:e6:b3:ec:73:84:0b:5c:44:8f:74:59:4b:58:a5:53:94:3b: 09:a3:41:4d:aa:22:f3:3d:f8:42:51:fb:51:0a:20:27:3e:9a: 0a:59:0e:54:08:21:f2:7d:d9:24:e3:3b:5e:f9:a1:5a:ea:76: 22:a6:85:21:a7:b0:b4:6e:7e:5d:b6:2c:8e:e5:5c:28:2e:10: c0:47:cd:43:ac:93:f9:21:fd:5d:1f:49:61:96:e3:4c:82:1d: c7:27:50:81:55:83:d4:ad:85:48:74:37:c6:76:8b:e2:ff:f5: 7a:12:40:f9:9a:a0:cb:b6:5b:0b:ab:ea:61:bd:66:b3:fc:e7: 4d:e7:75:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6QonrWwl9WUlqM/F6ivxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlMWE1MjU0ZjM3ZDhjMjkxYjExZGRhYmVkODhiMDYzNDgx ZGFmNmIwHhcNMjUxMjE4MTAwMjE3WhcNMjUxMjE5MTAwMjE3WjAzMTEwLwYDVQQD EyhhNzM0YTUxNzEyOTUwOTVmOTk4YzM0ZGQ3ZGM3ZGFlNWRlYWI0MGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+EebqznZxn8Ze3RUbihdxBwrswl yg0C6loylD67qYrvt5tRPQnWIndAR8hTtYNrKsxORslxdiRQb0E2N5YQVaTLOsOH 4chwK0RdkxXy3wNjg9TuQBgvhOBjgL1bQ/W8cKJiZvYrx7INfvPELjMHNaZwH2MS ucSWiPXH7mg7jczrxgWzlr1vt0Qe8OEVoxgeojzwlwUWh92FVbpqVu6EjfWG9rFx FQRjmsI5fh/41nLf8KISiTNewWeFWYvZLLN+e08n5ZRMyBccIlBjRf8lbfpNvUIH 9k/J6ae/tl7n8md+bzy5Pgp6zB2tSgTwA2Zc8awSP8qzq/QapigfeAO34QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKc0pRcSlQlfmYw03X3H2uXeq0DwMB8GA1UdIwQY MBaAFP4aUlTzfYwpGxHdq+2IsGNIHa9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzIt ZmEwZDBlODA1ZGY4LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS82M2Y2MGEtMjdkNy00OTFlLWJkYzItZmEwZDBlODA1ZGY4 LzEvX2hwU1ZQTjlqQ2tiRWQycjdZaXdZMGdkcjJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfHHnMIOm DvGq/aDHWCVTtN/nMYGeYOi8TiLYJN31FYhg2dfjrB7qHz2T8EPPWC8XFYltu11u lHxAiluru54glGKeRyz/4PW3ekgqJSvQyV4f+14h1lnEn14dM5Kz0kE7dyx89+oL 08aPXPsh7KxRY6dTXPeXpXCaeUwwECIlCOaz7HOEC1xEj3RZS1ilU5Q7CaNBTaoi 8z34QlH7UQogJz6aClkOVAgh8n3ZJOM7XvmhWup2IqaFIaewtG5+XbYsjuVcKC4Q wEfNQ6yT+SH9XR9JYZbjTIIdxydQgVWD1K2FSHQ3xnaL4v/1ehJA+Zqgy7ZbC6vq Yb1ms/znTed17A== -----END CERTIFICATE-----Generated at Thu Dec 18 16:12:22 2025 by rpki-client