This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft File: hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json) Hash identifier: nrLRdZr0oVKKiiYOjzFLMPOBhDZ9wv8+3rWTidQQviw= Subject key identifier: BF:00:88:47:BC:5B:6C:CF:CD:06:36:09:04:21:4B:77:79:B6:28:4D Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF Certificate issuer: /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf Certificate serial: 019AF3BFE5C19AE7CA10FBC4196B08975F4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft Manifest number: 0847 Signing time: Sat 06 Dec 2025 13:00:30 +0000 Manifest this update: Sat 06 Dec 2025 13:00:30 +0000 Manifest next update: Sun 07 Dec 2025 13:00:30 +0000 Files and hashes: 1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: i0Bf41+z6RJf4qoKSOpvxgC+yZCtv987zNtlPa7mCLE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:bf:e5:c1:9a:e7:ca:10:fb:c4:19:6b:08:97:5f:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf Validity Not Before: Dec 6 13:00:30 2025 GMT Not After : Dec 7 13:00:30 2025 GMT Subject: CN=bf008847bc5b6ccfcd06360904214b7779b6284d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:25:c2:10:32:85:0b:21:43:b2:6f:40:38:18: ea:e5:b4:ed:bc:38:82:2e:9f:8b:5b:67:0d:ac:8e: 43:08:8b:2d:57:13:54:a7:3f:d1:ae:c7:32:58:e6: e6:86:ac:f0:b0:b0:eb:b9:00:3e:1e:b5:c8:97:37: f7:a4:f8:85:f0:4e:29:7f:1d:1c:32:98:52:e4:41: 63:b0:7c:bb:63:9b:d3:9e:15:07:69:e1:f4:6f:3a: 4d:40:6b:44:25:ca:ca:44:bb:fd:4b:01:ae:e7:07: 67:77:c0:b1:71:41:6e:73:7a:be:75:f7:78:94:29: 06:79:8e:30:ad:e9:1c:06:bc:1f:83:c7:06:03:96: b5:0e:30:3d:80:00:c6:f7:f2:2f:b0:32:42:b2:a4: d9:83:09:35:d4:99:41:65:9c:11:78:82:de:f1:b4: 2f:7b:77:a9:80:df:1a:c6:2c:c2:92:04:6f:c4:20: 28:93:1e:d6:11:04:b6:8a:20:d9:7e:fb:cb:1a:48: 90:2f:f4:6c:c6:ab:f7:66:29:05:bc:78:d0:53:d8: 52:57:cd:d7:7f:94:0d:40:b5:91:a8:68:51:d1:6e: 8e:cb:28:a6:11:88:18:d1:36:8b:1b:40:f5:a2:73: 13:f6:db:d7:0e:25:2a:29:90:0a:27:db:f4:d2:ea: 5d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:00:88:47:BC:5B:6C:CF:CD:06:36:09:04:21:4B:77:79:B6:28:4D X509v3 Authority Key Identifier: keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:47:14:ef:a6:e3:93:8b:c2:4d:35:b9:66:c1:54:98:f7:3b: 82:38:4e:73:3b:6f:dd:c2:aa:5e:19:be:8a:64:92:0d:98:ff: a2:af:cc:3d:64:ae:a1:18:5b:8d:a1:9e:cc:96:05:89:ee:df: 87:89:10:06:62:e8:3e:c5:54:ac:04:2c:95:d8:1b:fc:ec:14: 32:8f:71:db:b8:f1:c7:d1:f2:a8:30:cf:17:f3:f5:eb:37:3b: df:af:32:a5:74:6b:3c:6f:bb:da:e1:03:85:0c:a7:f0:a3:b0: e9:0a:48:01:73:43:36:5b:fd:84:5b:a0:09:98:37:f2:19:64: a4:ca:49:60:e6:23:8a:c4:ba:2e:98:24:32:8b:ca:4f:a7:57: 65:1f:97:05:1f:ec:f8:e4:04:7d:51:ae:1e:e4:a0:a0:bc:fa: 2c:8d:5a:69:62:51:ce:02:34:43:96:29:5b:7e:65:aa:b2:6a: 8f:73:6e:4b:9c:1d:6c:2d:31:17:e5:13:72:b0:37:88:f8:ae: 17:14:7c:1c:31:bd:e8:02:a3:62:0b:7b:c6:89:9e:1b:34:cf: 7f:49:62:7f:27:8a:ed:db:10:e2:04:74:df:45:45:ef:d4:b2: f4:4b:4f:07:a3:d4:bf:bf:8d:93:ad:4e:09:b5:e4:f7:6a:f9: ef:17:f7:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzv+XBmufKEPvEGWsIl19NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi ZjJmZGYwHhcNMjUxMjA2MTMwMDMwWhcNMjUxMjA3MTMwMDMwWjAzMTEwLwYDVQQD EyhiZjAwODg0N2JjNWI2Y2NmY2QwNjM2MDkwNDIxNGI3Nzc5YjYyODRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yXCEDKFCyFDsm9AOBjq5bTtvDiC Lp+LW2cNrI5DCIstVxNUpz/RrscyWObmhqzwsLDruQA+HrXIlzf3pPiF8E4pfx0c MphS5EFjsHy7Y5vTnhUHaeH0bzpNQGtEJcrKRLv9SwGu5wdnd8CxcUFuc3q+dfd4 lCkGeY4wrekcBrwfg8cGA5a1DjA9gADG9/IvsDJCsqTZgwk11JlBZZwReILe8bQv e3epgN8axizCkgRvxCAokx7WEQS2iiDZfvvLGkiQL/Rsxqv3ZikFvHjQU9hSV83X f5QNQLWRqGhR0W6OyyimEYgY0TaLG0D1onMT9tvXDiUqKZAKJ9v00updPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL8AiEe8W2zPzQY2CQQhS3d5tihNMB8GA1UdIwQY MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3 LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANkcU76bj k4vCTTW5ZsFUmPc7gjhOcztv3cKqXhm+imSSDZj/oq/MPWSuoRhbjaGezJYFie7f h4kQBmLoPsVUrAQsldgb/OwUMo9x27jxx9HyqDDPF/P16zc7368ypXRrPG+72uED hQyn8KOw6QpIAXNDNlv9hFugCZg38hlkpMpJYOYjisS6LpgkMovKT6dXZR+XBR/s +OQEfVGuHuSgoLz6LI1aaWJRzgI0Q5YpW35lqrJqj3NuS5wdbC0xF+UTcrA3iPiu FxR8HDG96AKjYgt7xomeGzTPf0lifyeK7dsQ4gR030VF79Sy9EtPB6PUv7+Nk61O CbXk92r57xf3Jw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:56:34 2025 by rpki-client