This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft File: hprNGeI6gWZEutDooSuG4SiK0zw.mft (raw, json) Hash identifier: FDvciO9DKUr1lcRdLw8NpptWWB6+A6CpjW/JSTmDGWM= Subject key identifier: 6C:D7:1A:26:B4:7E:5C:FC:E4:41:B5:E8:23:70:DF:D8:EF:DE:58:7C Authority key identifier: 86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C Certificate issuer: /CN=869acd19e23a816644bad0e8a12b86e1288ad33c Certificate serial: 019AF31B9A735D6D8B73B0EF084A3D6C38A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft Manifest number: 114B Signing time: Sat 06 Dec 2025 10:01:03 +0000 Manifest this update: Sat 06 Dec 2025 10:01:03 +0000 Manifest next update: Sun 07 Dec 2025 10:01:03 +0000 Files and hashes: 1: hprNGeI6gWZEutDooSuG4SiK0zw.crl (hash: ngpOfS76+jCGVx1u8ttoxTc75DBiro+rtgIDig3qiPY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:9a:73:5d:6d:8b:73:b0:ef:08:4a:3d:6c:38:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=869acd19e23a816644bad0e8a12b86e1288ad33c Validity Not Before: Dec 6 10:01:03 2025 GMT Not After : Dec 7 10:01:03 2025 GMT Subject: CN=6cd71a26b47e5cfce441b5e82370dfd8efde587c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f1:1c:e6:13:73:ca:ec:f2:dc:e5:a0:db:68: 92:1c:dc:98:de:bb:69:08:67:11:22:29:b4:b5:ed: aa:55:63:5d:07:13:d3:b3:c6:84:cf:cf:87:c3:88: 8a:4f:60:2a:66:a2:ed:f0:f5:bb:d9:88:9a:19:b7: 22:82:c3:8b:6c:7a:e0:e3:fe:ae:3d:55:84:b6:99: d8:6d:d0:db:c9:67:f0:f6:a0:15:b9:65:67:f3:84: 58:28:7e:2e:05:73:47:2d:36:b9:9b:52:06:df:c8: 1f:2a:f8:91:94:38:f7:c5:df:16:1c:21:24:93:21: 68:c5:4a:dc:ae:d0:0d:c2:a9:a3:8f:61:5b:df:8a: 48:de:46:18:6a:d9:30:0f:00:71:8d:6a:cd:ac:36: de:58:fe:b6:c0:7e:80:ee:02:5b:64:e3:61:15:99: bb:54:7f:6f:46:53:a1:19:9e:1f:cf:6d:fc:22:5f: 09:62:a4:eb:e5:26:81:cb:9e:62:f4:7a:ee:e1:07: 02:01:9c:62:9b:1f:7d:12:7a:a2:88:53:f7:ee:81: 87:17:87:86:c4:0f:bf:3e:f9:1c:56:4e:c4:67:91: 3c:e2:9c:70:6c:d3:c2:67:9c:8f:72:57:21:5e:1c: a7:b1:b2:09:ef:49:1a:29:43:3d:ac:ea:29:09:42: 11:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:D7:1A:26:B4:7E:5C:FC:E4:41:B5:E8:23:70:DF:D8:EF:DE:58:7C X509v3 Authority Key Identifier: keyid:86:9A:CD:19:E2:3A:81:66:44:BA:D0:E8:A1:2B:86:E1:28:8A:D3:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hprNGeI6gWZEutDooSuG4SiK0zw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/5911f7-2031-40bb-b441-7fcf015da0a0/1/hprNGeI6gWZEutDooSuG4SiK0zw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:f7:22:ec:23:10:e6:23:de:3d:9e:83:1c:74:fd:db:22:9e: a7:dd:e0:8b:41:4d:f2:2a:7e:85:aa:d3:84:7f:63:4b:81:de: f5:59:ef:47:14:fa:d8:ad:66:4b:2d:78:81:9f:01:35:93:43: 48:b0:a1:45:19:e8:63:40:13:09:d1:76:d2:5a:2d:69:17:e8: e2:d7:2c:24:64:e4:eb:67:2b:17:d0:bd:8a:f9:99:c7:46:0b: 31:0c:25:f0:8f:ed:29:b8:3d:4a:07:df:7e:d5:00:d1:cb:3b: 41:19:8d:f8:43:c5:13:01:65:86:cf:41:e1:f0:53:48:dc:3b: e5:48:8e:72:20:bc:1e:77:da:81:c1:d9:ad:97:7a:99:26:db: 24:ee:c5:c5:c8:9a:1d:a3:82:7e:90:be:47:ee:52:ef:06:e5: 7f:b8:03:4e:72:50:8c:a3:e1:b5:2e:6e:94:45:ea:f3:16:da: ef:a8:0c:43:b4:3f:67:6b:24:36:dc:71:7c:b2:1d:9e:2a:bf: f7:3b:a3:f3:26:07:d4:bb:b6:ce:9b:8f:cb:ca:7c:84:eb:4a: 77:6e:88:6e:7f:72:2d:1d:b1:c6:d9:6a:28:c4:d6:97:e0:c2: f5:76:48:1b:ea:e2:9c:24:65:3a:74:cb:e0:f2:f3:79:dc:ea: a1:ed:e1:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG5pzXW2Lc7DvCEo9bDimMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OWFjZDE5ZTIzYTgxNjY0NGJhZDBlOGExMmI4NmUxMjg4 YWQzM2MwHhcNMjUxMjA2MTAwMTAzWhcNMjUxMjA3MTAwMTAzWjAzMTEwLwYDVQQD Eyg2Y2Q3MWEyNmI0N2U1Y2ZjZTQ0MWI1ZTgyMzcwZGZkOGVmZGU1ODdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfEc5hNzyuzy3OWg22iSHNyY3rtp CGcRIim0te2qVWNdBxPTs8aEz8+Hw4iKT2AqZqLt8PW72YiaGbcigsOLbHrg4/6u PVWEtpnYbdDbyWfw9qAVuWVn84RYKH4uBXNHLTa5m1IG38gfKviRlDj3xd8WHCEk kyFoxUrcrtANwqmjj2Fb34pI3kYYatkwDwBxjWrNrDbeWP62wH6A7gJbZONhFZm7 VH9vRlOhGZ4fz238Il8JYqTr5SaBy55i9Hru4QcCAZximx99EnqiiFP37oGHF4eG xA+/PvkcVk7EZ5E84pxwbNPCZ5yPclchXhynsbIJ70kaKUM9rOopCUIRuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGzXGia0flz85EG16CNw39jv3lh8MB8GA1UdIwQY MBaAFIaazRniOoFmRLrQ6KErhuEoitM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEt N2ZjZjAxNWRhMGEwLzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi81OTExZjctMjAzMS00MGJiLWI0NDEtN2ZjZjAxNWRhMGEw LzEvaHByTkdlSTZnV1pFdXREb29TdUc0U2lLMHp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvci7CMQ 5iPePZ6DHHT92yKep93gi0FN8ip+harThH9jS4He9VnvRxT62K1mSy14gZ8BNZND SLChRRnoY0ATCdF20lotaRfo4tcsJGTk62crF9C9ivmZx0YLMQwl8I/tKbg9Sgff ftUA0cs7QRmN+EPFEwFlhs9B4fBTSNw75UiOciC8HnfagcHZrZd6mSbbJO7Fxcia HaOCfpC+R+5S7wblf7gDTnJQjKPhtS5ulEXq8xba76gMQ7Q/Z2skNtxxfLIdniq/ 9zuj8yYH1Lu2zpuPy8p8hOtKd26Ibn9yLR2xxtlqKMTWl+DC9XZIG+rinCRlOnTL 4PLzedzqoe3hHg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:49:26 2025 by rpki-client