This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft File: pkHn9ngj7vUqGf4dyODmp_QclDM.mft (raw, json) Hash identifier: e9r4MINu9r0Lm86DJsvwgkbnuFbl/QUJY1xrjzTYIyI= Subject key identifier: AB:8A:AA:D6:4F:C7:8C:7A:F7:24:F7:1A:9F:24:A3:0A:EE:E0:F3:8D Authority key identifier: A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33 Certificate issuer: /CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433 Certificate serial: 019AF19AF8CECDC558A9AB7F0BCBB8467801 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft Manifest number: 0AFE Signing time: Sat 06 Dec 2025 03:00:56 +0000 Manifest this update: Sat 06 Dec 2025 03:00:56 +0000 Manifest next update: Sun 07 Dec 2025 03:00:56 +0000 Files and hashes: 1: H2ciew030YT_ZKL58SNBSDs0iQc.roa (hash: dr7FPAyraTf1nqxR0HjlvGsow4ZxkGibDCSpB0tZ3CU=) 2: pkHn9ngj7vUqGf4dyODmp_QclDM.crl (hash: vHdk09TJwdw7tuT6cJrPWeX0nkKVpFMIcnlJBqmeV2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:f8:ce:cd:c5:58:a9:ab:7f:0b:cb:b8:46:78:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433 Validity Not Before: Dec 6 03:00:56 2025 GMT Not After : Dec 7 03:00:56 2025 GMT Subject: CN=ab8aaad64fc78c7af724f71a9f24a30aeee0f38d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:70:23:63:4a:e8:e4:65:2c:96:49:97:7a:c0: 81:bd:b8:bb:52:0d:2d:d6:28:1f:98:ab:9b:0e:b6: fb:b5:05:aa:7b:6a:a6:0d:95:94:2a:4e:96:01:70: dc:56:56:ec:7a:d8:f9:65:6e:2c:9a:fb:79:e2:be: f8:02:67:9e:23:79:0f:89:ba:1c:54:a6:b0:dc:b5: 02:b6:c2:8f:69:a5:b6:0f:b0:16:85:9b:76:91:e8: d8:3b:0e:4f:80:35:31:b6:4d:1b:9b:40:89:1c:fd: d7:69:f2:fb:dc:ba:59:22:09:ce:31:12:43:52:5e: bc:27:5b:e9:ef:ad:73:55:6f:bb:43:da:04:29:52: 91:19:51:62:b3:c9:d6:93:06:3b:be:a7:40:91:8c: 4b:6a:37:e5:93:19:ad:61:30:3f:14:c3:03:d8:37: b3:78:89:f5:ba:9d:21:ec:58:28:14:03:d5:1e:46: 58:f4:58:7f:2b:5e:6c:ac:32:88:a0:c7:25:94:a2: 1a:a6:36:aa:79:3c:a5:62:3d:b5:eb:0c:c5:bd:c5: 05:c9:1d:d3:c7:62:d6:79:b3:f5:ea:3a:f6:31:a9: 6b:e9:cd:7c:3e:01:bc:11:84:bf:1c:3b:92:6d:5e: d8:d6:79:9f:0c:1c:af:5d:cf:da:bf:3b:0d:19:80: dd:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:8A:AA:D6:4F:C7:8C:7A:F7:24:F7:1A:9F:24:A3:0A:EE:E0:F3:8D X509v3 Authority Key Identifier: keyid:A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:11:ac:ce:43:9a:1e:89:a3:a4:61:3e:c8:3a:f4:ac:fa:35: f8:b2:43:0b:d8:8d:67:83:72:d4:69:5e:e9:3b:d8:7e:c4:cb: e8:b4:16:7c:f8:34:6d:50:35:3d:e8:d7:76:9b:8c:de:58:81: 3e:61:e7:f0:b1:7b:2e:74:3e:cd:22:75:57:9e:43:4e:01:b4: b8:14:6d:98:ad:7c:03:32:03:8c:fb:68:ad:d2:fd:6e:f9:04: 02:af:53:50:f8:98:94:f1:c2:c0:43:6b:e5:c0:c4:43:69:42: 66:ac:d1:be:ba:53:b6:4e:9e:52:11:f1:03:fa:c7:20:f3:cc: 80:11:c8:37:72:f1:cf:1a:0c:2f:4e:71:52:19:2c:0a:e5:67: bb:87:76:5b:14:55:2a:26:e9:cb:d3:86:55:a1:cc:46:b2:09: 1d:9a:94:ce:bd:f5:6d:a0:22:bc:63:a7:ac:96:8a:3f:e9:da: 56:72:f5:9b:99:25:af:84:2b:18:12:30:49:64:da:a7:cc:60: 67:03:57:24:b5:6a:77:c8:85:41:0f:0a:48:c6:9d:2a:b5:ab: e7:d0:4e:4e:56:ac:65:dc:45:5e:4f:5c:1f:d2:ce:1e:55:16: f8:0e:76:05:d9:e7:d3:93:7a:a6:98:ba:46:94:f3:16:4c:12: cf:25:7f:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmvjOzcVYqat/C8u4RngBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NDFlN2Y2NzgyM2VlZjUyYTE5ZmUxZGM4ZTBlNmE3ZjQx Yzk0MzMwHhcNMjUxMjA2MDMwMDU2WhcNMjUxMjA3MDMwMDU2WjAzMTEwLwYDVQQD EyhhYjhhYWFkNjRmYzc4YzdhZjcyNGY3MWE5ZjI0YTMwYWVlZTBmMzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHAjY0ro5GUslkmXesCBvbi7Ug0t 1igfmKubDrb7tQWqe2qmDZWUKk6WAXDcVlbsetj5ZW4smvt54r74AmeeI3kPiboc VKaw3LUCtsKPaaW2D7AWhZt2kejYOw5PgDUxtk0bm0CJHP3XafL73LpZIgnOMRJD Ul68J1vp761zVW+7Q9oEKVKRGVFis8nWkwY7vqdAkYxLajflkxmtYTA/FMMD2Dez eIn1up0h7FgoFAPVHkZY9Fh/K15srDKIoMcllKIapjaqeTylYj216wzFvcUFyR3T x2LWebP16jr2Malr6c18PgG8EYS/HDuSbV7Y1nmfDByvXc/avzsNGYDd4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKuKqtZPx4x69yT3Gp8kowru4PONMB8GA1UdIwQY MBaAFKZB5/Z4I+71Khn+Hcjg5qf0HJQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUt MDc4OGY3OTIxODUyLzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUtMDc4OGY3OTIxODUy LzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRGszkOa HomjpGE+yDr0rPo1+LJDC9iNZ4Ny1Gle6TvYfsTL6LQWfPg0bVA1PejXdpuM3liB PmHn8LF7LnQ+zSJ1V55DTgG0uBRtmK18AzIDjPtordL9bvkEAq9TUPiYlPHCwENr 5cDEQ2lCZqzRvrpTtk6eUhHxA/rHIPPMgBHIN3LxzxoML05xUhksCuVnu4d2WxRV Kibpy9OGVaHMRrIJHZqUzr31baAivGOnrJaKP+naVnL1m5klr4QrGBIwSWTap8xg ZwNXJLVqd8iFQQ8KSMadKrWr59BOTlasZdxFXk9cH9LOHlUW+A52Bdnn05N6ppi6 RpTzFkwSzyV/WA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:17:57 2025 by rpki-client