This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft File: hEnGCTJcOmYCBHJgydMAE1CVuLg.mft (raw, json) Hash identifier: kiMTleG+NSjLbk0MeSWgVJlnXVELpHgGqSaJ9kG/Fvo= Subject key identifier: 39:3B:0B:F4:5C:A4:5C:34:6B:4F:B5:27:B5:A2:CE:6B:09:90:E5:D3 Authority key identifier: 84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8 Certificate issuer: /CN=8449c609325c3a6602047260c9d300135095b8b8 Certificate serial: 019AF19A9E3D38D460F3DEDCBA85CA770189 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft Manifest number: 0732 Signing time: Sat 06 Dec 2025 03:00:33 +0000 Manifest this update: Sat 06 Dec 2025 03:00:33 +0000 Manifest next update: Sun 07 Dec 2025 03:00:33 +0000 Files and hashes: 1: hEnGCTJcOmYCBHJgydMAE1CVuLg.crl (hash: hsdksqkmo8RZl5O9xaS1evvbpBDydEOe+rhjnyJKjwQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:9e:3d:38:d4:60:f3:de:dc:ba:85:ca:77:01:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8449c609325c3a6602047260c9d300135095b8b8 Validity Not Before: Dec 6 03:00:33 2025 GMT Not After : Dec 7 03:00:33 2025 GMT Subject: CN=393b0bf45ca45c346b4fb527b5a2ce6b0990e5d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e6:f9:48:91:69:03:15:c2:51:f0:2d:70:59: 1f:25:0c:fe:b0:35:61:bf:56:58:90:46:7c:ed:b6: 30:e5:3b:93:bb:49:4a:60:d5:ef:49:89:b3:f4:60: 8d:f2:27:c2:6e:76:73:11:3b:d5:31:78:86:ce:30: e7:da:6a:10:4c:86:c2:22:86:4f:40:5f:4f:b5:2e: b4:b1:73:4c:47:c0:cc:93:c6:8c:1f:e5:f8:e7:e1: ad:17:4b:1c:16:f9:a7:fe:d5:05:cf:c1:cf:da:a3: 44:22:ae:67:ff:74:08:fb:90:f2:ff:a5:22:35:b1: 8d:61:01:d3:c5:29:65:1c:03:02:37:b0:e9:74:25: bf:03:c9:af:eb:9b:c8:29:8f:39:5a:67:b8:c2:ab: 11:fc:3a:ad:f3:22:50:6a:2b:88:84:f3:55:82:bc: 15:dc:2a:a2:3a:32:a9:a2:e0:cc:24:a8:72:e3:22: 78:91:10:e8:ee:bb:2e:72:39:99:76:2e:92:ba:d9: 18:fc:1f:3a:11:b5:6f:b0:20:12:79:37:e5:55:72: 3f:16:24:3f:c8:1c:4b:a4:58:54:6e:5d:28:42:30: 4b:ac:38:be:ef:8d:00:24:80:5e:f1:e6:f0:8b:21: 7f:e4:f1:fb:21:9a:70:be:d0:50:48:c5:d0:2e:95: 18:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:3B:0B:F4:5C:A4:5C:34:6B:4F:B5:27:B5:A2:CE:6B:09:90:E5:D3 X509v3 Authority Key Identifier: keyid:84:49:C6:09:32:5C:3A:66:02:04:72:60:C9:D3:00:13:50:95:B8:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEnGCTJcOmYCBHJgydMAE1CVuLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/2edfb1-cc91-4893-a14e-688f8fa22e98/1/hEnGCTJcOmYCBHJgydMAE1CVuLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:ad:3f:4f:de:fc:26:5c:ad:64:03:4f:47:8c:2f:6b:64:53: 3b:bb:23:ac:a1:7a:fa:41:e5:54:89:1a:01:9e:a5:11:c8:00: 42:5b:ac:00:38:f4:25:fe:a5:84:82:0e:1e:7e:b0:1e:7d:60: 98:cc:04:85:f4:fc:54:db:df:a3:cd:12:c3:ab:70:ee:ca:80: 0c:15:06:6c:be:eb:23:b7:b9:77:97:45:4f:bc:e4:1b:50:cf: ee:c3:95:65:50:15:fe:7a:fc:d4:a6:49:84:18:a4:dd:45:3d: f2:08:92:a1:a8:0c:f7:d2:3b:a4:a1:0e:e4:82:73:7a:75:63: 91:1f:e0:75:66:d9:d3:ba:72:fe:bf:07:ae:ec:6c:61:a0:69: 6b:ac:e0:8a:e9:e2:fc:a3:bc:8a:dd:7f:f0:91:6d:e4:f0:a4: d9:ec:57:dc:1f:f6:b1:bb:aa:0a:bf:f8:db:ca:cc:ab:17:5e: 30:dc:e3:80:49:97:7b:6b:2f:63:32:14:47:9d:e2:bf:b8:d6: f1:a8:a2:38:69:62:13:43:1f:d5:3a:ac:94:9b:e9:e9:49:b9: 86:c7:46:71:8e:0b:7e:ee:cd:c6:e1:ee:30:eb:82:79:88:c4: 27:0f:6b:4e:22:e9:77:b6:bf:83:1a:15:3c:f2:df:d8:c9:48: bf:02:5e:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmp49ONRg897cuoXKdwGJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NDljNjA5MzI1YzNhNjYwMjA0NzI2MGM5ZDMwMDEzNTA5 NWI4YjgwHhcNMjUxMjA2MDMwMDMzWhcNMjUxMjA3MDMwMDMzWjAzMTEwLwYDVQQD EygzOTNiMGJmNDVjYTQ1YzM0NmI0ZmI1MjdiNWEyY2U2YjA5OTBlNWQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxub5SJFpAxXCUfAtcFkfJQz+sDVh v1ZYkEZ87bYw5TuTu0lKYNXvSYmz9GCN8ifCbnZzETvVMXiGzjDn2moQTIbCIoZP QF9PtS60sXNMR8DMk8aMH+X45+GtF0scFvmn/tUFz8HP2qNEIq5n/3QI+5Dy/6Ui NbGNYQHTxSllHAMCN7DpdCW/A8mv65vIKY85Wme4wqsR/Dqt8yJQaiuIhPNVgrwV 3CqiOjKpouDMJKhy4yJ4kRDo7rsucjmZdi6SutkY/B86EbVvsCASeTflVXI/FiQ/ yBxLpFhUbl0oQjBLrDi+740AJIBe8ebwiyF/5PH7IZpwvtBQSMXQLpUYtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDk7C/RcpFw0a0+1J7WizmsJkOXTMB8GA1UdIwQY MBaAFIRJxgkyXDpmAgRyYMnTABNQlbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUt Njg4ZjhmYTIyZTk4LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy8yZWRmYjEtY2M5MS00ODkzLWExNGUtNjg4ZjhmYTIyZTk4 LzEvaEVuR0NUSmNPbVlDQkhKZ3lkTUFFMUNWdUxnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsa0/T978 JlytZANPR4wva2RTO7sjrKF6+kHlVIkaAZ6lEcgAQlusADj0Jf6lhIIOHn6wHn1g mMwEhfT8VNvfo80Sw6tw7sqADBUGbL7rI7e5d5dFT7zkG1DP7sOVZVAV/nr81KZJ hBik3UU98giSoagM99I7pKEO5IJzenVjkR/gdWbZ07py/r8HruxsYaBpa6zgiuni /KO8it1/8JFt5PCk2exX3B/2sbuqCr/428rMqxdeMNzjgEmXe2svYzIUR53iv7jW 8aiiOGliE0Mf1TqslJvp6Um5hsdGcY4Lfu7NxuHuMOuCeYjEJw9rTiLpd7a/gxoV PPLf2MlIvwJe6A== -----END CERTIFICATE-----Generated at Sat Dec 6 10:57:11 2025 by rpki-client