This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/095ac9-c3fa-465d-831d-47c950336e2f/1/hdBeAX4zPRezrrjF1JQ76NxnwIQ.mft File: hdBeAX4zPRezrrjF1JQ76NxnwIQ.mft (raw, json) Hash identifier: DqWZQ9bch9uNQLdRGsrP+ViAbH3vmsE8PMTxT3Apbjk= Subject key identifier: 7B:EA:96:AC:71:BE:0F:30:2B:A7:53:F4:C1:A6:B6:A3:12:0C:CD:34 Authority key identifier: 85:D0:5E:01:7E:33:3D:17:B3:AE:B8:C5:D4:94:3B:E8:DC:67:C0:84 Certificate issuer: /CN=85d05e017e333d17b3aeb8c5d4943be8dc67c084 Certificate serial: 019AF3F7C716A7185058E8BD2CB51254FD55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdBeAX4zPRezrrjF1JQ76NxnwIQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/095ac9-c3fa-465d-831d-47c950336e2f/1/hdBeAX4zPRezrrjF1JQ76NxnwIQ.mft Manifest number: 0E88 Signing time: Sat 06 Dec 2025 14:01:33 +0000 Manifest this update: Sat 06 Dec 2025 14:01:33 +0000 Manifest next update: Sun 07 Dec 2025 14:01:33 +0000 Files and hashes: 1: 574W7z-0GVSyQ6o383reYXA7QZc.roa (hash: 7oxCz8Z8dYajS9esPzPSpl386CuN+PzQh5YVWvXB59o=) 2: hdBeAX4zPRezrrjF1JQ76NxnwIQ.crl (hash: F1QBNl7rBPKJ8tPiUY2hSWNfgvfJdEBLjXvMJbmB+Uk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/095ac9-c3fa-465d-831d-47c950336e2f/1/hdBeAX4zPRezrrjF1JQ76NxnwIQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/095ac9-c3fa-465d-831d-47c950336e2f/1/hdBeAX4zPRezrrjF1JQ76NxnwIQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hdBeAX4zPRezrrjF1JQ76NxnwIQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:c7:16:a7:18:50:58:e8:bd:2c:b5:12:54:fd:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85d05e017e333d17b3aeb8c5d4943be8dc67c084 Validity Not Before: Dec 6 14:01:33 2025 GMT Not After : Dec 7 14:01:33 2025 GMT Subject: CN=7bea96ac71be0f302ba753f4c1a6b6a3120ccd34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:5b:b1:e7:d5:14:39:e1:05:9e:b1:9d:9d:8e: 85:5e:42:90:63:89:16:fe:e9:b0:5a:42:79:52:7e: fe:31:33:cc:c5:53:cd:40:7a:99:6b:2e:e0:dc:70: 00:b7:cf:a9:7e:ea:f3:bd:75:25:1f:4b:86:7b:a2: 47:7c:71:64:87:f6:59:84:47:09:2a:2c:ae:3e:47: 4d:47:8f:b1:57:f1:db:28:97:b8:40:5f:61:be:aa: eb:7b:5b:dd:7c:ee:b5:e9:56:7a:13:1c:75:f8:03: 73:54:81:ca:ab:d7:5d:0b:bc:b4:6c:11:3d:20:17: b5:05:42:9d:4d:67:5d:db:80:f1:4d:d6:5b:37:3b: b0:c9:62:e9:80:6c:18:0f:f6:04:9f:4a:47:90:a4: fa:d7:e1:49:62:1f:cd:d1:1d:fc:b8:46:dd:2e:a1: 3f:1d:5e:6e:7b:2f:11:f1:04:e6:fa:06:6b:0f:7b: e3:20:52:98:05:36:f9:80:f3:15:2d:a5:9c:a1:4b: 9e:02:3e:83:4b:32:c2:0a:77:db:b9:6e:21:0e:1f: dd:57:54:3b:46:4d:25:f2:da:ba:37:a0:5a:07:b4: a6:76:2d:2b:50:d2:f8:db:d8:97:c2:8e:1a:c3:f4: 42:e5:59:17:78:56:37:d3:55:0d:7b:ae:ca:b6:d1: cb:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:EA:96:AC:71:BE:0F:30:2B:A7:53:F4:C1:A6:B6:A3:12:0C:CD:34 X509v3 Authority Key Identifier: keyid:85:D0:5E:01:7E:33:3D:17:B3:AE:B8:C5:D4:94:3B:E8:DC:67:C0:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdBeAX4zPRezrrjF1JQ76NxnwIQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/095ac9-c3fa-465d-831d-47c950336e2f/1/hdBeAX4zPRezrrjF1JQ76NxnwIQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/095ac9-c3fa-465d-831d-47c950336e2f/1/hdBeAX4zPRezrrjF1JQ76NxnwIQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:a6:97:67:63:db:ca:dd:92:6c:f8:4e:0a:56:7c:71:01:34: 75:25:68:85:8d:e6:3e:43:70:6b:4b:fa:43:aa:da:27:ab:af: 6d:49:9d:26:cc:57:29:f3:3a:45:3d:cb:19:b3:01:ec:de:77: 35:9d:64:af:77:e5:e0:57:58:95:aa:6b:ba:62:32:83:18:7a: 1e:04:ce:56:93:a0:44:2f:df:3b:47:2e:bf:fa:ad:81:d9:11: 20:c2:d6:89:45:e9:04:a8:50:79:8e:60:1f:bc:3e:f3:2f:f1: 66:39:18:95:79:f6:e7:12:1c:c0:dc:0d:fc:fd:74:43:86:4f: fa:9a:fd:85:f8:73:7d:84:46:eb:9d:57:22:2e:44:95:6e:2f: a2:ed:4a:31:65:da:64:10:4d:69:45:ef:da:ca:9d:e8:5a:9f: 7c:28:98:ef:7b:92:f8:89:ae:a2:6a:2c:f8:59:4d:f1:d6:6a: 54:da:61:66:2a:4f:d3:e6:a2:57:a5:dd:53:06:ab:15:0f:6f: b5:b0:f6:eb:07:5c:4c:e2:7f:ef:74:40:e4:50:ce:a8:5c:51: c9:11:d7:9e:94:36:02:74:2f:19:f5:a1:b5:ab:63:1e:92:04: 9c:7c:9d:23:aa:c8:25:3f:1e:f8:cc:e0:2d:ed:84:30:26:0f: fc:49:37:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz98cWpxhQWOi9LLUSVP1VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZDA1ZTAxN2UzMzNkMTdiM2FlYjhjNWQ0OTQzYmU4ZGM2 N2MwODQwHhcNMjUxMjA2MTQwMTMzWhcNMjUxMjA3MTQwMTMzWjAzMTEwLwYDVQQD Eyg3YmVhOTZhYzcxYmUwZjMwMmJhNzUzZjRjMWE2YjZhMzEyMGNjZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41ux59UUOeEFnrGdnY6FXkKQY4kW /umwWkJ5Un7+MTPMxVPNQHqZay7g3HAAt8+pfurzvXUlH0uGe6JHfHFkh/ZZhEcJ KiyuPkdNR4+xV/HbKJe4QF9hvqrre1vdfO616VZ6Exx1+ANzVIHKq9ddC7y0bBE9 IBe1BUKdTWdd24DxTdZbNzuwyWLpgGwYD/YEn0pHkKT61+FJYh/N0R38uEbdLqE/ HV5uey8R8QTm+gZrD3vjIFKYBTb5gPMVLaWcoUueAj6DSzLCCnfbuW4hDh/dV1Q7 Rk0l8tq6N6BaB7Smdi0rUNL429iXwo4aw/RC5VkXeFY301UNe67KttHLlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHvqlqxxvg8wK6dT9MGmtqMSDM00MB8GA1UdIwQY MBaAFIXQXgF+Mz0Xs664xdSUO+jcZ8CEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGRCZUFYNHpQUmV6cnJqRjFKUTc2Tnhud0lRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wOTVhYzktYzNmYS00NjVkLTgzMWQt NDdjOTUwMzM2ZTJmLzEvaGRCZUFYNHpQUmV6cnJqRjFKUTc2Tnhud0lRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS8wOTVhYzktYzNmYS00NjVkLTgzMWQtNDdjOTUwMzM2ZTJm LzEvaGRCZUFYNHpQUmV6cnJqRjFKUTc2Tnhud0lRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANKaXZ2Pb yt2SbPhOClZ8cQE0dSVohY3mPkNwa0v6Q6raJ6uvbUmdJsxXKfM6RT3LGbMB7N53 NZ1kr3fl4FdYlaprumIygxh6HgTOVpOgRC/fO0cuv/qtgdkRIMLWiUXpBKhQeY5g H7w+8y/xZjkYlXn25xIcwNwN/P10Q4ZP+pr9hfhzfYRG651XIi5ElW4vou1KMWXa ZBBNaUXv2sqd6FqffCiY73uS+Imuomos+FlN8dZqVNphZipP0+aiV6XdUwarFQ9v tbD26wdcTOJ/73RA5FDOqFxRyRHXnpQ2AnQvGfWhtatjHpIEnHydI6rIJT8e+Mzg Le2EMCYP/Ek3eQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:44:59 2025 by rpki-client