This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft File: hAfwBj7przHYfP5lubwZPrQsiWk.mft (raw, json) Hash identifier: V0ltuFmOYHKpVJaJfF7zOkmGqJ8+/o54U2IVdRsyh5I= Subject key identifier: 4C:01:4F:E6:0D:A6:9A:5B:50:88:EE:8E:49:59:6D:1F:CD:1C:FB:71 Authority key identifier: 84:07:F0:06:3E:E9:AF:31:D8:7C:FE:65:B9:BC:19:3E:B4:2C:89:69 Certificate issuer: /CN=8407f0063ee9af31d87cfe65b9bc193eb42c8969 Certificate serial: 019AF19B0FFBE7C3DAA04BE83C5411F8B87D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft Manifest number: 07C5 Signing time: Sat 06 Dec 2025 03:01:02 +0000 Manifest this update: Sat 06 Dec 2025 03:01:02 +0000 Manifest next update: Sun 07 Dec 2025 03:01:02 +0000 Files and hashes: 1: Z7UyGu5eAyy6eE2IZXWBPwAGCsY.roa (hash: 69ViYIsd0St7iG615BWi/I8unIJ08lLoNoGfAWMd13A=) 2: hAfwBj7przHYfP5lubwZPrQsiWk.crl (hash: xQl2fXOcVGOhbsaG8b5u0Cdh6AXwpzxnGyh1iUVRG2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:0f:fb:e7:c3:da:a0:4b:e8:3c:54:11:f8:b8:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8407f0063ee9af31d87cfe65b9bc193eb42c8969 Validity Not Before: Dec 6 03:01:02 2025 GMT Not After : Dec 7 03:01:02 2025 GMT Subject: CN=4c014fe60da69a5b5088ee8e49596d1fcd1cfb71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:09:9b:da:9f:c0:5a:5e:2e:7b:f3:5c:0f:c2: 36:72:10:08:dc:e1:6a:c9:c9:59:f6:f8:e2:af:b7: 81:78:bc:22:6f:e3:95:2a:f3:92:de:fc:4d:54:2f: 54:18:ce:ba:13:b1:cc:e9:4c:e9:26:82:71:9b:2f: b9:4f:6e:e1:57:ba:ee:31:8a:b9:98:b6:70:17:0a: 23:df:7c:4c:8b:29:33:40:69:18:c3:f7:44:81:ea: d1:f2:75:7e:86:43:9a:da:7b:dd:e2:05:00:51:26: ae:40:7d:ba:d0:7a:ee:2e:e3:aa:79:1f:02:1e:13: 77:21:8c:76:12:85:a1:b0:a7:b2:ff:29:d4:ef:d9: 45:47:1d:8f:67:dc:7c:1d:9f:50:64:d8:7d:25:fd: 04:16:c6:7a:db:27:fe:cd:f7:d7:ee:1a:f3:24:b8: e4:2f:44:fe:da:5d:8c:10:dd:44:a6:d7:fa:2e:c8: 6a:78:d1:c2:2e:ed:4c:99:65:b3:5d:27:1e:b2:51: 27:e2:3a:9f:fb:0a:f1:a6:a3:72:05:f6:8c:39:6e: 5a:6f:6c:8d:4a:98:45:81:a4:55:fb:09:d5:79:cf: fd:c6:c2:19:33:86:c4:cf:28:49:03:d4:fa:8b:3a: 3c:52:87:eb:dc:ec:73:9d:55:70:47:6a:a8:7b:6b: 60:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:01:4F:E6:0D:A6:9A:5B:50:88:EE:8E:49:59:6D:1F:CD:1C:FB:71 X509v3 Authority Key Identifier: keyid:84:07:F0:06:3E:E9:AF:31:D8:7C:FE:65:B9:BC:19:3E:B4:2C:89:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:70:35:bd:3a:df:b5:dc:e3:1a:28:da:f8:c3:6c:3f:15:00: 3d:7e:51:ab:a2:2f:3a:dd:c1:6e:82:a2:69:cc:12:77:17:36: e4:6c:35:fe:6c:5e:fd:71:0f:0b:53:46:a2:df:ef:3e:5f:42: 04:48:0e:d1:f2:8a:15:60:49:73:5c:1e:cc:36:51:d8:bd:dd: 82:1f:69:65:66:41:e8:17:27:bc:83:3d:83:58:32:93:f5:76: b0:e8:bc:07:d0:92:ca:5d:17:a3:b5:33:d7:97:d1:60:20:dd: b8:f0:50:c6:a4:2a:95:41:0d:2c:d2:f6:f4:4c:bc:3d:cf:5d: a3:4d:4b:bc:40:7d:76:39:3a:38:5d:8d:c6:e7:56:60:c0:a9: 88:db:b9:39:81:62:3d:af:22:0d:da:7c:bd:82:8d:1c:b0:28: 52:9c:93:15:8b:1c:43:10:63:80:82:e9:2f:45:81:76:97:87: f7:8d:98:8c:b6:d7:dd:bf:a8:a2:ac:ba:83:22:3b:59:a4:ca: 58:1a:eb:9e:6d:fc:18:98:75:09:ea:48:5d:c5:76:c1:44:74: 82:64:1d:13:0b:c8:c1:9e:32:21:fc:4b:dc:1e:03:3a:e0:2e: 9c:36:a4:ec:7f:8d:ae:99:b3:9d:09:91:57:fa:70:0f:3d:61: 34:ac:3e:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmw/758PaoEvoPFQR+Lh9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MDdmMDA2M2VlOWFmMzFkODdjZmU2NWI5YmMxOTNlYjQy Yzg5NjkwHhcNMjUxMjA2MDMwMTAyWhcNMjUxMjA3MDMwMTAyWjAzMTEwLwYDVQQD Eyg0YzAxNGZlNjBkYTY5YTViNTA4OGVlOGU0OTU5NmQxZmNkMWNmYjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAmb2p/AWl4ue/NcD8I2chAI3OFq yclZ9vjir7eBeLwib+OVKvOS3vxNVC9UGM66E7HM6UzpJoJxmy+5T27hV7ruMYq5 mLZwFwoj33xMiykzQGkYw/dEgerR8nV+hkOa2nvd4gUAUSauQH260HruLuOqeR8C HhN3IYx2EoWhsKey/ynU79lFRx2PZ9x8HZ9QZNh9Jf0EFsZ62yf+zffX7hrzJLjk L0T+2l2MEN1Eptf6LshqeNHCLu1MmWWzXSceslEn4jqf+wrxpqNyBfaMOW5ab2yN SphFgaRV+wnVec/9xsIZM4bEzyhJA9T6izo8Uofr3OxznVVwR2qoe2tg1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEwBT+YNpppbUIjujklZbR/NHPtxMB8GA1UdIwQY MBaAFIQH8AY+6a8x2Hz+Zbm8GT60LIlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NTdjNTktZTNiOS00MDRmLWFmYWIt ZTFlZmNmMmVkMGE3LzEvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS82NTdjNTktZTNiOS00MDRmLWFmYWItZTFlZmNmMmVkMGE3 LzEvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3A1vTrf tdzjGija+MNsPxUAPX5Rq6IvOt3BboKiacwSdxc25Gw1/mxe/XEPC1NGot/vPl9C BEgO0fKKFWBJc1wezDZR2L3dgh9pZWZB6BcnvIM9g1gyk/V2sOi8B9CSyl0Xo7Uz 15fRYCDduPBQxqQqlUENLNL29Ey8Pc9do01LvEB9djk6OF2NxudWYMCpiNu5OYFi Pa8iDdp8vYKNHLAoUpyTFYscQxBjgILpL0WBdpeH942YjLbX3b+ooqy6gyI7WaTK WBrrnm38GJh1CepIXcV2wUR0gmQdEwvIwZ4yIfxL3B4DOuAunDak7H+NrpmznQmR V/pwDz1hNKw+jQ== -----END CERTIFICATE-----Generated at Sat Dec 6 06:58:05 2025 by rpki-client