This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft File: HQHtI2TsgiZcaIaf5yvnVzGaMes.mft (raw, json) Hash identifier: O+k/mwWnV9onalJp7sMixH2y5g0fwHs7zpzLWUImKu0= Subject key identifier: 57:78:C6:F7:64:74:49:D1:E9:4D:75:E8:A7:06:04:7A:07:A4:FF:36 Authority key identifier: 1D:01:ED:23:64:EC:82:26:5C:68:86:9F:E7:2B:E7:57:31:9A:31:EB Certificate issuer: /CN=1d01ed2364ec82265c68869fe72be757319a31eb Certificate serial: 019AF2ADD8BD6685735F6C11AE406F8C5D55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft Manifest number: 1583 Signing time: Sat 06 Dec 2025 08:01:10 +0000 Manifest this update: Sat 06 Dec 2025 08:01:10 +0000 Manifest next update: Sun 07 Dec 2025 08:01:10 +0000 Files and hashes: 1: HQHtI2TsgiZcaIaf5yvnVzGaMes.crl (hash: DtI+Kt3B5img1DkfkFoKO3y05+sDC/YKOUUUGgEUgv8=) 2: VrKnPWUHZqDvzs6ur0GOjZl2i2E.roa (hash: mb8FZcI3peRcYmZtZcg+Q1vM47sFhZh3vrE8fwC75+A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:d8:bd:66:85:73:5f:6c:11:ae:40:6f:8c:5d:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d01ed2364ec82265c68869fe72be757319a31eb Validity Not Before: Dec 6 08:01:10 2025 GMT Not After : Dec 7 08:01:10 2025 GMT Subject: CN=5778c6f7647449d1e94d75e8a706047a07a4ff36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:84:bf:7e:f7:42:91:5c:21:96:e0:b1:3e:00: 4e:46:92:32:07:1d:26:6f:36:cd:94:c0:91:59:db: 19:0f:91:45:72:f9:b3:e3:8f:93:db:aa:a3:85:d7: d3:55:6c:ad:98:55:98:de:8d:1c:36:de:d5:ef:de: 27:41:18:cc:c7:e5:52:ac:41:06:59:a5:ad:fe:dd: f9:0e:31:71:de:d8:56:0a:64:65:67:41:f2:2a:81: 80:63:a6:11:e1:aa:4b:56:8b:3d:de:ca:02:83:1b: 3c:41:49:5a:78:37:d9:49:e7:85:94:e5:8c:07:da: a3:e2:19:66:4b:bb:6d:97:75:10:2a:bb:d2:f9:a6: 11:51:db:27:0a:75:c8:fc:f8:41:42:fd:0e:84:68: c7:aa:fe:c8:34:ae:c2:da:83:36:f2:4f:d6:cd:57: 57:7f:f9:62:c1:65:91:b5:38:dc:d2:31:f0:06:56: 2f:62:cc:27:f4:f7:22:30:1d:4c:c5:e5:5e:9d:23: 81:ed:54:ed:4b:39:c6:37:af:13:5f:89:47:37:2a: a6:95:d0:b9:2a:fc:c9:7d:d5:66:c6:4c:05:cb:4d: 81:fe:e3:29:96:fd:e2:59:b5:34:e2:63:4a:6f:a7: f6:58:b8:26:85:9a:a3:ca:c2:37:2f:4b:78:d5:7e: bf:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:78:C6:F7:64:74:49:D1:E9:4D:75:E8:A7:06:04:7A:07:A4:FF:36 X509v3 Authority Key Identifier: keyid:1D:01:ED:23:64:EC:82:26:5C:68:86:9F:E7:2B:E7:57:31:9A:31:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQHtI2TsgiZcaIaf5yvnVzGaMes.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/99d683-43dc-484a-9047-b43cae6e2319/1/HQHtI2TsgiZcaIaf5yvnVzGaMes.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e7:28:10:ac:08:89:d3:b3:95:61:ce:51:ec:91:e8:89:a5:85: 1b:a1:7c:2f:f8:f1:90:24:50:45:ee:b6:49:f6:6f:0b:69:99: 05:b7:56:f9:6a:c9:ea:96:39:91:1c:b7:6f:0a:f9:dc:74:f5: 46:9c:76:70:fc:fb:8f:73:b0:99:ba:2b:64:79:7a:f1:92:51: 67:38:03:a1:ef:56:09:42:be:8b:91:0f:3f:03:d5:73:c5:07: 73:d8:b5:4f:f4:8f:2a:5a:77:74:43:b1:9f:63:da:8e:a3:db: 57:e1:97:93:7d:8c:f1:7d:8f:3f:bb:31:b2:35:9b:6d:a0:8c: 6e:2c:9d:93:b7:78:12:6f:ac:57:b6:7d:7b:b6:67:ce:00:1f: 29:4f:de:a2:b1:2c:a7:f6:50:01:b3:83:1a:82:c9:65:20:91: 44:83:15:be:89:53:b8:fb:bf:78:f0:ca:64:97:95:ea:99:5b: 15:68:a3:6a:45:9d:a8:de:ec:8d:ca:f2:3f:8a:b2:e0:90:16: 2a:35:24:43:6e:44:4a:17:6d:7e:3f:78:dc:27:f1:cf:13:65: f8:9a:4a:31:cf:df:d6:f4:48:8c:c5:78:41:63:60:e3:97:75: 15:08:97:f6:9f:cf:48:f9:db:46:af:ce:9b:da:01:48:f0:b2: 5e:d0:a7:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrdi9ZoVzX2wRrkBvjF1VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMDFlZDIzNjRlYzgyMjY1YzY4ODY5ZmU3MmJlNzU3MzE5 YTMxZWIwHhcNMjUxMjA2MDgwMTEwWhcNMjUxMjA3MDgwMTEwWjAzMTEwLwYDVQQD Eyg1Nzc4YzZmNzY0NzQ0OWQxZTk0ZDc1ZThhNzA2MDQ3YTA3YTRmZjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYS/fvdCkVwhluCxPgBORpIyBx0m bzbNlMCRWdsZD5FFcvmz44+T26qjhdfTVWytmFWY3o0cNt7V794nQRjMx+VSrEEG WaWt/t35DjFx3thWCmRlZ0HyKoGAY6YR4apLVos93soCgxs8QUlaeDfZSeeFlOWM B9qj4hlmS7ttl3UQKrvS+aYRUdsnCnXI/PhBQv0OhGjHqv7INK7C2oM28k/WzVdX f/liwWWRtTjc0jHwBlYvYswn9PciMB1MxeVenSOB7VTtSznGN68TX4lHNyqmldC5 KvzJfdVmxkwFy02B/uMplv3iWbU04mNKb6f2WLgmhZqjysI3L0t41X6/RQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFd4xvdkdEnR6U116KcGBHoHpP82MB8GA1UdIwQY MBaAFB0B7SNk7IImXGiGn+cr51cxmjHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85OWQ2ODMtNDNkYy00ODRhLTkwNDct YjQzY2FlNmUyMzE5LzEvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS85OWQ2ODMtNDNkYy00ODRhLTkwNDctYjQzY2FlNmUyMzE5 LzEvSFFIdEkyVHNnaVpjYUlhZjV5dm5WekdhTWVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5ygQrAiJ 07OVYc5R7JHoiaWFG6F8L/jxkCRQRe62SfZvC2mZBbdW+WrJ6pY5kRy3bwr53HT1 Rpx2cPz7j3OwmborZHl68ZJRZzgDoe9WCUK+i5EPPwPVc8UHc9i1T/SPKlp3dEOx n2PajqPbV+GXk32M8X2PP7sxsjWbbaCMbiydk7d4Em+sV7Z9e7ZnzgAfKU/eorEs p/ZQAbODGoLJZSCRRIMVvolTuPu/ePDKZJeV6plbFWijakWdqN7sjcryP4qy4JAW KjUkQ25EShdtfj943CfxzxNl+JpKMc/f1vRIjMV4QWNg45d1FQiX9p/PSPnbRq/O m9oBSPCyXtCneA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:30:46 2025 by rpki-client