This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft File: hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft (raw, json) Hash identifier: EGd/r1tGeBF/RkWe4ntM5ZkHqqiHH8StFEz4L7m2YzU= Subject key identifier: 04:8C:04:07:59:28:3C:F9:21:9A:98:A9:08:39:59:61:A9:63:8A:DC Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00 Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00 Certificate serial: 019AF208F765E22F652238A354E892FF488F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft Manifest number: 11FC Signing time: Sat 06 Dec 2025 05:01:05 +0000 Manifest this update: Sat 06 Dec 2025 05:01:05 +0000 Manifest next update: Sun 07 Dec 2025 05:01:05 +0000 Files and hashes: 1: XLQfftOCYwZhCKWBFvPgcWtM3ng.roa (hash: e5IwRRubP2iih1RAenDvyf84x82YlIWC8mC3l2YoKV8=) 2: hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl (hash: llR7qUlbVgpqpJxJfTc5djWAnokYIoHCtyHAUBSFbTI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:f7:65:e2:2f:65:22:38:a3:54:e8:92:ff:48:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00 Validity Not Before: Dec 6 05:01:05 2025 GMT Not After : Dec 7 05:01:05 2025 GMT Subject: CN=048c040759283cf9219a98a908395961a9638adc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a6:44:f8:1b:a3:b7:05:7d:c1:aa:a4:77:64: ee:a6:ca:00:9f:06:f2:01:15:ff:64:16:64:bc:68: 2e:39:8d:1a:4f:ec:72:95:e8:a7:18:d6:b2:a4:4d: 25:3c:a1:04:57:5d:2a:7b:17:56:6c:4b:20:52:b6: 29:ed:e3:85:bb:c3:33:d7:03:e9:c6:e4:7b:0f:df: b5:87:15:57:46:6a:c5:26:9b:4a:4e:a7:f9:c2:16: 70:14:61:58:75:f3:c4:4a:8c:71:49:54:29:34:a9: a5:b8:ac:d9:16:6c:b1:02:62:e1:50:66:b6:8c:3d: 5b:8b:b1:6c:cd:3a:ff:52:f4:b1:bb:a4:b3:c5:67: 35:09:19:c5:c5:c1:51:6f:fb:d5:06:15:3d:41:5c: 39:93:c0:de:02:d4:59:8a:ef:75:da:35:54:bd:ba: 2d:a5:cd:80:26:52:c2:55:4d:b5:e6:fa:6c:4a:4b: e2:f0:b9:46:6e:18:a0:6b:c4:82:dd:d7:2f:b7:e3: 59:e1:0d:9d:32:65:47:9f:97:98:7b:13:cf:ed:84: 4d:5e:5b:ec:7e:4d:3b:db:1e:42:10:6f:81:e7:4f: 04:2b:57:2c:c9:c1:9e:39:ea:ad:29:00:cd:70:bb: 47:f0:0d:21:18:20:3c:6f:ef:3a:a7:66:e6:19:c7: e0:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:8C:04:07:59:28:3C:F9:21:9A:98:A9:08:39:59:61:A9:63:8A:DC X509v3 Authority Key Identifier: keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:ec:7f:a4:68:28:08:8e:12:4c:03:b4:13:a0:16:87:73:58: ea:04:e3:1d:0a:0a:9a:28:c2:35:74:f2:a5:be:b7:a3:af:42: 1d:5f:e5:e5:49:2e:c1:a6:74:85:be:20:6d:51:fa:5a:dd:b6: 21:5c:cd:ec:78:ac:33:41:dc:f9:bc:0e:68:37:53:40:b9:cb: 5b:27:64:ac:25:96:17:d7:4f:06:06:1a:6e:ad:fb:90:70:9c: cd:e2:c8:db:ad:a1:b5:5e:c1:ac:64:60:e6:db:db:55:d8:72: 4e:1d:8d:56:d8:6d:36:47:5f:a9:93:51:5a:5e:52:1c:e8:a1: e7:f3:fa:69:d7:ff:ab:f8:d5:26:c8:3d:97:43:77:ec:b3:8b: c6:0a:73:b8:fe:12:d0:2d:cb:95:d6:d8:3b:d1:a0:14:f8:fd: df:8d:40:74:a4:44:cd:02:9e:a2:76:55:8b:dc:62:e8:36:17: 88:0e:2b:e1:de:f3:c3:0d:97:9a:f7:51:d8:2f:cf:63:41:8e: 0f:24:d5:15:c5:1b:3a:7d:ca:ed:e3:e7:2a:ed:09:4e:1f:4a: f2:8a:38:ed:ac:a6:1c:51:1b:8a:22:fc:7f:54:13:49:e6:27: 15:49:75:9f:1c:db:28:ac:85:eb:7b:ec:ca:ab:d8:da:92:ab: d0:b3:68:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCPdl4i9lIjijVOiS/0iPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw M2FkMDAwHhcNMjUxMjA2MDUwMTA1WhcNMjUxMjA3MDUwMTA1WjAzMTEwLwYDVQQD EygwNDhjMDQwNzU5MjgzY2Y5MjE5YTk4YTkwODM5NTk2MWE5NjM4YWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qZE+BujtwV9waqkd2TupsoAnwby ARX/ZBZkvGguOY0aT+xyleinGNaypE0lPKEEV10qexdWbEsgUrYp7eOFu8Mz1wPp xuR7D9+1hxVXRmrFJptKTqf5whZwFGFYdfPESoxxSVQpNKmluKzZFmyxAmLhUGa2 jD1bi7FszTr/UvSxu6SzxWc1CRnFxcFRb/vVBhU9QVw5k8DeAtRZiu912jVUvbot pc2AJlLCVU215vpsSkvi8LlGbhiga8SC3dcvt+NZ4Q2dMmVHn5eYexPP7YRNXlvs fk072x5CEG+B508EK1csycGeOeqtKQDNcLtH8A0hGCA8b+86p2bmGcfgOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFASMBAdZKDz5IZqYqQg5WWGpY4rcMB8GA1UdIwQY MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt NDYzNTMxMDQ2YzdmLzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZex/pGgo CI4STAO0E6AWh3NY6gTjHQoKmijCNXTypb63o69CHV/l5UkuwaZ0hb4gbVH6Wt22 IVzN7HisM0Hc+bwOaDdTQLnLWydkrCWWF9dPBgYabq37kHCczeLI262htV7BrGRg 5tvbVdhyTh2NVthtNkdfqZNRWl5SHOih5/P6adf/q/jVJsg9l0N37LOLxgpzuP4S 0C3LldbYO9GgFPj9341AdKREzQKeonZVi9xi6DYXiA4r4d7zww2XmvdR2C/PY0GO DyTVFcUbOn3K7ePnKu0JTh9K8oo47aymHFEbiiL8f1QTSeYnFUl1nxzbKKyF63vs yqvY2pKr0LNoAw== -----END CERTIFICATE-----Generated at Sat Dec 6 14:52:10 2025 by rpki-client