This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft File: hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json) Hash identifier: gGpJTdcU3j/lz/REbTgYWd8kNLPRip7acUcJmk7/K6w= Subject key identifier: 40:00:8E:6D:B9:B6:64:69:CA:9D:63:26:B9:1A:10:33:79:AB:44:8E Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93 Certificate issuer: /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593 Certificate serial: 019AF3F7657232DD0AD8ACFD3BF746FD56B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft Manifest number: 056E Signing time: Sat 06 Dec 2025 14:01:08 +0000 Manifest this update: Sat 06 Dec 2025 14:01:08 +0000 Manifest next update: Sun 07 Dec 2025 14:01:08 +0000 Files and hashes: 1: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: Ghg0f4YdM93ZjZpEDB40DXi3D0cIaNXSwK7KQmuUpIQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:65:72:32:dd:0a:d8:ac:fd:3b:f7:46:fd:56:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593 Validity Not Before: Dec 6 14:01:08 2025 GMT Not After : Dec 7 14:01:08 2025 GMT Subject: CN=40008e6db9b66469ca9d6326b91a103379ab448e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:11:9d:cc:b6:71:34:d2:33:76:d7:48:52:bc: 91:5b:79:fd:15:1c:9d:98:64:fa:fd:5f:1d:f0:5d: 74:5c:8d:d1:61:2e:bd:c6:e9:c0:ff:e5:c0:92:cc: 02:db:62:95:47:ad:cd:b0:14:ea:98:f9:ec:72:c4: d2:12:1a:3d:3c:22:d3:b1:99:c3:f7:7e:0b:e4:b5: e1:3f:dc:bf:f2:c2:de:42:fc:d5:d8:67:f7:84:79: 09:f9:c4:e2:db:49:ef:44:9a:18:00:8f:ae:25:60: be:6d:fd:96:24:1d:dd:08:e8:4e:21:03:83:e3:00: 28:ad:c9:bf:59:06:bc:ba:f6:c9:43:5d:32:41:33: c8:96:bf:5d:90:46:71:c5:50:f8:12:7e:47:95:18: 52:3b:df:60:d2:16:6f:a3:00:34:91:b4:78:84:00: 82:d4:1d:40:a1:15:63:4a:00:13:25:d2:ee:8a:2c: 53:bf:fc:60:48:89:f1:88:00:1a:dc:ef:e8:8d:32: 2d:ef:99:87:c3:65:a5:fd:22:ff:a3:4b:9b:ef:0f: 40:dd:8f:37:1a:49:09:10:5d:f7:e4:7e:37:75:78: b8:1f:d6:c9:16:9d:91:0a:aa:8e:51:33:c3:8a:29: 3b:b7:56:fb:fe:e8:b8:06:c2:42:46:c9:d9:b7:30: 83:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:00:8E:6D:B9:B6:64:69:CA:9D:63:26:B9:1A:10:33:79:AB:44:8E X509v3 Authority Key Identifier: keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:12:2d:2c:92:4d:7b:70:a9:e7:20:da:3e:ff:eb:79:9b:2d: a6:8d:00:82:f8:d7:5b:71:2c:32:82:5b:27:3c:53:14:80:6c: 26:ba:94:da:9c:d8:2a:7a:c9:54:b1:f1:c5:25:03:78:5c:84: 9c:cf:73:d9:2f:ce:ea:0f:94:7a:5a:6b:bb:8c:78:4a:b5:e5: ab:94:5c:ae:e7:ce:cf:4d:06:58:93:26:20:31:d7:3b:a7:48: d1:08:e0:25:74:20:81:bd:08:be:fe:ef:5f:f4:68:cc:11:a2: f6:d6:28:28:ce:13:df:ac:71:75:87:05:cc:8c:5e:69:8f:40: 86:53:22:88:ad:dc:9d:ef:c7:a9:50:e3:f3:f2:a7:3b:64:3e: 47:6a:ec:5d:f3:c5:aa:01:4b:22:b5:f8:56:66:13:08:87:f5: 63:28:dd:d5:ae:bd:39:19:1a:7b:00:a9:21:d5:c2:56:46:56: 4f:23:9f:b4:bc:cc:a1:b6:ef:2e:b7:c5:b7:6b:d2:4b:d4:f9: bd:e8:d7:cc:12:bd:ff:4a:e3:1b:32:31:a8:b3:d7:bc:3f:69: e1:27:46:ff:d1:e0:04:5b:f3:d5:c3:cf:d4:18:07:0a:74:95: 23:17:ce:ff:9f:77:69:9b:89:a1:e8:85:98:02:82:ce:31:72: 59:d4:f5:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz92VyMt0K2Kz9O/dG/Va3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj ZDI1OTMwHhcNMjUxMjA2MTQwMTA4WhcNMjUxMjA3MTQwMTA4WjAzMTEwLwYDVQQD Eyg0MDAwOGU2ZGI5YjY2NDY5Y2E5ZDYzMjZiOTFhMTAzMzc5YWI0NDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRGdzLZxNNIzdtdIUryRW3n9FRyd mGT6/V8d8F10XI3RYS69xunA/+XAkswC22KVR63NsBTqmPnscsTSEho9PCLTsZnD 934L5LXhP9y/8sLeQvzV2Gf3hHkJ+cTi20nvRJoYAI+uJWC+bf2WJB3dCOhOIQOD 4wAorcm/WQa8uvbJQ10yQTPIlr9dkEZxxVD4En5HlRhSO99g0hZvowA0kbR4hACC 1B1AoRVjSgATJdLuiixTv/xgSInxiAAa3O/ojTIt75mHw2Wl/SL/o0ub7w9A3Y83 GkkJEF335H43dXi4H9bJFp2RCqqOUTPDiik7t1b7/ui4BsJCRsnZtzCDBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEAAjm25tmRpyp1jJrkaEDN5q0SOMB8GA1UdIwQY MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABItLJJN e3Cp5yDaPv/reZstpo0AgvjXW3EsMoJbJzxTFIBsJrqU2pzYKnrJVLHxxSUDeFyE nM9z2S/O6g+Uelpru4x4SrXlq5RcrufOz00GWJMmIDHXO6dI0QjgJXQggb0Ivv7v X/RozBGi9tYoKM4T36xxdYcFzIxeaY9AhlMiiK3cne/HqVDj8/KnO2Q+R2rsXfPF qgFLIrX4VmYTCIf1Yyjd1a69ORkaewCpIdXCVkZWTyOftLzMobbvLrfFt2vSS9T5 vejXzBK9/0rjGzIxqLPXvD9p4SdG/9HgBFvz1cPP1BgHCnSVIxfO/593aZuJoeiF mAKCzjFyWdT1NQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:27:50 2025 by rpki-client