This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.mft File: hDvoY59AOZk8H254efRynkfcN64.mft (raw, json) Hash identifier: AUsKGhdhUXnbk0lsl91i06Kc6OIU4FSKLgYAVYudqoI= Subject key identifier: 0D:C2:70:A6:88:C6:C0:53:CA:6D:41:AF:94:42:56:2D:89:9C:E2:61 Authority key identifier: 84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE Certificate issuer: /CN=843be8639f4039993c1f6e7879f4729e47dc37ae Certificate serial: 019AF3C0A1A88E3FD4A44608E16E856F5E8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.mft Manifest number: 0977 Signing time: Sat 06 Dec 2025 13:01:18 +0000 Manifest this update: Sat 06 Dec 2025 13:01:18 +0000 Manifest next update: Sun 07 Dec 2025 13:01:18 +0000 Files and hashes: 1: J7Gy2XDgfHPCSDMpGX8qtAkzxgw.roa (hash: 6l+CaQcFJnHqVrHhZ9HMXXYDvAoiNAEfMopwPsMkNsc=) 2: hDvoY59AOZk8H254efRynkfcN64.crl (hash: KLWN4d9HcJd1YvP79Kf1Q0Yj1sl7A0xWOWQsXpEiCZA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.mft rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:a1:a8:8e:3f:d4:a4:46:08:e1:6e:85:6f:5e:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843be8639f4039993c1f6e7879f4729e47dc37ae Validity Not Before: Dec 6 13:01:18 2025 GMT Not After : Dec 7 13:01:18 2025 GMT Subject: CN=0dc270a688c6c053ca6d41af9442562d899ce261 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:cb:80:aa:c7:5b:35:21:17:89:e0:31:f3:9b: ed:91:a2:e3:fa:45:bb:50:0c:6b:fe:f9:b5:a1:a7: 97:8b:9b:bc:ab:5c:a9:da:71:57:01:29:a6:a0:ce: 3c:f4:a4:14:b1:52:36:f5:b6:ee:b0:fe:e7:81:a7: 7c:a0:0b:23:fc:cc:0c:0c:3c:30:30:d3:0b:e7:a9: c3:e9:c8:87:17:14:90:3c:bf:69:1b:99:67:14:6d: 42:47:11:20:ca:2b:fa:36:fa:e7:b8:34:74:e0:ec: 46:17:ce:19:d9:3f:19:67:0e:9c:f4:16:74:2a:45: 12:c6:c3:04:a5:7f:db:0b:70:89:1e:3b:ca:46:8e: 65:97:e8:18:39:32:cc:c7:0e:72:73:7a:49:da:cc: 96:bc:97:1d:89:f9:20:e2:e7:47:52:d8:82:24:10: b0:b7:8b:f0:9e:c3:ae:ba:e4:f2:c5:80:cc:a2:72: d1:b8:49:f1:57:e0:bd:d2:2d:eb:7e:9c:c5:aa:50: 68:d0:7a:d2:82:c2:5a:55:f4:ce:32:c6:89:2a:a3: fc:db:5c:0e:d2:de:2a:23:de:46:73:ab:98:b3:4c: 63:42:04:43:d3:10:8d:58:30:37:97:ad:72:c1:23: 77:26:49:ee:d4:07:23:09:1c:9d:79:6b:ff:92:4b: e6:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:C2:70:A6:88:C6:C0:53:CA:6D:41:AF:94:42:56:2D:89:9C:E2:61 X509v3 Authority Key Identifier: keyid:84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:f9:79:d1:ac:04:ae:62:15:f4:6e:75:c2:b3:c2:0b:31:0a: 35:9e:7d:15:16:e9:7e:9f:4d:71:d7:89:15:ca:31:41:b2:e7: 84:a6:43:2c:c1:28:0d:6b:d2:3d:4c:58:fe:3e:40:17:18:38: 88:82:5e:64:02:ee:d6:e5:bf:33:bd:80:eb:29:30:4a:03:a5: 5b:71:84:e3:67:a9:05:48:54:db:a9:95:ae:b7:be:46:82:2c: 7a:26:47:da:e3:6b:83:c7:c7:b9:32:f9:a3:55:bb:9e:02:47: c6:1e:ab:3c:0a:5b:e8:e9:b6:fa:ae:46:6a:37:aa:c0:06:0d: fe:22:09:70:ba:0f:33:16:d1:ac:0a:0e:5a:a2:64:c2:4c:d7: af:8d:4f:30:01:ed:e8:87:5a:4b:b5:2d:2e:57:6c:01:d6:86: 08:c3:96:07:df:fc:4f:d6:59:ff:95:01:7b:58:35:ad:92:ce: 85:c4:09:7b:d6:23:99:72:02:ce:11:3f:8c:8d:8e:ec:28:f3: 5b:0e:8d:85:8a:6c:c2:8d:ce:94:c0:09:26:27:8d:40:3d:52: b2:eb:6e:25:4e:55:f9:85:be:1d:3c:8f:3e:10:4d:e7:c4:a5: 99:66:3e:f6:fc:f6:22:47:45:f4:44:4e:51:56:87:bf:cb:77: 74:22:d1:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwKGojj/UpEYI4W6Fb16LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0M2JlODYzOWY0MDM5OTkzYzFmNmU3ODc5ZjQ3MjllNDdk YzM3YWUwHhcNMjUxMjA2MTMwMTE4WhcNMjUxMjA3MTMwMTE4WjAzMTEwLwYDVQQD EygwZGMyNzBhNjg4YzZjMDUzY2E2ZDQxYWY5NDQyNTYyZDg5OWNlMjYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cuAqsdbNSEXieAx85vtkaLj+kW7 UAxr/vm1oaeXi5u8q1yp2nFXASmmoM489KQUsVI29bbusP7ngad8oAsj/MwMDDww MNML56nD6ciHFxSQPL9pG5lnFG1CRxEgyiv6NvrnuDR04OxGF84Z2T8ZZw6c9BZ0 KkUSxsMEpX/bC3CJHjvKRo5ll+gYOTLMxw5yc3pJ2syWvJcdifkg4udHUtiCJBCw t4vwnsOuuuTyxYDMonLRuEnxV+C90i3rfpzFqlBo0HrSgsJaVfTOMsaJKqP821wO 0t4qI95Gc6uYs0xjQgRD0xCNWDA3l61ywSN3Jknu1AcjCRydeWv/kkvm+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA3CcKaIxsBTym1Br5RCVi2JnOJhMB8GA1UdIwQY MBaAFIQ76GOfQDmZPB9ueHn0cp5H3DeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2Mt Nzc4ODc0OGY2N2NiLzEvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2MtNzc4ODc0OGY2N2Ni LzEvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK/l50awE rmIV9G51wrPCCzEKNZ59FRbpfp9NcdeJFcoxQbLnhKZDLMEoDWvSPUxY/j5AFxg4 iIJeZALu1uW/M72A6ykwSgOlW3GE42epBUhU26mVrre+RoIseiZH2uNrg8fHuTL5 o1W7ngJHxh6rPApb6Om2+q5GajeqwAYN/iIJcLoPMxbRrAoOWqJkwkzXr41PMAHt 6IdaS7UtLldsAdaGCMOWB9/8T9ZZ/5UBe1g1rZLOhcQJe9YjmXICzhE/jI2O7Cjz Ww6NhYpswo3OlMAJJieNQD1SsutuJU5V+YW+HTyPPhBN58SlmWY+9vz2IkdF9ERO UVaHv8t3dCLRTA== -----END CERTIFICATE-----Generated at Sat Dec 6 21:05:44 2025 by rpki-client