This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft File: HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json) Hash identifier: hMny/7vXUyPXqi10Fx4bcAKmHzpi08fqRlNhRAjRkgw= Subject key identifier: 4F:1D:4D:72:65:3C:AA:48:42:2A:12:9C:BC:29:BF:33:9B:B9:0C:6E Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71 Certificate issuer: /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871 Certificate serial: 019AF12DC082BE9F000F2E3CF1AA6A3D4047 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft Manifest number: 0595 Signing time: Sat 06 Dec 2025 01:01:38 +0000 Manifest this update: Sat 06 Dec 2025 01:01:38 +0000 Manifest next update: Sun 07 Dec 2025 01:01:38 +0000 Files and hashes: 1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: yS0dnxutnLOTB2Kq/84sswPLdM47GidFyzcDO0U4AMg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c0:82:be:9f:00:0f:2e:3c:f1:aa:6a:3d:40:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871 Validity Not Before: Dec 6 01:01:38 2025 GMT Not After : Dec 7 01:01:38 2025 GMT Subject: CN=4f1d4d72653caa48422a129cbc29bf339bb90c6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:70:65:e4:fc:25:24:83:ab:ad:63:b7:31:0e: 85:e4:09:87:e8:5e:a6:74:85:e1:5a:82:85:4d:1f: ae:17:6c:92:95:9e:80:2c:48:64:03:c4:6f:e4:8e: 85:25:d3:c3:cb:5f:37:fb:f8:a3:f4:78:e7:7e:7a: 0e:2a:53:80:8e:95:ca:4c:08:8c:51:71:6d:9a:d9: 4d:78:4d:b0:20:ed:b4:29:3c:98:14:07:79:6a:fa: 9b:03:93:04:92:a3:b2:1c:a5:2f:c1:37:f2:f5:25: d7:2a:1c:cf:37:b2:9e:44:c1:52:3c:f7:f8:24:dd: 4d:cc:99:18:8b:1b:9e:85:39:22:e9:83:50:b2:3f: 9e:46:a8:6b:44:9a:c1:85:ac:58:a1:be:4e:05:17: 54:31:a9:2c:f6:7e:64:5a:53:b1:aa:ce:98:17:9c: 6a:03:9f:0e:d0:bb:cf:94:3b:b7:44:2a:27:07:b4: fa:4b:d5:0b:e0:0e:c7:09:b6:09:67:50:12:b8:7b: 57:65:4a:f9:a3:e7:11:6c:46:b9:4b:72:46:81:ce: 91:c7:13:79:56:22:a0:e8:ca:61:b2:d0:95:27:34: a4:01:e7:b9:0c:6d:41:7c:a9:14:8e:4c:83:ab:47: 48:a6:c2:87:03:77:34:33:e9:6f:fe:c3:f7:79:d1: 54:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:1D:4D:72:65:3C:AA:48:42:2A:12:9C:BC:29:BF:33:9B:B9:0C:6E X509v3 Authority Key Identifier: keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:96:f5:06:b5:1f:d6:25:c4:01:ed:e7:5d:04:4f:37:cd:fb: f6:0b:ab:55:ee:28:5d:a7:ab:82:0a:2e:18:a3:65:65:93:53: 76:31:e8:2b:e8:36:2e:fc:46:08:da:9d:88:e6:0b:56:1d:2e: 2f:cb:f5:bc:cc:b5:80:ba:2a:6a:32:71:e6:ed:e4:33:72:40: 03:e1:6c:bd:fd:33:70:3d:ef:b6:5b:ee:0c:f6:a9:aa:6d:71: 84:ea:95:32:4c:c5:24:34:dc:37:fe:30:9d:71:fa:cc:c5:16: 69:eb:d2:34:85:8c:4c:bd:da:32:4a:af:ac:48:8a:f4:b5:e8: 52:c6:68:27:77:c8:9b:aa:36:81:07:de:9a:09:93:be:5e:9b: 48:f7:12:ab:4e:11:a2:59:85:28:ab:6c:68:31:63:44:56:39: 62:c2:06:a7:8b:5c:55:4d:5a:85:0f:7f:95:6b:96:3d:60:f2: 9b:e0:71:f8:5f:12:b8:0d:f2:15:d9:b1:bd:a0:8e:b1:4d:d7: 90:ee:6c:2b:8c:b2:e9:db:11:77:65:3b:c6:68:43:de:24:4d: 7b:f0:62:68:5c:1f:1f:ae:20:21:fe:a0:16:9a:f4:cc:22:35: ea:c5:01:e1:75:60:38:df:61:0c:ba:b8:cc:6c:ba:04:da:a8: 7e:c8:be:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcCCvp8ADy488apqPUBHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx MzI4NzEwHhcNMjUxMjA2MDEwMTM4WhcNMjUxMjA3MDEwMTM4WjAzMTEwLwYDVQQD Eyg0ZjFkNGQ3MjY1M2NhYTQ4NDIyYTEyOWNiYzI5YmYzMzliYjkwYzZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnBl5PwlJIOrrWO3MQ6F5AmH6F6m dIXhWoKFTR+uF2ySlZ6ALEhkA8Rv5I6FJdPDy183+/ij9HjnfnoOKlOAjpXKTAiM UXFtmtlNeE2wIO20KTyYFAd5avqbA5MEkqOyHKUvwTfy9SXXKhzPN7KeRMFSPPf4 JN1NzJkYixuehTki6YNQsj+eRqhrRJrBhaxYob5OBRdUMaks9n5kWlOxqs6YF5xq A58O0LvPlDu3RConB7T6S9UL4A7HCbYJZ1ASuHtXZUr5o+cRbEa5S3JGgc6RxxN5 ViKg6MphstCVJzSkAee5DG1BfKkUjkyDq0dIpsKHA3c0M+lv/sP3edFUnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE8dTXJlPKpIQioSnLwpvzObuQxuMB8GA1UdIwQY MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5b1BrUf 1iXEAe3nXQRPN8379gurVe4oXaerggouGKNlZZNTdjHoK+g2LvxGCNqdiOYLVh0u L8v1vMy1gLoqajJx5u3kM3JAA+Fsvf0zcD3vtlvuDPapqm1xhOqVMkzFJDTcN/4w nXH6zMUWaevSNIWMTL3aMkqvrEiK9LXoUsZoJ3fIm6o2gQfemgmTvl6bSPcSq04R olmFKKtsaDFjRFY5YsIGp4tcVU1ahQ9/lWuWPWDym+Bx+F8SuA3yFdmxvaCOsU3X kO5sK4yy6dsRd2U7xmhD3iRNe/BiaFwfH64gIf6gFpr0zCI16sUB4XVgON9hDLq4 zGy6BNqofsi+PQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:31:12 2025 by rpki-client