This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft File: hDGpmcvwQL00DSk12JlhtS8EpEU.mft (raw, json) Hash identifier: darVMzkaO2QpKzUYU6SA+FOEVKX5YkRcWe8rUwnIKTM= Subject key identifier: 3D:4C:F0:62:C7:1A:9C:C3:C0:92:0C:52:37:FB:53:8C:8D:BE:D0:FD Authority key identifier: 84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45 Certificate issuer: /CN=8431a999cbf040bd340d2935d89961b52f04a445 Certificate serial: 019B2174FB5E2E3767C3BA319D136AAAFD48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft Manifest number: 0AAC Signing time: Mon 15 Dec 2025 10:01:12 +0000 Manifest this update: Mon 15 Dec 2025 10:01:12 +0000 Manifest next update: Tue 16 Dec 2025 10:01:12 +0000 Files and hashes: 1: hDGpmcvwQL00DSk12JlhtS8EpEU.crl (hash: rPglLJySOqkQV+R+RRX29zDhxOOtSd0cEPdjZEQtGic=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:74:fb:5e:2e:37:67:c3:ba:31:9d:13:6a:aa:fd:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8431a999cbf040bd340d2935d89961b52f04a445 Validity Not Before: Dec 15 10:01:12 2025 GMT Not After : Dec 16 10:01:12 2025 GMT Subject: CN=3d4cf062c71a9cc3c0920c5237fb538c8dbed0fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:65:a8:06:82:2a:bd:4f:87:4d:54:df:92:cc: 7b:b8:89:ef:bc:69:73:0c:df:a3:40:80:37:9f:1e: 5e:30:f2:c1:5d:e0:1f:1a:b3:01:0a:07:0d:2e:5c: 4d:47:7d:bf:64:bd:70:33:cd:09:21:21:03:be:04: 1b:83:cd:12:77:23:83:74:ab:1d:ac:bc:ca:d5:c0: 08:d5:b3:5b:15:cb:ee:01:18:0f:d5:33:50:20:9b: 3e:e6:22:8f:9d:48:48:b6:e6:a1:b5:7a:89:87:09: f7:4e:b9:69:50:0a:3a:b2:71:aa:f6:40:09:f4:a2: 41:31:ca:14:b1:ed:50:3d:cf:b7:ba:d9:7a:ae:05: 7d:13:d6:0b:be:ad:4b:fe:cb:0b:b4:4a:cd:65:4c: 66:0d:44:bb:34:69:f1:46:37:be:40:71:2e:60:0c: 5c:ca:54:bc:a5:31:c9:55:d9:13:2e:66:5e:de:72: c9:5e:a0:36:46:28:a9:4b:60:4a:3b:30:d2:fe:b5: 0a:df:79:f9:7e:db:e9:1d:20:3e:ef:fd:0d:54:51: 1c:fd:32:bb:6f:0f:ad:1e:37:fc:6c:45:9d:06:0d: 04:5a:a1:b1:22:36:39:31:4c:65:c1:a0:92:ae:8e: 3f:ba:86:8c:28:86:33:20:f7:7b:15:35:e4:aa:0b: 43:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:4C:F0:62:C7:1A:9C:C3:C0:92:0C:52:37:FB:53:8C:8D:BE:D0:FD X509v3 Authority Key Identifier: keyid:84:31:A9:99:CB:F0:40:BD:34:0D:29:35:D8:99:61:B5:2F:04:A4:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDGpmcvwQL00DSk12JlhtS8EpEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6c2c7a-fc16-4911-83ff-13d9ba27e51f/1/hDGpmcvwQL00DSk12JlhtS8EpEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:7b:d1:87:9f:07:da:da:73:d7:b2:15:7d:6d:10:84:44:36: a3:49:19:22:ca:ad:f2:fc:3d:ab:1c:8c:7e:27:39:b8:7d:4f: 72:4d:27:82:60:41:44:98:49:70:b7:f3:49:af:b9:b8:d8:fb: 0f:14:d2:fa:97:04:da:1e:c0:87:b9:a0:86:1b:9e:44:0f:be: 5e:6a:29:41:eb:be:31:3c:1b:df:37:ab:c3:7c:0a:31:0e:18: 3c:7e:2b:2a:d5:65:d7:82:5e:27:a5:f4:e1:ad:28:05:ac:a7: 9e:85:0a:48:66:18:77:98:dc:6d:3f:6a:b9:02:0b:a1:ee:4d: 09:19:b9:ff:ea:d6:3f:69:bc:53:67:cd:28:5a:e6:f0:76:05: 4c:70:ad:2e:a8:fe:68:a8:44:fe:a8:10:ec:84:cb:89:22:ed: 13:96:e4:1f:37:f0:0c:59:25:79:40:e6:3b:db:31:f8:66:c6: 6b:e3:46:52:f7:f3:00:7c:f8:29:9d:64:80:f6:b1:b8:a5:fc: f9:24:00:2f:53:6d:cb:04:40:32:62:c5:dd:12:f4:c0:e1:36: 21:a9:cd:1c:34:d7:c8:78:33:7c:77:f4:8d:46:73:a5:80:f9: 80:d0:4b:73:15:f9:31:c0:94:5a:0c:1a:22:d9:67:ba:3f:4e: 3a:50:e9:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdPteLjdnw7oxnRNqqv1IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MzFhOTk5Y2JmMDQwYmQzNDBkMjkzNWQ4OTk2MWI1MmYw NGE0NDUwHhcNMjUxMjE1MTAwMTEyWhcNMjUxMjE2MTAwMTEyWjAzMTEwLwYDVQQD EygzZDRjZjA2MmM3MWE5Y2MzYzA5MjBjNTIzN2ZiNTM4YzhkYmVkMGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWWoBoIqvU+HTVTfksx7uInvvGlz DN+jQIA3nx5eMPLBXeAfGrMBCgcNLlxNR32/ZL1wM80JISEDvgQbg80SdyODdKsd rLzK1cAI1bNbFcvuARgP1TNQIJs+5iKPnUhItuahtXqJhwn3TrlpUAo6snGq9kAJ 9KJBMcoUse1QPc+3utl6rgV9E9YLvq1L/ssLtErNZUxmDUS7NGnxRje+QHEuYAxc ylS8pTHJVdkTLmZe3nLJXqA2RiipS2BKOzDS/rUK33n5ftvpHSA+7/0NVFEc/TK7 bw+tHjf8bEWdBg0EWqGxIjY5MUxlwaCSro4/uoaMKIYzIPd7FTXkqgtD+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1M8GLHGpzDwJIMUjf7U4yNvtD9MB8GA1UdIwQY MBaAFIQxqZnL8EC9NA0pNdiZYbUvBKRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYt MTNkOWJhMjdlNTFmLzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS82YzJjN2EtZmMxNi00OTExLTgzZmYtMTNkOWJhMjdlNTFm LzEvaERHcG1jdndRTDAwRFNrMTJKbGh0UzhFcEVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK3vRh58H 2tpz17IVfW0QhEQ2o0kZIsqt8vw9qxyMfic5uH1Pck0ngmBBRJhJcLfzSa+5uNj7 DxTS+pcE2h7Ah7mghhueRA++XmopQeu+MTwb3zerw3wKMQ4YPH4rKtVl14JeJ6X0 4a0oBaynnoUKSGYYd5jcbT9quQILoe5NCRm5/+rWP2m8U2fNKFrm8HYFTHCtLqj+ aKhE/qgQ7ITLiSLtE5bkHzfwDFkleUDmO9sx+GbGa+NGUvfzAHz4KZ1kgPaxuKX8 +SQAL1NtywRAMmLF3RL0wOE2IanNHDTXyHgzfHf0jUZzpYD5gNBLcxX5McCUWgwa Itlnuj9OOlDppA== -----END CERTIFICATE-----Generated at Mon Dec 15 13:18:28 2025 by rpki-client