This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft File: Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft (raw, json) Hash identifier: IqTMV8Wyc4mdIv/kajWpNwRfYpZte0r7eavkk+I2pck= Subject key identifier: 71:23:98:5F:61:BB:5A:7C:67:A5:F0:21:07:D5:56:6E:F6:6B:EF:22 Authority key identifier: 1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B Certificate issuer: /CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b Certificate serial: 019AF6F96FD5E5BCB50A99549806569C637C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft Manifest number: 06B2 Signing time: Sun 07 Dec 2025 04:02:13 +0000 Manifest this update: Sun 07 Dec 2025 04:02:13 +0000 Manifest next update: Mon 08 Dec 2025 04:02:13 +0000 Files and hashes: 1: 1-i_f4gNCAnPwT26M-00faBCZ1ec.roa (hash: rf9DtMiWGOZOoz1U+iRouParfUgOp6ltk1lTfbvhGLM=) 2: Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl (hash: Fr+vThmMzw0doe7xG7lrpnP48kNenZQ1t5BBbqNdYro=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f9:6f:d5:e5:bc:b5:0a:99:54:98:06:56:9c:63:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1deb3faa8388549b55cb3f3abd4c6c15106cf53b Validity Not Before: Dec 7 04:02:13 2025 GMT Not After : Dec 8 04:02:13 2025 GMT Subject: CN=7123985f61bb5a7c67a5f02107d5566ef66bef22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:a7:18:37:9d:25:67:64:63:23:4f:82:fa:0e: 01:3d:29:9f:33:7b:1a:d7:95:40:ee:63:03:dc:5f: 02:6a:20:f3:43:90:fe:74:15:b0:9d:80:1a:7c:0a: c0:0a:ae:da:53:61:b1:8b:ce:90:c6:da:57:d8:f5: fb:7d:14:d5:b7:c8:24:b4:ac:5b:fa:52:66:3c:77: a1:05:53:3c:dc:a9:a7:52:d6:31:64:14:05:de:1b: 3b:f5:72:58:a1:42:52:9b:83:74:6a:be:17:a6:8d: 88:16:89:8f:a1:45:0c:9f:54:93:d8:5d:12:38:b2: ec:0c:97:7b:c6:54:b9:a9:61:94:44:d1:2f:f3:3a: 02:42:4d:1a:07:fb:fd:09:24:e8:0b:3c:c8:ee:28: 61:2f:92:c8:95:77:77:f8:b9:5a:96:ce:bb:bb:e5: 29:95:3c:bd:30:34:29:73:c9:58:eb:e8:48:81:e8: 1e:ed:65:e8:4b:43:04:f3:2b:c9:04:b5:ff:25:88: 30:f6:3e:e6:f5:3a:1c:54:0d:87:fb:e3:6f:c1:c5: 04:37:eb:93:4c:fb:c2:6c:66:93:a5:36:20:a8:19: 28:27:23:74:a3:5c:25:05:70:57:de:d6:d8:69:4d: 26:2f:62:4f:cb:c8:0b:3a:13:7a:f6:8d:33:2b:9f: 27:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:23:98:5F:61:BB:5A:7C:67:A5:F0:21:07:D5:56:6E:F6:6B:EF:22 X509v3 Authority Key Identifier: keyid:1D:EB:3F:AA:83:88:54:9B:55:CB:3F:3A:BD:4C:6C:15:10:6C:F5:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hes_qoOIVJtVyz86vUxsFRBs9Ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6c4131-365c-4c14-9e0b-502a957fdaf8/1/Hes_qoOIVJtVyz86vUxsFRBs9Ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:6c:08:c7:38:61:75:e9:d9:dc:18:25:e6:a3:dc:50:64:a3: 7e:95:9b:c8:c2:a5:a6:99:1a:8e:e6:4e:7f:d7:1a:57:a1:b3: a4:ad:ff:d0:9a:01:2e:a7:4c:15:e8:1e:d7:63:f7:6c:87:53: 02:03:ae:00:70:b8:64:1a:d1:24:73:42:c0:e2:e8:6c:52:29: 88:f6:33:c8:ac:c1:3e:16:03:cb:5f:33:00:9a:c2:d4:89:8f: b9:13:3f:70:a9:6d:87:f0:3d:d1:a2:6f:f2:b5:d6:76:ed:e4: ff:22:27:ba:ee:f5:3c:44:ae:3f:aa:d7:57:43:e4:d0:e9:a0: 0e:d6:22:3b:8d:46:2b:c9:6a:cf:19:0a:60:08:21:5d:2b:e8: be:7c:f1:b7:75:db:55:4a:db:ea:cc:d7:46:e9:d7:28:24:2a: cc:75:8b:0f:c9:da:4c:81:3a:7b:67:29:48:1d:52:32:33:14: 40:10:53:e8:e2:02:b7:5c:18:9b:f9:1a:4e:85:6e:ba:52:87: 44:a0:70:ae:0d:6a:08:0e:c3:2a:c4:67:2d:91:a8:d6:03:c7: ec:7a:e5:28:94:5c:e8:50:d5:ec:cd:6e:0f:d5:eb:ee:f3:e1: 8c:6c:1f:28:9e:80:69:1b:05:5a:ea:04:d6:23:71:37:6f:ce: 78:e2:88:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+W/V5by1CplUmAZWnGN8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZWIzZmFhODM4ODU0OWI1NWNiM2YzYWJkNGM2YzE1MTA2 Y2Y1M2IwHhcNMjUxMjA3MDQwMjEzWhcNMjUxMjA4MDQwMjEzWjAzMTEwLwYDVQQD Eyg3MTIzOTg1ZjYxYmI1YTdjNjdhNWYwMjEwN2Q1NTY2ZWY2NmJlZjIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqcYN50lZ2RjI0+C+g4BPSmfM3sa 15VA7mMD3F8CaiDzQ5D+dBWwnYAafArACq7aU2Gxi86QxtpX2PX7fRTVt8gktKxb +lJmPHehBVM83KmnUtYxZBQF3hs79XJYoUJSm4N0ar4Xpo2IFomPoUUMn1ST2F0S OLLsDJd7xlS5qWGURNEv8zoCQk0aB/v9CSToCzzI7ihhL5LIlXd3+Llals67u+Up lTy9MDQpc8lY6+hIgege7WXoS0ME8yvJBLX/JYgw9j7m9TocVA2H++NvwcUEN+uT TPvCbGaTpTYgqBkoJyN0o1wlBXBX3tbYaU0mL2JPy8gLOhN69o0zK58nVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHEjmF9hu1p8Z6XwIQfVVm72a+8iMB8GA1UdIwQY MBaAFB3rP6qDiFSbVcs/Or1MbBUQbPU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGIt NTAyYTk1N2ZkYWY4LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS82YzQxMzEtMzY1Yy00YzE0LTllMGItNTAyYTk1N2ZkYWY4 LzEvSGVzX3FvT0lWSnRWeXo4NnZVeHNGUkJzOVRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmwIxzhh denZ3Bgl5qPcUGSjfpWbyMKlppkajuZOf9caV6GzpK3/0JoBLqdMFege12P3bIdT AgOuAHC4ZBrRJHNCwOLobFIpiPYzyKzBPhYDy18zAJrC1ImPuRM/cKlth/A90aJv 8rXWdu3k/yInuu71PESuP6rXV0Pk0OmgDtYiO41GK8lqzxkKYAghXSvovnzxt3Xb VUrb6szXRunXKCQqzHWLD8naTIE6e2cpSB1SMjMUQBBT6OICt1wYm/kaToVuulKH RKBwrg1qCA7DKsRnLZGo1gPH7HrlKJRc6FDV7M1uD9Xr7vPhjGwfKJ6AaRsFWuoE 1iNxN2/OeOKIeQ== -----END CERTIFICATE-----Generated at Sun Dec 7 09:19:15 2025 by rpki-client