This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft File: hD0a_PE70hF9R99oPkCmMocATP4.mft (raw, json) Hash identifier: bI6Hxppf7E3vHx5lmulTeJdoN8yRbyPU34ARFZ+yUF0= Subject key identifier: 3A:8F:43:A7:B7:4A:EF:39:0A:FC:6F:F5:62:2B:D8:30:A2:9C:0E:66 Authority key identifier: 84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE Certificate issuer: /CN=843d1afcf13bd2117d47df683e40a63287004cfe Certificate serial: 019B0E5B9F2D2A9E17607EF8FC4D55DB4637 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft Manifest number: 1419 Signing time: Thu 11 Dec 2025 17:00:44 +0000 Manifest this update: Thu 11 Dec 2025 17:00:44 +0000 Manifest next update: Fri 12 Dec 2025 17:00:44 +0000 Files and hashes: 1: D3bRMlTDClBFr3S51rSxiY9VG9A.roa (hash: aR3n5btl/hz9D4qsdHX0kbRtCNTOPvoaLGVTTlP76Qo=) 2: ZxguzW17xFrUP53FIAJUfjkeqvQ.roa (hash: Sn/df7xibUqHylpF6Ngt+9h48Sxd84uF3fpZ9SuTgf8=) 3: hD0a_PE70hF9R99oPkCmMocATP4.crl (hash: p4QtAojUkfoVxGYeS9G3xud0hnnke7GWMpvazhq2n6o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 17:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:5b:9f:2d:2a:9e:17:60:7e:f8:fc:4d:55:db:46:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843d1afcf13bd2117d47df683e40a63287004cfe Validity Not Before: Dec 11 17:00:44 2025 GMT Not After : Dec 12 17:00:44 2025 GMT Subject: CN=3a8f43a7b74aef390afc6ff5622bd830a29c0e66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:a7:ed:51:e5:38:93:0e:04:d5:f3:2a:39:6a: fb:0b:1d:3f:7d:57:de:7a:e0:bc:c7:52:1c:b6:3e: 20:36:f6:e9:ee:b4:48:73:1c:b3:c8:4b:a3:04:90: 5c:c2:f3:1b:85:f0:5c:a9:94:4c:4c:94:e0:42:4b: 3a:f0:e1:71:11:d5:2e:ab:22:ae:c2:cf:19:9e:de: 31:e7:98:99:9b:94:fb:eb:09:96:d9:f6:89:9c:fc: 2c:18:95:af:b7:a8:c6:95:1d:8b:76:f2:c1:dc:2b: ea:13:6c:6b:56:85:85:91:cb:b2:c8:33:ad:7c:02: e8:70:c0:01:60:ea:07:fc:57:f1:b2:9c:15:f7:69: 0e:0d:f2:c8:de:69:bb:5a:7c:41:ce:a3:e6:43:f5: a0:6b:ea:f2:bd:33:55:69:10:f9:0a:5a:a0:8d:b9: 00:b4:da:29:ac:6f:8f:86:c5:22:a3:c2:2a:f8:55: 26:cc:cb:c1:e1:e0:fd:b1:04:92:9a:d8:f5:b8:ae: 38:cf:a6:74:e5:af:29:45:bb:61:d8:58:da:5c:cc: 8a:cc:a6:27:93:20:1c:ed:8c:c8:ab:39:fb:76:d3: d6:b5:32:21:34:31:01:6d:b4:a9:dd:7f:a1:7c:e7: 3f:cc:52:0b:b2:61:a9:95:69:74:36:4b:d7:95:6e: 5c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:8F:43:A7:B7:4A:EF:39:0A:FC:6F:F5:62:2B:D8:30:A2:9C:0E:66 X509v3 Authority Key Identifier: keyid:84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:b1:28:ea:e4:d6:1e:f3:bf:b5:4f:f3:c7:c4:a7:2c:f1:35: 16:c1:3f:d0:5a:84:72:48:a2:c4:24:d2:fc:13:e9:93:32:05: 98:5a:34:a2:4e:5d:93:2b:9c:24:cd:5c:a8:ef:f1:9b:ca:fb: 13:a5:5d:35:ce:0e:0f:4d:a3:ea:c4:c1:f4:22:95:6d:3f:84: e6:73:ec:1b:23:f7:5e:2c:36:3e:2d:f7:1d:d5:49:80:44:be: 10:85:cd:8f:a6:b7:67:ed:a4:9d:c0:f6:86:9a:5e:52:47:9f: 56:e7:62:f4:71:e8:43:71:27:14:f6:01:b1:b0:19:67:ad:61: a9:7d:75:0e:3e:3a:96:6e:34:3c:76:e6:d3:73:b6:27:c9:62: 29:c1:0b:f4:f4:f0:0b:96:af:c3:a3:c1:de:dd:47:e2:08:0c: d1:c8:c5:7d:9d:b6:06:f9:dd:f7:15:5c:af:47:26:90:52:18: 25:d1:8d:41:35:ab:dc:02:d9:f6:86:af:5d:a3:65:33:cb:cf: 3b:00:72:d8:a3:a4:2d:92:6a:af:bd:b4:d5:56:3e:40:fc:8a: ff:79:c5:1d:80:63:2b:4d:24:4b:a7:09:3f:78:6b:d3:e9:e9: cd:3d:75:71:8e:fc:61:9a:51:b9:3d:77:81:01:f2:9d:7c:ec: 32:90:95:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOW58tKp4XYH74/E1V20Y3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0M2QxYWZjZjEzYmQyMTE3ZDQ3ZGY2ODNlNDBhNjMyODcw MDRjZmUwHhcNMjUxMjExMTcwMDQ0WhcNMjUxMjEyMTcwMDQ0WjAzMTEwLwYDVQQD EygzYThmNDNhN2I3NGFlZjM5MGFmYzZmZjU2MjJiZDgzMGEyOWMwZTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6ftUeU4kw4E1fMqOWr7Cx0/fVfe euC8x1Ictj4gNvbp7rRIcxyzyEujBJBcwvMbhfBcqZRMTJTgQks68OFxEdUuqyKu ws8Znt4x55iZm5T76wmW2faJnPwsGJWvt6jGlR2LdvLB3CvqE2xrVoWFkcuyyDOt fALocMABYOoH/FfxspwV92kODfLI3mm7WnxBzqPmQ/Wga+ryvTNVaRD5ClqgjbkA tNoprG+PhsUio8Iq+FUmzMvB4eD9sQSSmtj1uK44z6Z05a8pRbth2FjaXMyKzKYn kyAc7YzIqzn7dtPWtTIhNDEBbbSp3X+hfOc/zFILsmGplWl0NkvXlW5c/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDqPQ6e3Su85Cvxv9WIr2DCinA5mMB8GA1UdIwQY MBaAFIQ9GvzxO9IRfUffaD5ApjKHAEz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEt YjFmM2JjYzY3YWFlLzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEtYjFmM2JjYzY3YWFl LzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe7Eo6uTW HvO/tU/zx8SnLPE1FsE/0FqEckiixCTS/BPpkzIFmFo0ok5dkyucJM1cqO/xm8r7 E6VdNc4OD02j6sTB9CKVbT+E5nPsGyP3Xiw2Pi33HdVJgES+EIXNj6a3Z+2kncD2 hppeUkefVudi9HHoQ3EnFPYBsbAZZ61hqX11Dj46lm40PHbm03O2J8liKcEL9PTw C5avw6PB3t1H4ggM0cjFfZ22Bvnd9xVcr0cmkFIYJdGNQTWr3ALZ9oavXaNlM8vP OwBy2KOkLZJqr7201VY+QPyK/3nFHYBjK00kS6cJP3hr0+npzT11cY78YZpRuT13 gQHynXzsMpCV8w== -----END CERTIFICATE-----Generated at Fri Dec 12 02:22:32 2025 by rpki-client