This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft File: HnsuJD-KqVRZeTK83NmvZWDc5RY.mft (raw, json) Hash identifier: 9QLZGfOmGIq4keybAmbe20/dMKAxRBMsK9n9eXCJIKQ= Subject key identifier: 98:8A:B7:73:2A:A2:04:B3:71:EA:07:71:82:DE:D5:F6:26:52:04:06 Authority key identifier: 1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16 Certificate issuer: /CN=1e7b2e243f8aa954597932bcdcd9af6560dce516 Certificate serial: 019B0DB715CF19F74E73A11C5B2046C99B67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft Manifest number: 0C33 Signing time: Thu 11 Dec 2025 14:01:00 +0000 Manifest this update: Thu 11 Dec 2025 14:01:00 +0000 Manifest next update: Fri 12 Dec 2025 14:01:00 +0000 Files and hashes: 1: HnsuJD-KqVRZeTK83NmvZWDc5RY.crl (hash: 7JoWDVs/9D3uYg1GaxuMYv8KumFASs2T9IjWbH6fp6k=) 2: IGa7QfhbXaDsGCT9xJOI5gdu6yw.roa (hash: X0y8/lBS1BHPwzQ2lfqfjmgEWEXvXO2MftnVLJbE6FY=) 3: VwEoUNw-ez0MhDo9hKLki2sD7x8.roa (hash: hJNorU0BhP7KaHlsAZlKF465rhSAsAGROKIAje3NnsE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:b7:15:cf:19:f7:4e:73:a1:1c:5b:20:46:c9:9b:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e7b2e243f8aa954597932bcdcd9af6560dce516 Validity Not Before: Dec 11 14:01:00 2025 GMT Not After : Dec 12 14:01:00 2025 GMT Subject: CN=988ab7732aa204b371ea077182ded5f626520406 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a4:4e:4c:b5:fc:42:27:0d:06:36:b2:0e:c1: 91:4a:7b:91:49:c1:ff:d7:21:31:24:64:08:0d:c4: 58:64:b5:e5:25:3d:71:09:f8:67:36:df:df:a5:ac: 06:5b:bd:f9:4e:90:36:61:1a:5c:77:e9:9c:26:8f: d4:83:40:e8:7b:5f:66:ce:2b:40:16:ce:6a:d0:36: c0:25:2a:df:18:6b:61:6f:90:ee:da:ff:01:bc:64: 10:b9:a1:09:b4:cb:32:3a:c6:05:47:28:cb:68:3f: bb:0d:83:b0:c2:27:9d:bb:72:b3:3d:31:ff:e7:d7: d4:f7:99:60:8f:26:d6:f3:73:f5:77:2b:30:21:f4: 13:5d:d1:4b:72:94:4e:cb:0f:07:5d:f8:b9:d1:b8: 43:7f:2c:79:35:40:3c:95:65:87:5f:16:62:5b:5a: 0a:e4:a4:0c:df:54:9d:41:33:77:76:98:65:4b:be: d6:db:b9:a4:63:69:7e:af:54:70:7f:a2:74:54:db: 37:1d:00:9c:bd:b5:19:26:07:6a:7b:cf:e8:97:98: df:60:d0:f5:ee:ad:0d:c3:33:d0:e4:81:24:53:9d: c8:1e:39:7c:9d:13:87:75:3e:65:93:4a:55:05:a4: 69:ca:f0:ae:bb:7f:21:3a:09:56:7a:fc:e9:0c:ff: 2d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:8A:B7:73:2A:A2:04:B3:71:EA:07:71:82:DE:D5:F6:26:52:04:06 X509v3 Authority Key Identifier: keyid:1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:b0:04:66:31:1a:29:0a:79:36:72:8c:26:78:e0:5a:b9:8a: f5:cd:a8:cf:42:67:da:bc:a9:da:c1:b9:8d:f8:a0:11:cd:91: 71:31:5e:35:3a:cf:9a:72:86:05:42:df:62:e0:a0:88:f2:5a: d0:5c:f4:5d:b4:1e:70:34:24:5a:91:f3:08:45:3e:02:c8:e7: a8:53:b7:c3:21:46:4b:76:fa:67:7d:1b:06:4d:59:10:6e:7d: f5:9f:cb:ed:e0:53:ee:4d:e8:c3:4c:5f:79:c6:1f:30:22:6e: c7:7f:00:c6:f6:89:d6:95:42:92:67:bc:46:0b:d0:4d:94:14: ff:57:2d:9f:b5:7a:4e:89:04:a3:2c:77:d7:c0:a8:91:35:00: ac:ff:fa:d0:b4:09:ed:93:42:ab:4b:10:90:e5:e0:e9:05:fd: 1e:a8:f6:2f:d3:41:0d:71:3f:b9:b9:df:ba:c4:67:ca:5c:07: 61:d9:14:85:57:fa:e8:ed:78:6d:4f:35:f9:4f:21:7c:d4:aa: 50:33:1a:89:18:55:ef:13:5b:5b:5f:37:ce:3d:c4:41:d4:6c: 42:33:b0:18:eb:53:f8:c7:cf:a0:f9:aa:a0:41:ec:76:9b:67: 84:98:d9:19:00:2c:e6:c8:4b:2a:c7:4f:93:64:b6:6c:f3:02: 1e:99:1b:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNtxXPGfdOc6EcWyBGyZtnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlN2IyZTI0M2Y4YWE5NTQ1OTc5MzJiY2RjZDlhZjY1NjBk Y2U1MTYwHhcNMjUxMjExMTQwMTAwWhcNMjUxMjEyMTQwMTAwWjAzMTEwLwYDVQQD Eyg5ODhhYjc3MzJhYTIwNGIzNzFlYTA3NzE4MmRlZDVmNjI2NTIwNDA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqROTLX8QicNBjayDsGRSnuRScH/ 1yExJGQIDcRYZLXlJT1xCfhnNt/fpawGW735TpA2YRpcd+mcJo/Ug0Doe19mzitA Fs5q0DbAJSrfGGthb5Du2v8BvGQQuaEJtMsyOsYFRyjLaD+7DYOwwiedu3KzPTH/ 59fU95lgjybW83P1dyswIfQTXdFLcpROyw8HXfi50bhDfyx5NUA8lWWHXxZiW1oK 5KQM31SdQTN3dphlS77W27mkY2l+r1Rwf6J0VNs3HQCcvbUZJgdqe8/ol5jfYND1 7q0NwzPQ5IEkU53IHjl8nROHdT5lk0pVBaRpyvCuu38hOglWevzpDP8tiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJiKt3MqogSzceoHcYLe1fYmUgQGMB8GA1UdIwQY MBaAFB57LiQ/iqlUWXkyvNzZr2Vg3OUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMt ZDU0OTU1NjQzY2Q5LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMtZDU0OTU1NjQzY2Q5 LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLAEZjEa KQp5NnKMJnjgWrmK9c2oz0Jn2ryp2sG5jfigEc2RcTFeNTrPmnKGBULfYuCgiPJa 0Fz0XbQecDQkWpHzCEU+AsjnqFO3wyFGS3b6Z30bBk1ZEG599Z/L7eBT7k3ow0xf ecYfMCJux38AxvaJ1pVCkme8RgvQTZQU/1ctn7V6TokEoyx318CokTUArP/60LQJ 7ZNCq0sQkOXg6QX9Hqj2L9NBDXE/ubnfusRnylwHYdkUhVf66O14bU81+U8hfNSq UDMaiRhV7xNbW183zj3EQdRsQjOwGOtT+MfPoPmqoEHsdptnhJjZGQAs5shLKsdP k2S2bPMCHpkbyg== -----END CERTIFICATE-----Generated at Thu Dec 11 19:33:33 2025 by rpki-client