This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft File: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft (raw, json) Hash identifier: 6prB/H44BK1f7EG0TRbSCxIVe5ksMmjrgtiWaoz6P/U= Subject key identifier: 83:EF:EA:9D:92:E4:B2:04:E0:F0:9F:4A:F2:61:FF:08:20:24:22:95 Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8 Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8 Certificate serial: 019B1FF4F41CE563AC8E141B64D716E45C74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft Manifest number: 0322 Signing time: Mon 15 Dec 2025 03:01:45 +0000 Manifest this update: Mon 15 Dec 2025 03:01:45 +0000 Manifest next update: Tue 16 Dec 2025 03:01:45 +0000 Files and hashes: 1: cllA8kNp-t480y7IfyyWuiklziY.roa (hash: 5bq8pPC98WVuN+UCw7i3OOCXOObrhETW5cCP805rEU4=) 2: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl (hash: RvzqmF4CFKzZtcEF3DItgraCB1JmxnorOSQCcg/kIZk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 03:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:f4:f4:1c:e5:63:ac:8e:14:1b:64:d7:16:e4:5c:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8 Validity Not Before: Dec 15 03:01:45 2025 GMT Not After : Dec 16 03:01:45 2025 GMT Subject: CN=83efea9d92e4b204e0f09f4af261ff0820242295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:5d:95:01:69:f3:9a:a7:56:d4:a6:a5:09:b4: a2:75:ab:88:3b:6b:a4:3f:d1:75:2c:47:8e:d7:7f: d4:2a:96:61:25:e3:1e:ae:4f:d7:55:8a:4e:d6:e2: 8a:0d:b6:f6:04:06:e8:07:65:7b:a1:bf:43:36:b5: 41:7c:1b:1e:a8:57:a4:f7:a5:c5:07:32:b6:6c:c9: 04:d2:5f:ee:18:98:35:e8:54:07:d1:bb:e9:80:de: b7:b3:e2:27:91:76:f3:bd:e8:a0:1b:5e:97:29:67: 45:1a:de:5f:5c:26:03:7e:62:fb:64:22:3d:bd:23: a1:cb:54:19:ad:21:0c:f2:d8:f6:6a:fa:26:d1:a2: 98:b3:92:ed:be:35:c3:de:69:64:54:f4:ce:4f:5b: 61:d5:97:e9:48:88:06:a8:59:3a:bc:61:b7:73:33: 90:48:d4:6a:cd:e6:73:a8:15:01:95:d3:7e:c3:ff: 1c:18:cd:3b:0d:59:5a:26:25:f7:b3:68:66:7a:33: 43:f1:fe:aa:b4:1e:57:17:85:32:83:d6:78:df:10: 06:ca:8d:4b:c9:3d:27:aa:ed:bd:1c:cc:02:e3:bb: bf:f2:3a:79:9d:f8:d3:03:3d:74:79:22:ef:29:e7: 1a:0c:5f:7c:76:f1:a9:56:c2:91:bf:9b:83:98:39: ca:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:EF:EA:9D:92:E4:B2:04:E0:F0:9F:4A:F2:61:FF:08:20:24:22:95 X509v3 Authority Key Identifier: keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:02:2a:34:4b:df:17:a4:19:dd:8c:e9:30:6e:b3:fa:fb:f2: 09:05:24:a6:aa:e9:b8:ee:59:66:7d:08:9b:1e:19:5e:4f:ab: 2a:00:8d:0e:ab:e2:d7:a7:3e:eb:dd:a9:e2:79:23:03:da:62: 38:8c:33:e2:fa:9e:7f:81:2f:84:aa:aa:b2:41:46:08:33:59: 22:c8:b2:4f:f1:41:72:ac:d9:a1:94:75:bb:a5:67:41:f6:81: d8:46:11:04:75:0d:7e:2e:5a:97:06:a2:c9:d2:9c:7e:2a:5e: 72:aa:cd:10:30:21:60:1b:5a:2b:57:4d:3b:69:80:91:d0:94: 32:65:5c:71:f1:95:39:cc:52:cf:58:45:1e:eb:57:54:bd:90: 77:a4:27:b2:27:a6:32:22:8b:87:bc:eb:58:16:82:6c:96:1a: fc:f3:53:e1:81:03:b4:b0:2e:39:c0:8d:78:90:00:84:d4:1a: fc:44:0e:2f:a5:81:06:b2:27:98:52:1d:9d:52:04:50:47:c4: 18:76:90:8c:ac:c8:64:92:70:fc:22:ce:1f:2a:33:19:d7:01: a1:36:3e:61:cb:54:53:4f:23:ae:1d:56:6c:1b:83:fa:88:9e: 36:75:a9:e9:02:32:96:4a:f8:dc:b9:31:72:33:0d:4a:bd:98: f4:7a:bf:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsf9PQc5WOsjhQbZNcW5Fx0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0 YTM3ZDgwHhcNMjUxMjE1MDMwMTQ1WhcNMjUxMjE2MDMwMTQ1WjAzMTEwLwYDVQQD Eyg4M2VmZWE5ZDkyZTRiMjA0ZTBmMDlmNGFmMjYxZmYwODIwMjQyMjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm12VAWnzmqdW1KalCbSidauIO2uk P9F1LEeO13/UKpZhJeMerk/XVYpO1uKKDbb2BAboB2V7ob9DNrVBfBseqFek96XF BzK2bMkE0l/uGJg16FQH0bvpgN63s+InkXbzveigG16XKWdFGt5fXCYDfmL7ZCI9 vSOhy1QZrSEM8tj2avom0aKYs5LtvjXD3mlkVPTOT1th1ZfpSIgGqFk6vGG3czOQ SNRqzeZzqBUBldN+w/8cGM07DVlaJiX3s2hmejND8f6qtB5XF4Uyg9Z43xAGyo1L yT0nqu29HMwC47u/8jp5nfjTAz10eSLvKecaDF98dvGpVsKRv5uDmDnKowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIPv6p2S5LIE4PCfSvJh/wggJCKVMB8GA1UdIwQY MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt ZWE4NGE1MWViM2RjLzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXwIqNEvf F6QZ3YzpMG6z+vvyCQUkpqrpuO5ZZn0Imx4ZXk+rKgCNDqvi16c+692p4nkjA9pi OIwz4vqef4EvhKqqskFGCDNZIsiyT/FBcqzZoZR1u6VnQfaB2EYRBHUNfi5alwai ydKcfipecqrNEDAhYBtaK1dNO2mAkdCUMmVccfGVOcxSz1hFHutXVL2Qd6Qnsiem MiKLh7zrWBaCbJYa/PNT4YEDtLAuOcCNeJAAhNQa/EQOL6WBBrInmFIdnVIEUEfE GHaQjKzIZJJw/CLOHyozGdcBoTY+YctUU08jrh1WbBuD+oieNnWp6QIylkr43Lkx cjMNSr2Y9Hq/kg== -----END CERTIFICATE-----Generated at Mon Dec 15 12:06:19 2025 by rpki-client