This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft File: HqtOAMDZLLUBu7IjrPA54nCR204.mft (raw, json) Hash identifier: 0hNoBfXbVTQBbIbCcIbdYBKjDvF9sFElA0w8seKDLf4= Subject key identifier: 1D:02:F9:81:A0:CE:91:70:41:47:86:CE:2F:A9:E8:B7:A9:99:9A:99 Authority key identifier: 1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E Certificate issuer: /CN=1eab4e00c0d92cb501bbb223acf039e27091db4e Certificate serial: 019AABA6CE0A158471B2D25D47277892B2E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft Manifest number: 1608 Signing time: Sat 22 Nov 2025 13:00:26 +0000 Manifest this update: Sat 22 Nov 2025 13:00:26 +0000 Manifest next update: Sun 23 Nov 2025 13:00:26 +0000 Files and hashes: 1: HqtOAMDZLLUBu7IjrPA54nCR204.crl (hash: Ur8GenuOhxbXNgJxmIWVcFi10fhqxfAsiCE2nZYa0vQ=) 2: TRIkg-QwPxodaMNyhJudZJsULfg.roa (hash: ufMh2ZHdT1rvdo6TTuMqjAAVY8O4a0cCsUjxcMvHh8A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ab:a6:ce:0a:15:84:71:b2:d2:5d:47:27:78:92:b2:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1eab4e00c0d92cb501bbb223acf039e27091db4e Validity Not Before: Nov 22 13:00:26 2025 GMT Not After : Nov 23 13:00:26 2025 GMT Subject: CN=1d02f981a0ce9170414786ce2fa9e8b7a9999a99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:2c:8b:ea:97:19:5b:0a:0e:4b:f7:73:81:2e: a2:c7:5f:71:a6:ed:c9:a0:60:99:4c:dc:3d:3c:35: 00:00:ae:1e:65:59:c2:a8:6a:46:f0:38:f9:22:e0: 85:e5:0c:ee:00:85:27:76:f0:93:e2:a6:4f:06:4a: 22:13:8d:8a:c4:e6:23:32:86:ea:20:3c:10:8a:b1: f1:e5:1d:53:d4:ef:e1:b3:f1:20:cb:04:60:f5:f5: 1d:aa:0f:cc:b2:e7:5d:a0:bd:8a:84:a2:50:2f:fd: 42:c6:d9:f3:0f:60:c2:a7:f4:3c:13:45:2e:86:6c: 1b:83:08:2f:2a:29:63:2b:a4:a7:78:8a:91:3e:17: 1a:e9:44:3b:32:fe:db:05:05:3d:c7:a7:e4:a0:06: 10:cd:35:d9:43:98:38:88:91:ca:41:14:f7:8a:2d: b1:7f:a4:39:f8:a1:e8:68:bb:b4:56:6d:93:3d:5f: cd:ad:68:4d:1f:6c:88:d6:dc:23:78:24:f3:aa:64: 66:c4:f0:59:03:0b:fb:70:eb:ed:5f:65:fc:2f:29: f1:67:63:96:18:1f:8b:6b:d1:31:a6:2c:cb:69:68: 34:93:2f:e0:5a:6c:89:d8:07:17:df:9a:f9:be:a5: de:d2:e7:14:b4:ac:fe:9b:ca:bf:e4:c1:56:c6:c4: 59:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:02:F9:81:A0:CE:91:70:41:47:86:CE:2F:A9:E8:B7:A9:99:9A:99 X509v3 Authority Key Identifier: keyid:1E:AB:4E:00:C0:D9:2C:B5:01:BB:B2:23:AC:F0:39:E2:70:91:DB:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqtOAMDZLLUBu7IjrPA54nCR204.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a9a6ba-d748-40c7-8503-19ba84d84af0/1/HqtOAMDZLLUBu7IjrPA54nCR204.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:65:f8:0d:91:f2:48:cf:ee:0b:58:36:c2:af:7c:5b:f4:d1: 35:57:2e:2f:0a:40:27:43:39:37:52:25:6b:08:b8:fe:60:2a: 95:38:93:db:d8:51:61:f1:c0:14:4f:fd:40:b6:3f:4c:70:97: f6:1d:31:56:a2:1b:3e:9b:a1:8a:76:34:17:28:4f:73:2d:37: ee:df:6c:63:33:61:6e:d0:0f:38:e9:20:22:0a:93:e5:d8:73: 24:20:d7:52:a1:22:bf:3d:d6:70:11:ee:d3:ea:30:15:ee:55: 63:fc:4f:8e:c7:5a:b0:92:81:81:68:38:7d:8b:e3:4a:43:32: b7:ec:fc:f6:1a:78:44:2a:75:6f:a3:ac:71:02:c7:0a:dd:06: 0a:24:4c:62:58:8a:83:39:d5:fb:5b:e7:08:7e:60:be:38:bc: f6:10:a3:e4:ba:28:87:91:4b:c2:3d:60:1e:19:49:87:13:08: 62:a7:36:21:aa:22:ff:81:b3:44:cd:57:b2:06:c9:37:77:9d: 76:76:6d:3f:fa:d4:57:1e:bc:5e:9c:93:30:e3:e9:c6:f2:11: 39:d0:4e:71:64:f5:28:67:51:38:76:60:8a:e0:0e:7e:82:42: 83:67:28:63:d3:32:c2:7d:8f:7a:1d:d1:40:3d:84:b5:2f:88: 7f:0d:f9:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqrps4KFYRxstJdRyd4krLjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYWI0ZTAwYzBkOTJjYjUwMWJiYjIyM2FjZjAzOWUyNzA5 MWRiNGUwHhcNMjUxMTIyMTMwMDI2WhcNMjUxMTIzMTMwMDI2WjAzMTEwLwYDVQQD EygxZDAyZjk4MWEwY2U5MTcwNDE0Nzg2Y2UyZmE5ZThiN2E5OTk5YTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySyL6pcZWwoOS/dzgS6ix19xpu3J oGCZTNw9PDUAAK4eZVnCqGpG8Dj5IuCF5QzuAIUndvCT4qZPBkoiE42KxOYjMobq IDwQirHx5R1T1O/hs/EgywRg9fUdqg/MsuddoL2KhKJQL/1CxtnzD2DCp/Q8E0Uu hmwbgwgvKiljK6SneIqRPhca6UQ7Mv7bBQU9x6fkoAYQzTXZQ5g4iJHKQRT3ii2x f6Q5+KHoaLu0Vm2TPV/NrWhNH2yI1twjeCTzqmRmxPBZAwv7cOvtX2X8LynxZ2OW GB+La9ExpizLaWg0ky/gWmyJ2AcX35r5vqXe0ucUtKz+m8q/5MFWxsRZXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB0C+YGgzpFwQUeGzi+p6LepmZqZMB8GA1UdIwQY MBaAFB6rTgDA2Sy1AbuyI6zwOeJwkdtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMt MTliYTg0ZDg0YWYwLzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy9hOWE2YmEtZDc0OC00MGM3LTg1MDMtMTliYTg0ZDg0YWYw LzEvSHF0T0FNRFpMTFVCdTdJanJQQTU0bkNSMjA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIGX4DZHy SM/uC1g2wq98W/TRNVcuLwpAJ0M5N1Ilawi4/mAqlTiT29hRYfHAFE/9QLY/THCX 9h0xVqIbPpuhinY0FyhPcy037t9sYzNhbtAPOOkgIgqT5dhzJCDXUqEivz3WcBHu 0+owFe5VY/xPjsdasJKBgWg4fYvjSkMyt+z89hp4RCp1b6OscQLHCt0GCiRMYliK gznV+1vnCH5gvji89hCj5Looh5FLwj1gHhlJhxMIYqc2Iaoi/4GzRM1XsgbJN3ed dnZtP/rUVx68XpyTMOPpxvIROdBOcWT1KGdROHZgiuAOfoJCg2coY9Mywn2Peh3R QD2EtS+Ifw35bg== -----END CERTIFICATE-----Generated at Sat Nov 22 21:44:03 2025 by rpki-client