This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft File: hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft (raw, json) Hash identifier: ZS6L2oZcRbRxLmXyNV67Sb1CV5Vsyk4gabUtRyFcgaM= Subject key identifier: 48:F7:EC:79:7C:3A:04:DB:C8:F1:B1:91:DE:AE:A0:D4:63:F8:F1:65 Authority key identifier: 84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D Certificate issuer: /CN=84a3cf114be4fa4c4ff76b218fad50e51739160d Certificate serial: 019B6AD6F1B86A61DF1E608EA28B65FB2BF9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft Manifest number: 117C Signing time: Mon 29 Dec 2025 16:00:29 +0000 Manifest this update: Mon 29 Dec 2025 16:00:29 +0000 Manifest next update: Tue 30 Dec 2025 16:00:29 +0000 Files and hashes: 1: hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl (hash: NbCeHbEDEGS9DbXfL/QjZiJBXB8TuK5djXvGsZtaBrI=) 2: sudojg6HDCizETctxsBEtvD9ceA.roa (hash: WBqfbYsjDjIGknBmCSsGnzqS8ek9/ghen0y1LOmx5Ns=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d6:f1:b8:6a:61:df:1e:60:8e:a2:8b:65:fb:2b:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84a3cf114be4fa4c4ff76b218fad50e51739160d Validity Not Before: Dec 29 16:00:29 2025 GMT Not After : Dec 30 16:00:29 2025 GMT Subject: CN=48f7ec797c3a04dbc8f1b191deaea0d463f8f165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:62:ff:92:f8:9f:0f:93:96:63:bb:b5:ac:91: 2c:b3:28:61:5f:36:c3:d1:cd:1e:cf:a1:d6:ce:e3: 0f:48:11:f0:9a:bc:6b:c1:d4:18:66:7f:ce:df:31: cc:23:0c:5e:6d:b7:43:85:a2:7b:4f:4b:31:fb:50: 88:26:df:17:d1:71:d6:74:49:03:ff:79:da:d0:86: 04:59:30:42:6f:b7:30:d8:93:64:f8:f1:c8:5a:de: a0:c1:45:0b:2f:ab:6b:36:68:06:78:64:18:70:88: e5:a8:4b:84:5d:58:6e:64:90:aa:fc:67:49:58:4f: ce:ca:d9:03:b7:79:12:fd:b7:1d:1e:73:39:5a:92: 02:d1:a8:34:2b:7f:7c:4e:fd:8e:63:3d:8a:33:d3: 6f:6f:05:f0:9f:1a:8b:f4:29:62:2d:e5:b8:6d:a7: 59:87:f9:aa:00:42:16:8f:d9:89:12:6a:4c:ef:90: 09:e7:79:9a:6a:e1:73:7d:d6:b6:90:86:f2:a2:fb: c5:6c:f4:15:0b:68:a4:9d:fc:2e:93:bd:f2:9b:45: e9:b9:d9:dd:c4:f3:ba:ef:ee:ae:21:d9:f5:64:92: 2f:bd:dc:d4:f6:a6:7e:9b:c1:f7:27:13:72:80:e0: 42:cd:b8:b5:58:d1:d9:8b:91:36:8e:b5:0b:fb:13: 9e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:F7:EC:79:7C:3A:04:DB:C8:F1:B1:91:DE:AE:A0:D4:63:F8:F1:65 X509v3 Authority Key Identifier: keyid:84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:f0:d3:37:08:0f:6c:10:5f:f1:5b:db:6d:0c:ee:da:07:13: 02:33:97:f4:9c:96:7b:62:93:36:d5:a3:27:fb:f7:c8:15:f8: 51:e7:a4:b1:f8:fd:53:d9:b4:71:4b:64:65:c6:02:20:93:dd: 4f:aa:a3:5e:51:0e:04:e4:42:b6:4d:d3:f7:63:ca:c9:ec:36: cb:98:00:30:4b:99:9a:2d:03:1b:c3:cf:44:fa:2d:30:0f:d7: b9:9c:6c:5b:4a:24:b7:d1:88:96:3f:f0:5b:10:c0:b5:3b:c6: ed:f2:5f:55:d9:5c:4a:c0:88:7f:43:18:f6:ca:41:39:87:0c: 0d:2f:3a:67:13:4f:83:4e:98:cc:bf:05:1c:32:9f:f9:2b:e5: 03:05:69:09:be:03:9b:64:79:ad:8c:cb:fc:51:37:1d:56:1b: ec:cc:df:d7:38:a1:ba:07:0d:d9:70:a6:cb:04:be:13:8b:17: 5d:4e:b8:08:61:c4:73:97:7c:9a:2f:8b:f5:35:e1:18:e4:76: 27:4e:d5:cf:1d:ee:9a:3c:05:e4:ec:cb:15:ba:aa:27:2b:a7: 8c:74:dc:e3:34:53:f2:72:a9:06:3c:e1:83:26:2f:5c:25:46: 47:fc:a1:d3:98:aa:a3:df:ee:14:9b:5f:7b:f0:96:4b:bc:bd: c8:14:12:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq1vG4amHfHmCOootl+yv5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YTNjZjExNGJlNGZhNGM0ZmY3NmIyMThmYWQ1MGU1MTcz OTE2MGQwHhcNMjUxMjI5MTYwMDI5WhcNMjUxMjMwMTYwMDI5WjAzMTEwLwYDVQQD Eyg0OGY3ZWM3OTdjM2EwNGRiYzhmMWIxOTFkZWFlYTBkNDYzZjhmMTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2L/kvifD5OWY7u1rJEssyhhXzbD 0c0ez6HWzuMPSBHwmrxrwdQYZn/O3zHMIwxebbdDhaJ7T0sx+1CIJt8X0XHWdEkD /3na0IYEWTBCb7cw2JNk+PHIWt6gwUULL6trNmgGeGQYcIjlqEuEXVhuZJCq/GdJ WE/OytkDt3kS/bcdHnM5WpIC0ag0K398Tv2OYz2KM9NvbwXwnxqL9CliLeW4badZ h/mqAEIWj9mJEmpM75AJ53maauFzfda2kIbyovvFbPQVC2iknfwuk73ym0Xpudnd xPO67+6uIdn1ZJIvvdzU9qZ+m8H3JxNygOBCzbi1WNHZi5E2jrUL+xOe7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEj37Hl8OgTbyPGxkd6uoNRj+PFlMB8GA1UdIwQY MBaAFISjzxFL5PpMT/drIY+tUOUXORYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUt NTM5MzI5YmVkNDZlLzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUtNTM5MzI5YmVkNDZl LzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifDTNwgP bBBf8VvbbQzu2gcTAjOX9JyWe2KTNtWjJ/v3yBX4Ueeksfj9U9m0cUtkZcYCIJPd T6qjXlEOBORCtk3T92PKyew2y5gAMEuZmi0DG8PPRPotMA/XuZxsW0okt9GIlj/w WxDAtTvG7fJfVdlcSsCIf0MY9spBOYcMDS86ZxNPg06YzL8FHDKf+SvlAwVpCb4D m2R5rYzL/FE3HVYb7Mzf1zihugcN2XCmywS+E4sXXU64CGHEc5d8mi+L9TXhGOR2 J07Vzx3umjwF5OzLFbqqJyunjHTc4zRT8nKpBjzhgyYvXCVGR/yh05iqo9/uFJtf e/CWS7y9yBQSMA== -----END CERTIFICATE-----Generated at Mon Dec 29 22:41:47 2025 by rpki-client