This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft File: hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft (raw, json) Hash identifier: 8Og1Rfu56MIGeEh07prKuBw1ZXENs+yQYC8Ra8nKU2s= Subject key identifier: 09:D9:B0:52:FA:D6:F8:73:A0:01:9C:6A:20:D1:54:AB:16:14:6D:20 Authority key identifier: 84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D Certificate issuer: /CN=84a3cf114be4fa4c4ff76b218fad50e51739160d Certificate serial: 019B4FCDE329C6C88385C5C2798610B71A83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft Manifest number: 116E Signing time: Wed 24 Dec 2025 10:00:51 +0000 Manifest this update: Wed 24 Dec 2025 10:00:51 +0000 Manifest next update: Thu 25 Dec 2025 10:00:51 +0000 Files and hashes: 1: hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl (hash: 39LfHNbywqR+nGZzGjaFjEGS62nyb910qtH0snH32Zs=) 2: sudojg6HDCizETctxsBEtvD9ceA.roa (hash: WBqfbYsjDjIGknBmCSsGnzqS8ek9/ghen0y1LOmx5Ns=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:cd:e3:29:c6:c8:83:85:c5:c2:79:86:10:b7:1a:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84a3cf114be4fa4c4ff76b218fad50e51739160d Validity Not Before: Dec 24 10:00:51 2025 GMT Not After : Dec 25 10:00:51 2025 GMT Subject: CN=09d9b052fad6f873a0019c6a20d154ab16146d20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:68:6f:ea:ff:28:1d:c8:05:3c:57:39:6a:74: 62:74:cc:07:49:c8:25:59:84:8b:34:f8:2a:df:2a: ca:91:5b:a4:28:40:3e:8f:a5:19:dd:bb:6b:4a:e5: 59:83:5c:1e:ba:c4:f8:4d:eb:91:f0:52:a0:f4:e4: bd:d9:11:d5:6a:96:54:0b:c6:cb:40:62:70:bc:77: b3:2d:c9:c6:53:f2:5e:73:9c:31:04:9b:6d:38:b7: 4b:25:24:2c:14:12:df:c4:54:31:d8:24:6c:c4:14: 63:cb:c6:b3:29:70:8c:a5:de:d7:68:a4:25:d6:af: da:2b:6b:cc:b6:53:31:24:3c:cc:77:fb:c2:20:1b: 92:c4:bd:13:59:02:b5:2b:7c:b6:f5:35:25:8b:1b: d3:45:b5:36:fe:fc:ff:16:0f:6e:d5:c6:9a:9d:7a: e2:b9:b4:c7:ac:05:88:fd:e0:44:40:a7:a8:1c:f0: 84:17:06:64:4a:76:f4:bc:9e:ea:0a:46:4a:b0:34: 80:e7:37:f8:e2:8f:40:7b:93:4e:02:12:85:af:0c: a3:99:6d:79:e0:9f:2e:77:2d:9e:34:ee:01:e8:df: 48:e3:63:cd:a0:4d:58:0a:19:b1:9b:f8:ec:25:1d: 97:da:55:e7:f5:d9:e7:6d:fd:cc:95:7e:3a:86:ea: 1c:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:D9:B0:52:FA:D6:F8:73:A0:01:9C:6A:20:D1:54:AB:16:14:6D:20 X509v3 Authority Key Identifier: keyid:84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:81:d1:e4:97:99:60:08:32:9c:e3:ab:d0:92:20:02:6a:7c: 81:f3:d1:53:97:93:56:19:25:65:67:05:f8:97:5c:cc:62:04: 51:b4:24:a5:6a:fd:2e:20:15:19:6c:df:f9:4a:a4:58:fe:77: 3f:59:8e:71:7e:c0:c4:0d:34:2b:ea:f0:ae:ee:b9:9b:77:d2: c2:4e:c8:a6:33:0c:68:1f:72:50:13:17:41:b8:b0:da:37:bc: 32:34:ff:8c:41:54:32:5d:0e:c5:a3:35:5e:50:cd:f5:31:22: 0f:8d:de:b9:94:6b:c4:39:df:7f:aa:af:02:8e:fc:de:63:f3: e0:11:23:73:92:00:6c:13:dc:06:68:17:c9:35:5f:13:a1:ab: bd:fa:44:03:cd:00:15:3f:3c:84:2f:4a:d1:07:4c:68:4a:80: af:56:52:02:d6:48:9d:37:9e:88:61:ef:dd:61:31:dd:89:0b: 1b:09:12:7a:55:9d:26:28:a6:31:fc:05:bd:c5:2c:04:97:31: 9c:14:6a:fa:8a:30:aa:af:93:96:81:5c:e4:9a:3d:8b:71:57: 9a:e2:53:4e:bc:1b:28:df:fe:a0:56:34:00:be:51:8a:e2:6d: c0:2d:03:e2:ad:d0:f0:2a:1e:5a:73:7d:64:93:54:41:ff:b4: 80:eb:58:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzeMpxsiDhcXCeYYQtxqDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YTNjZjExNGJlNGZhNGM0ZmY3NmIyMThmYWQ1MGU1MTcz OTE2MGQwHhcNMjUxMjI0MTAwMDUxWhcNMjUxMjI1MTAwMDUxWjAzMTEwLwYDVQQD EygwOWQ5YjA1MmZhZDZmODczYTAwMTljNmEyMGQxNTRhYjE2MTQ2ZDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWhv6v8oHcgFPFc5anRidMwHScgl WYSLNPgq3yrKkVukKEA+j6UZ3btrSuVZg1weusT4TeuR8FKg9OS92RHVapZUC8bL QGJwvHezLcnGU/Jec5wxBJttOLdLJSQsFBLfxFQx2CRsxBRjy8azKXCMpd7XaKQl 1q/aK2vMtlMxJDzMd/vCIBuSxL0TWQK1K3y29TUlixvTRbU2/vz/Fg9u1caanXri ubTHrAWI/eBEQKeoHPCEFwZkSnb0vJ7qCkZKsDSA5zf44o9Ae5NOAhKFrwyjmW15 4J8udy2eNO4B6N9I42PNoE1YChmxm/jsJR2X2lXn9dnnbf3MlX46huocRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAnZsFL61vhzoAGcaiDRVKsWFG0gMB8GA1UdIwQY MBaAFISjzxFL5PpMT/drIY+tUOUXORYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUt NTM5MzI5YmVkNDZlLzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MDVmNDYtN2Q0Yy00NmI4LWJhYTUtNTM5MzI5YmVkNDZl LzEvaEtQUEVVdmsta3hQOTJzaGo2MVE1UmM1RmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbIHR5JeZ YAgynOOr0JIgAmp8gfPRU5eTVhklZWcF+JdczGIEUbQkpWr9LiAVGWzf+UqkWP53 P1mOcX7AxA00K+rwru65m3fSwk7IpjMMaB9yUBMXQbiw2je8MjT/jEFUMl0OxaM1 XlDN9TEiD43euZRrxDnff6qvAo783mPz4BEjc5IAbBPcBmgXyTVfE6GrvfpEA80A FT88hC9K0QdMaEqAr1ZSAtZInTeeiGHv3WEx3YkLGwkSelWdJiimMfwFvcUsBJcx nBRq+oowqq+TloFc5Jo9i3FXmuJTTrwbKN/+oFY0AL5RiuJtwC0D4q3Q8CoeWnN9 ZJNUQf+0gOtY1w== -----END CERTIFICATE-----Generated at Wed Dec 24 15:16:23 2025 by rpki-client