This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json) Hash identifier: GU4pe0m90MFWbiRbztBdONZnLEmHjvr9GugTrpuxMSs= Subject key identifier: 79:08:63:5B:DF:51:6D:E0:B1:B2:DB:AA:78:53:AD:D3:D6:88:A1:95 Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e Certificate serial: 019B6241DE51C90B1B94A62B9DDF96FE2CA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft Manifest number: 1430 Signing time: Sun 28 Dec 2025 00:00:42 +0000 Manifest this update: Sun 28 Dec 2025 00:00:42 +0000 Manifest next update: Mon 29 Dec 2025 00:00:42 +0000 Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=) 2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: 9a3jhCv7UX70pg91aVogd6OFV17KSAdGj/PgV4s9Tz8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:62:41:de:51:c9:0b:1b:94:a6:2b:9d:df:96:fe:2c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e Validity Not Before: Dec 28 00:00:42 2025 GMT Not After : Dec 29 00:00:42 2025 GMT Subject: CN=7908635bdf516de0b1b2dbaa7853add3d688a195 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9a:ee:2b:c4:1d:bb:a8:9d:b4:4d:0d:58:ad: 61:60:19:ef:fc:5a:a4:83:42:17:23:8f:e4:49:70: 02:22:db:41:83:e2:02:1d:5a:d7:7f:5e:01:bd:e2: 48:3a:99:8a:01:68:15:04:20:aa:01:1c:b4:ef:0c: 68:b7:27:9a:aa:41:21:80:d2:73:55:77:e2:43:cf: f9:39:f2:4f:2b:ee:77:8a:d9:22:e8:fe:28:28:f2: 05:31:24:ec:3a:18:d7:3c:b5:6b:4b:3b:cc:73:99: 86:92:c4:3f:94:62:aa:2d:33:bd:45:b1:ee:6a:7d: 35:41:e2:8e:76:d8:d5:c7:3b:e5:7e:d8:54:ec:76: d0:f4:de:7b:a0:85:55:83:e1:86:dc:d3:68:74:22: bb:f6:34:23:97:98:34:59:b2:57:ff:65:2f:4a:f0: a9:d9:9b:3b:dc:83:73:ca:4b:88:84:4e:4f:72:cd: 37:c5:a7:cc:e4:11:1b:e6:ce:0e:25:07:a2:94:da: bd:3e:9e:c4:5e:25:76:35:2a:d4:5b:da:bd:42:ab: 0a:5a:7a:08:49:f1:f4:5e:1a:82:a1:1e:b4:1a:21: a8:92:73:f1:6c:08:58:5f:6b:0b:04:45:d7:42:89: f6:1b:27:84:3f:01:4c:c9:f5:a8:f6:b1:91:df:68: f2:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:08:63:5B:DF:51:6D:E0:B1:B2:DB:AA:78:53:AD:D3:D6:88:A1:95 X509v3 Authority Key Identifier: keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:97:bf:85:09:ab:3c:a5:c5:f8:fc:3a:ff:ca:e0:d5:d7:e9: 14:d9:93:8a:e7:3c:42:9f:54:a5:31:f8:db:74:13:f5:63:93: e1:51:38:21:68:21:27:d7:23:1f:a7:f7:01:d3:24:fe:b8:43: f0:96:8d:4f:50:c4:9d:b8:09:fb:af:b7:94:eb:79:c2:e6:1c: ea:bc:ce:3d:e1:e4:7b:4b:e2:18:3a:fe:4e:4b:55:8c:1d:80: c7:56:34:10:d9:d2:ec:bd:49:cf:95:9e:62:05:67:64:05:29: 5d:00:b1:df:92:e5:71:46:9a:02:d1:ba:c6:1e:09:c2:20:19: c8:00:6b:6f:80:10:d0:06:a4:c3:a3:20:3f:4d:3e:5c:13:67: 45:45:1d:2a:7c:84:c9:7f:6a:b6:78:d3:c5:f8:be:21:23:01: 58:6e:26:f6:5e:67:19:d8:cf:18:80:93:78:10:6b:79:16:a4: 21:7b:6d:2c:d7:96:bd:a1:49:b2:b8:b6:2a:42:2c:69:b9:65: 23:73:dd:8d:78:15:fd:8e:93:ee:36:3a:7a:d8:d5:d1:22:30: fd:e5:f4:77:59:38:cf:4b:32:cf:cd:60:7e:ed:c4:e3:b5:1e: d9:90:05:a9:45:52:68:aa:09:a7:42:b9:b9:47:e6:34:95:86: d4:88:58:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtiQd5RyQsblKYrnd+W/iyhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm ZTliNGUwHhcNMjUxMjI4MDAwMDQyWhcNMjUxMjI5MDAwMDQyWjAzMTEwLwYDVQQD Eyg3OTA4NjM1YmRmNTE2ZGUwYjFiMmRiYWE3ODUzYWRkM2Q2ODhhMTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ruK8Qdu6idtE0NWK1hYBnv/Fqk g0IXI4/kSXACIttBg+ICHVrXf14BveJIOpmKAWgVBCCqARy07wxotyeaqkEhgNJz VXfiQ8/5OfJPK+53itki6P4oKPIFMSTsOhjXPLVrSzvMc5mGksQ/lGKqLTO9RbHu an01QeKOdtjVxzvlfthU7HbQ9N57oIVVg+GG3NNodCK79jQjl5g0WbJX/2UvSvCp 2Zs73INzykuIhE5Pcs03xafM5BEb5s4OJQeilNq9Pp7EXiV2NSrUW9q9QqsKWnoI SfH0XhqCoR60GiGoknPxbAhYX2sLBEXXQon2GyeEPwFMyfWo9rGR32jydwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHkIY1vfUW3gsbLbqnhTrdPWiKGVMB8GA1UdIwQY MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1 LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZe/hQmr PKXF+Pw6/8rg1dfpFNmTiuc8Qp9UpTH423QT9WOT4VE4IWghJ9cjH6f3AdMk/rhD 8JaNT1DEnbgJ+6+3lOt5wuYc6rzOPeHke0viGDr+TktVjB2Ax1Y0ENnS7L1Jz5We YgVnZAUpXQCx35LlcUaaAtG6xh4JwiAZyABrb4AQ0Aakw6MgP00+XBNnRUUdKnyE yX9qtnjTxfi+ISMBWG4m9l5nGdjPGICTeBBreRakIXttLNeWvaFJsri2KkIsabll I3PdjXgV/Y6T7jY6etjV0SIw/eX0d1k4z0syz81gfu3E47Ue2ZAFqUVSaKoJp0K5 uUfmNJWG1IhY6g== -----END CERTIFICATE-----Generated at Sun Dec 28 06:38:28 2025 by rpki-client