This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft File: HH3TyBbYWWCARyBUNICV7SuFUeU.mft (raw, json) Hash identifier: 7XdF0B9b4TcBrzUXQUXsa3Qyfoh5isJNYO4UvJ7GBHo= Subject key identifier: 20:9A:9C:46:B8:3B:72:E6:95:4B:70:7B:F1:CE:1A:DA:DD:8C:3E:EE Authority key identifier: 1C:7D:D3:C8:16:D8:59:60:80:47:20:54:34:80:95:ED:2B:85:51:E5 Certificate issuer: /CN=1c7dd3c816d8596080472054348095ed2b8551e5 Certificate serial: 019B59AC8DFC54886BACC790DE9A01480391 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft Manifest number: 150A Signing time: Fri 26 Dec 2025 08:00:39 +0000 Manifest this update: Fri 26 Dec 2025 08:00:39 +0000 Manifest next update: Sat 27 Dec 2025 08:00:39 +0000 Files and hashes: 1: HH3TyBbYWWCARyBUNICV7SuFUeU.crl (hash: LXS2C/dyFo14epVPqR7rFHxP23WWJ8DePQUfj8+Ndc0=) 2: lUApR8rVpWyDLR1GadE8v1PzIFI.roa (hash: SjTc2RPVxxZZujKF5tyIKpHPh6Uad/TapUg1uEd/j6M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.crl rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:8d:fc:54:88:6b:ac:c7:90:de:9a:01:48:03:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c7dd3c816d8596080472054348095ed2b8551e5 Validity Not Before: Dec 26 08:00:39 2025 GMT Not After : Dec 27 08:00:39 2025 GMT Subject: CN=209a9c46b83b72e6954b707bf1ce1adadd8c3eee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:5f:fa:b7:70:ba:f4:24:dc:91:be:a0:42:ad: cd:eb:4c:ce:e6:45:c5:be:04:0c:1c:7d:80:59:ca: 88:9b:43:88:ea:bd:3c:92:74:76:86:a4:a5:e4:ca: b2:32:c9:b6:e2:a4:7e:3e:42:66:49:78:d2:fc:d5: ea:93:9e:b5:52:0f:b1:26:ec:0c:a3:62:d2:e6:82: db:3a:73:ef:73:db:14:95:f1:38:47:66:b4:07:2f: 23:e0:71:89:8e:bf:b5:33:58:8f:ec:d3:98:85:b9: bd:a4:64:54:13:48:73:f9:55:1d:8c:0f:02:21:c9: bb:9d:87:10:9f:72:4d:a8:b8:bc:61:06:a8:05:17: 37:83:a2:05:2f:ce:87:4e:91:42:6a:12:54:04:6d: 9a:71:9e:27:78:a1:05:9b:5f:84:1c:3a:b0:57:c8: 10:57:c9:53:e4:31:6c:10:ca:ec:40:74:99:3a:32: b9:48:38:93:4c:ba:fd:9f:c9:55:8a:ea:7f:b0:bd: 9a:ee:e4:a9:90:e3:77:ae:f2:65:82:86:b9:96:bf: af:bf:7f:fa:8e:8e:61:f8:ea:ea:f3:56:9a:1e:ce: f0:c8:7b:f4:68:61:48:a1:f5:a5:f9:83:65:6f:42: a0:1a:89:98:e3:a1:45:62:4d:b2:c5:c1:32:80:f4: 61:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:9A:9C:46:B8:3B:72:E6:95:4B:70:7B:F1:CE:1A:DA:DD:8C:3E:EE X509v3 Authority Key Identifier: keyid:1C:7D:D3:C8:16:D8:59:60:80:47:20:54:34:80:95:ED:2B:85:51:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HH3TyBbYWWCARyBUNICV7SuFUeU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/baab36-8886-4206-9e79-cc2cd7d31a26/1/HH3TyBbYWWCARyBUNICV7SuFUeU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:70:3e:95:d8:5f:0c:20:7a:91:bb:15:9a:02:70:47:72:51: ff:70:16:a5:ae:96:58:9a:ea:cd:69:bb:bc:5a:97:e2:94:c9: 2f:96:e9:48:8c:7c:15:37:93:17:d0:95:ca:14:1f:84:1c:39: ed:55:af:b8:d3:b6:b6:43:45:25:5a:20:d9:0d:a5:9b:b4:f9: 54:a2:bb:cb:f2:de:af:e2:2e:11:a1:4a:15:b9:6c:17:64:fe: 95:50:42:31:9b:eb:a5:2b:d5:1b:c3:e5:93:45:34:f7:92:2f: 87:cf:55:6f:26:81:e1:69:09:55:99:71:d0:25:35:25:ee:96: b2:e8:b1:9c:04:02:ee:ff:7d:b1:02:50:f9:6f:d3:e6:99:73: da:ae:98:b6:11:ed:5a:cb:a5:85:91:59:68:c0:3f:c6:c8:d0: 21:45:04:31:4a:d8:5c:0f:2d:49:fb:50:1a:56:53:9c:0b:cc: 80:ef:94:35:ab:62:b4:df:f1:2a:4c:d8:dd:04:71:52:f8:e7: 71:c1:06:26:61:20:fe:d4:91:ec:da:63:75:14:af:f8:92:30: 23:02:57:64:7c:49:a6:20:74:f0:71:61:69:ce:83:94:85:e6: 4e:28:b4:99:0d:c0:12:d5:5f:62:2c:f8:fc:24:73:83:0c:6e: 02:1b:d7:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrI38VIhrrMeQ3poBSAORMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjN2RkM2M4MTZkODU5NjA4MDQ3MjA1NDM0ODA5NWVkMmI4 NTUxZTUwHhcNMjUxMjI2MDgwMDM5WhcNMjUxMjI3MDgwMDM5WjAzMTEwLwYDVQQD EygyMDlhOWM0NmI4M2I3MmU2OTU0YjcwN2JmMWNlMWFkYWRkOGMzZWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1/6t3C69CTckb6gQq3N60zO5kXF vgQMHH2AWcqIm0OI6r08knR2hqSl5MqyMsm24qR+PkJmSXjS/NXqk561Ug+xJuwM o2LS5oLbOnPvc9sUlfE4R2a0By8j4HGJjr+1M1iP7NOYhbm9pGRUE0hz+VUdjA8C Icm7nYcQn3JNqLi8YQaoBRc3g6IFL86HTpFCahJUBG2acZ4neKEFm1+EHDqwV8gQ V8lT5DFsEMrsQHSZOjK5SDiTTLr9n8lViup/sL2a7uSpkON3rvJlgoa5lr+vv3/6 jo5h+Orq81aaHs7wyHv0aGFIofWl+YNlb0KgGomY46FFYk2yxcEygPRhqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCCanEa4O3LmlUtwe/HOGtrdjD7uMB8GA1UdIwQY MBaAFBx908gW2FlggEcgVDSAle0rhVHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYWFiMzYtODg4Ni00MjA2LTllNzkt Y2MyY2Q3ZDMxYTI2LzEvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9iYWFiMzYtODg4Ni00MjA2LTllNzktY2MyY2Q3ZDMxYTI2 LzEvSEgzVHlCYllXV0NBUnlCVU5JQ1Y3U3VGVWVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAXA+ldhf DCB6kbsVmgJwR3JR/3AWpa6WWJrqzWm7vFqX4pTJL5bpSIx8FTeTF9CVyhQfhBw5 7VWvuNO2tkNFJVog2Q2lm7T5VKK7y/Ler+IuEaFKFblsF2T+lVBCMZvrpSvVG8Pl k0U095Ivh89VbyaB4WkJVZlx0CU1Je6WsuixnAQC7v99sQJQ+W/T5plz2q6YthHt WsulhZFZaMA/xsjQIUUEMUrYXA8tSftQGlZTnAvMgO+UNatitN/xKkzY3QRxUvjn ccEGJmEg/tSR7NpjdRSv+JIwIwJXZHxJpiB08HFhac6DlIXmTii0mQ3AEtVfYiz4 /CRzgwxuAhvXVg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:09:05 2025 by rpki-client