This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft File: hhiHKrn6K6AssBpEzo64dkEoHBw.mft (raw, json) Hash identifier: 2ZDdqdXwsT+B8qk4heK+SEk+4iF/L9NPrLkT63Vds3I= Subject key identifier: 76:20:32:EC:28:DC:68:9C:DB:E1:F9:7E:C0:9C:98:3D:0D:25:24:45 Authority key identifier: 86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C Certificate issuer: /CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c Certificate serial: 019B488246B18494F946081AB0C3B53A2255 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft Manifest number: 072D Signing time: Tue 23 Dec 2025 00:00:55 +0000 Manifest this update: Tue 23 Dec 2025 00:00:55 +0000 Manifest next update: Wed 24 Dec 2025 00:00:55 +0000 Files and hashes: 1: hhiHKrn6K6AssBpEzo64dkEoHBw.crl (hash: rAgO4pFadS2XjIz+wZaFWkTIZUbdHXbH33Lj5nugiEg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:46:b1:84:94:f9:46:08:1a:b0:c3:b5:3a:22:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8618872ab9fa2ba02cb01a44ce8eb87641281c1c Validity Not Before: Dec 23 00:00:55 2025 GMT Not After : Dec 24 00:00:55 2025 GMT Subject: CN=762032ec28dc689cdbe1f97ec09c983d0d252445 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:c5:2e:70:49:3c:3e:bb:c2:0b:5d:20:d2:03: 31:4b:96:c8:98:63:a7:13:98:76:55:88:f1:f7:c0: a2:52:fe:5c:86:40:e7:f9:08:63:2c:91:b9:12:21: 2e:8d:35:53:cb:65:16:37:a4:d1:52:dc:98:1b:d3: 97:35:f2:8b:f2:be:b2:e9:87:bd:b1:cf:51:d0:2d: cf:04:e7:43:0b:d2:35:ab:32:8a:22:30:2b:b7:2e: 36:b2:2c:94:84:fa:7f:bc:12:cc:6b:9c:7b:02:70: 49:03:67:db:d0:20:bd:71:8a:01:0e:eb:7d:86:b1: 3d:64:01:12:bd:ea:55:2c:bf:93:44:42:b4:c9:3c: e7:a9:79:ea:e6:25:11:e7:42:bb:c6:7d:2b:3c:af: 53:ff:c5:8d:60:ab:b4:b1:0c:e5:68:60:99:55:be: c2:c4:96:cf:58:f0:68:d7:6a:19:1d:b0:67:4f:00: d3:65:16:f4:49:dc:e6:c5:33:5d:2b:c2:25:56:20: 14:0a:39:8c:dc:b0:81:ea:8a:69:8e:8b:40:a1:ad: e5:55:17:0c:5f:35:a4:5c:83:ab:db:36:ad:e7:99: a3:d9:a8:a0:29:63:47:3d:bd:42:6a:d5:d4:b7:be: f2:d5:8a:bb:b7:46:7f:98:3d:c4:5f:11:79:a3:83: 12:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:20:32:EC:28:DC:68:9C:DB:E1:F9:7E:C0:9C:98:3D:0D:25:24:45 X509v3 Authority Key Identifier: keyid:86:18:87:2A:B9:FA:2B:A0:2C:B0:1A:44:CE:8E:B8:76:41:28:1C:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhiHKrn6K6AssBpEzo64dkEoHBw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/829a87-22fa-4632-862c-bd69f526181b/1/hhiHKrn6K6AssBpEzo64dkEoHBw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:88:03:90:2d:b0:56:1d:2c:20:f1:23:c5:84:f4:5f:4a:d3: 15:ea:1a:54:cf:9f:68:5d:35:0e:c3:65:04:4f:87:85:ff:ba: 13:cf:b7:1c:e2:82:c6:cd:11:de:0f:5a:42:f2:cd:a3:f6:f3: 1a:90:b9:39:8b:14:ef:83:76:22:78:1c:3f:7b:20:6b:13:39: bd:b7:c1:ad:d4:80:ea:1a:4f:da:8c:52:43:0d:53:cc:5b:9d: 7e:93:81:44:72:70:6e:ca:67:ec:22:17:9c:52:86:ee:b4:f8: 91:85:01:60:7f:80:0b:78:24:36:31:3d:fd:99:ce:56:17:fa: 55:f3:6d:1f:02:1e:82:89:b3:b1:d6:43:80:9c:6c:a6:ba:e5: d8:e0:22:41:90:41:a8:30:83:3e:a5:3e:8c:85:26:4d:47:c7: 82:0d:9a:f0:42:05:7c:a9:4b:5f:6d:99:31:f5:f2:31:c0:9f: 4b:a6:92:68:92:13:5b:28:83:1c:ac:ae:1e:03:f1:b0:b9:0c: 74:c7:c2:21:56:67:6b:bf:67:11:14:b8:63:19:e2:91:f0:27: 21:24:8f:1a:cc:43:f6:4e:3a:e6:4e:bd:a4:87:d6:4d:d9:5c: 33:17:1a:73:3a:36:d9:d9:b2:ce:78:ea:a1:f5:1d:dc:3a:19: 20:97:bd:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgkaxhJT5RggasMO1OiJVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MTg4NzJhYjlmYTJiYTAyY2IwMWE0NGNlOGViODc2NDEy ODFjMWMwHhcNMjUxMjIzMDAwMDU1WhcNMjUxMjI0MDAwMDU1WjAzMTEwLwYDVQQD Eyg3NjIwMzJlYzI4ZGM2ODljZGJlMWY5N2VjMDljOTgzZDBkMjUyNDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMUucEk8PrvCC10g0gMxS5bImGOn E5h2VYjx98CiUv5chkDn+QhjLJG5EiEujTVTy2UWN6TRUtyYG9OXNfKL8r6y6Ye9 sc9R0C3PBOdDC9I1qzKKIjArty42siyUhPp/vBLMa5x7AnBJA2fb0CC9cYoBDut9 hrE9ZAESvepVLL+TREK0yTznqXnq5iUR50K7xn0rPK9T/8WNYKu0sQzlaGCZVb7C xJbPWPBo12oZHbBnTwDTZRb0SdzmxTNdK8IlViAUCjmM3LCB6oppjotAoa3lVRcM XzWkXIOr2zat55mj2aigKWNHPb1CatXUt77y1Yq7t0Z/mD3EXxF5o4MS8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHYgMuwo3Gic2+H5fsCcmD0NJSRFMB8GA1UdIwQY MBaAFIYYhyq5+iugLLAaRM6OuHZBKBwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMt YmQ2OWY1MjYxODFiLzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC84MjlhODctMjJmYS00NjMyLTg2MmMtYmQ2OWY1MjYxODFi LzEvaGhpSEtybjZLNkFzc0JwRXpvNjRka0VvSEJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO4gDkC2w Vh0sIPEjxYT0X0rTFeoaVM+faF01DsNlBE+Hhf+6E8+3HOKCxs0R3g9aQvLNo/bz GpC5OYsU74N2IngcP3sgaxM5vbfBrdSA6hpP2oxSQw1TzFudfpOBRHJwbspn7CIX nFKG7rT4kYUBYH+AC3gkNjE9/ZnOVhf6VfNtHwIegomzsdZDgJxsprrl2OAiQZBB qDCDPqU+jIUmTUfHgg2a8EIFfKlLX22ZMfXyMcCfS6aSaJITWyiDHKyuHgPxsLkM dMfCIVZna79nERS4YxnikfAnISSPGsxD9k465k69pIfWTdlcMxcaczo22dmyznjq ofUd3DoZIJe9Sg== -----END CERTIFICATE-----Generated at Tue Dec 23 05:52:18 2025 by rpki-client