This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft File: HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json) Hash identifier: M3J6pYcEWtMpFSGT7JVJUZHWlP6T6iV+RwqN354hc98= Subject key identifier: 3D:BD:BD:E5:11:35:46:CC:4F:EA:75:28:72:F6:5F:00:F6:AC:58:F8 Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60 Certificate issuer: /CN=1c1618e04372d9b27f417d229f82614027bc3c60 Certificate serial: 019B36B412ABF3EA252B28A63EA5AD348036 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft Manifest number: 0AE1 Signing time: Fri 19 Dec 2025 13:02:09 +0000 Manifest this update: Fri 19 Dec 2025 13:02:09 +0000 Manifest next update: Sat 20 Dec 2025 13:02:09 +0000 Files and hashes: 1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: YpQZUkrp5Mvy5hehzNorXzKXZ11qaE47FcnXejxZuyI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:b4:12:ab:f3:ea:25:2b:28:a6:3e:a5:ad:34:80:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60 Validity Not Before: Dec 19 13:02:09 2025 GMT Not After : Dec 20 13:02:09 2025 GMT Subject: CN=3dbdbde5113546cc4fea752872f65f00f6ac58f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:30:6e:2c:3b:37:93:ba:64:6b:2f:ed:9a:7e: 9e:73:4f:f7:80:5d:48:58:8a:c6:26:35:4d:6a:3d: 1f:35:8d:3b:71:15:2b:a1:19:dd:bb:ff:c2:a3:b5: 87:a7:e8:2a:55:53:a9:38:24:67:52:17:65:90:44: 48:07:e1:9e:7b:ca:87:f3:02:d2:b3:7c:f2:09:fc: 73:be:ea:56:ef:69:b9:fc:3e:76:d1:5c:85:97:73: 5d:b7:50:a0:df:ad:93:1c:ee:69:06:10:1a:4e:65: 12:62:a7:d9:72:ce:3a:97:88:55:25:0b:fd:ef:a6: 6f:77:74:fb:3e:cb:62:5c:12:5d:9d:7f:82:19:d3: 29:70:bf:fe:6d:e7:bd:2d:99:8e:05:b8:e9:50:bb: 25:f4:5d:16:13:f7:c4:48:ee:f7:20:f9:1e:0f:73: cf:b8:04:ca:b4:90:4d:3b:00:6b:2b:8b:48:77:e0: 09:c7:9b:24:68:ee:1b:42:94:99:a2:65:95:e4:b3: 2c:1c:e6:2f:46:b8:87:f8:be:6d:31:af:87:69:7b: ed:e4:8f:9b:7f:c9:d6:f9:5f:f8:68:cb:63:49:9c: b5:63:9b:a3:b3:70:4f:85:ac:c0:31:fc:38:83:9f: 8e:96:33:8a:01:f7:f2:6d:62:b0:f9:72:e8:49:86: 4c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:BD:BD:E5:11:35:46:CC:4F:EA:75:28:72:F6:5F:00:F6:AC:58:F8 X509v3 Authority Key Identifier: keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:ab:eb:c1:12:d5:f5:b3:f3:6f:cb:72:fb:8c:67:4f:f0:12: 6a:d6:72:30:ed:7b:c6:0f:8e:70:64:93:56:16:e1:7b:ac:e5: 2e:c7:d8:4a:a8:bb:56:da:bf:64:12:b8:32:b9:b9:67:f7:07: 9a:e7:13:85:44:7c:0a:d0:aa:22:99:66:07:4a:e5:58:5c:cf: 44:51:3d:d9:f6:ce:6b:40:0e:fc:b8:b4:b5:e1:db:81:47:7a: 37:fa:c4:3d:28:d8:d5:3f:85:42:d4:2e:71:ae:bb:2a:88:fa: c9:23:9d:9b:2e:ea:46:7a:a2:22:e5:3e:bf:56:68:60:df:7b: 71:9f:36:d9:86:84:38:6b:e5:20:9d:7b:14:4a:dc:69:d9:a6: f1:3b:e5:d1:06:5f:bc:81:72:5a:d2:8e:de:9d:ac:10:c8:47: e0:80:2b:e8:9c:d7:7a:0e:f8:f8:d4:ed:9d:cc:28:9d:03:8d: 3a:29:b9:cf:88:a3:5f:59:b4:a3:57:86:be:80:29:4c:a7:c7: 7d:5b:58:59:1e:b4:fa:8e:7f:32:d8:e4:05:0f:18:8b:ff:47: 7d:0a:da:1e:45:38:22:a6:1b:6e:e5:57:c2:ae:7a:45:0e:7f: cf:21:b4:34:0b:3f:37:58:fa:2b:14:86:88:b8:3f:7d:68:2e: 0a:af:07:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2tBKr8+olKyimPqWtNIA2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi YzNjNjAwHhcNMjUxMjE5MTMwMjA5WhcNMjUxMjIwMTMwMjA5WjAzMTEwLwYDVQQD EygzZGJkYmRlNTExMzU0NmNjNGZlYTc1Mjg3MmY2NWYwMGY2YWM1OGY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDBuLDs3k7pkay/tmn6ec0/3gF1I WIrGJjVNaj0fNY07cRUroRndu//Co7WHp+gqVVOpOCRnUhdlkERIB+Gee8qH8wLS s3zyCfxzvupW72m5/D520VyFl3Ndt1Cg362THO5pBhAaTmUSYqfZcs46l4hVJQv9 76Zvd3T7PstiXBJdnX+CGdMpcL/+bee9LZmOBbjpULsl9F0WE/fESO73IPkeD3PP uATKtJBNOwBrK4tId+AJx5skaO4bQpSZomWV5LMsHOYvRriH+L5tMa+HaXvt5I+b f8nW+V/4aMtjSZy1Y5ujs3BPhazAMfw4g5+OljOKAffybWKw+XLoSYZMrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD29veURNUbMT+p1KHL2XwD2rFj4MB8GA1UdIwQY MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUavrwRLV 9bPzb8ty+4xnT/ASatZyMO17xg+OcGSTVhbhe6zlLsfYSqi7Vtq/ZBK4Mrm5Z/cH mucThUR8CtCqIplmB0rlWFzPRFE92fbOa0AO/Li0teHbgUd6N/rEPSjY1T+FQtQu ca67Koj6ySOdmy7qRnqiIuU+v1ZoYN97cZ822YaEOGvlIJ17FErcadmm8Tvl0QZf vIFyWtKO3p2sEMhH4IAr6JzXeg74+NTtncwonQONOim5z4ijX1m0o1eGvoApTKfH fVtYWR60+o5/MtjkBQ8Yi/9HfQraHkU4IqYbbuVXwq56RQ5/zyG0NAs/N1j6KxSG iLg/fWguCq8HTw== -----END CERTIFICATE-----Generated at Fri Dec 19 16:21:53 2025 by rpki-client