This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.mft File: HyHFQ4RMQX9hrXk5JE07dZwqQ-0.mft (raw, json) Hash identifier: Yf8Qmp+egVcZZQdKWfy7ZrPxhut3CldzbITxvvoyheM= Subject key identifier: 5A:FF:F1:7C:B7:16:6B:5E:50:FD:48:E6:FC:2E:EB:3E:E8:17:59:4F Authority key identifier: 1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED Certificate issuer: /CN=1f21c543844c417f61ad7939244d3b759c2a43ed Certificate serial: 019B5ABFE4CB61E059F194D1334AA5F13F2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.mft Manifest number: 17A6 Signing time: Fri 26 Dec 2025 13:01:23 +0000 Manifest this update: Fri 26 Dec 2025 13:01:23 +0000 Manifest next update: Sat 27 Dec 2025 13:01:23 +0000 Files and hashes: 1: DeQFcAAznRKaWbjYYwtHWvAu_JE.roa (hash: GnVFGXqZ+Ydt6iYpHsJ9f6xgYMJ7ccNl+9bHKUUsU+w=) 2: HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl (hash: +ZAW7qp5bqoB9pb3ISMpd5LzFD2+gimwzDj2rkJiwRE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.mft rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:e4:cb:61:e0:59:f1:94:d1:33:4a:a5:f1:3f:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f21c543844c417f61ad7939244d3b759c2a43ed Validity Not Before: Dec 26 13:01:23 2025 GMT Not After : Dec 27 13:01:23 2025 GMT Subject: CN=5afff17cb7166b5e50fd48e6fc2eeb3ee817594f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:27:b8:20:98:a2:c1:b2:e9:2f:2b:59:18:0d: 20:65:2d:81:d7:d1:75:ee:3d:ce:2b:67:5b:1b:ea: ab:0e:85:5f:71:0a:7e:1f:4b:c6:05:c9:b6:16:6e: 0c:fc:d0:33:ae:79:4d:9d:f8:dc:2d:67:d4:9b:9d: e8:79:6e:f2:1a:da:ed:90:65:9a:1e:5c:28:54:3d: ba:c2:b3:1d:d7:6b:68:81:f2:e2:65:54:ba:65:63: 98:96:dc:55:69:44:7b:12:04:04:84:1d:34:c4:fa: d6:97:b4:9e:50:c9:dd:ff:a9:bd:2c:5d:54:90:33: 08:bc:9f:c6:dc:60:b1:cb:28:7f:68:69:f7:1c:6c: ff:fd:7c:ff:8c:a7:e4:be:1a:4f:54:7f:19:f1:ec: c1:6a:6a:2b:7e:ed:67:b5:2c:38:79:49:a3:89:07: 10:26:49:34:38:b6:6d:a4:fb:f6:db:22:e1:c4:1d: 8a:8c:c9:f6:cf:81:2d:e5:7d:b8:e1:c4:8f:3b:f6: 99:52:53:0e:54:ea:c3:b3:8c:66:f7:2c:4c:95:b3: a4:9c:a7:00:43:31:48:82:c2:fe:2c:8e:85:09:79: 4a:72:40:0e:c6:9d:d4:e3:84:c3:27:a1:4c:2c:27: 91:b1:b5:41:da:5b:9b:e9:76:1e:9c:e5:20:cf:19: 47:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:FF:F1:7C:B7:16:6B:5E:50:FD:48:E6:FC:2E:EB:3E:E8:17:59:4F X509v3 Authority Key Identifier: keyid:1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:a6:5d:13:6b:1b:d7:1a:0e:e3:d3:5a:3d:ba:4f:3a:4b:86: ef:cf:68:7b:94:2c:7f:e0:df:eb:a6:29:96:b6:f7:ba:05:d3: 04:16:68:7e:14:5d:eb:ab:ce:19:0d:c2:1f:6c:9b:64:02:19: 15:94:8b:93:79:f9:05:23:e9:c1:a3:d8:71:0e:17:de:22:2e: 3a:94:11:6f:26:e6:90:f8:9d:51:0c:78:a9:d0:99:b6:25:b8: 61:15:df:ba:26:d9:09:8e:68:10:d7:66:cd:4b:ac:c4:14:d7: 73:3e:78:0a:7b:4f:f1:b5:24:c5:8c:b6:12:46:e9:9d:f4:39: 6f:78:44:fa:35:97:30:93:6e:4c:6c:45:59:3a:55:2a:11:0b: 5d:96:a4:3d:0f:3e:cb:2c:92:2e:20:cb:6a:0b:c7:e0:78:48: 04:d7:9c:0b:6a:f0:ee:18:c5:55:f4:86:e0:db:d0:e7:da:0a: 8e:0a:01:18:7f:3f:8b:a3:f8:fd:c9:53:bc:51:b4:10:6c:7d: 66:28:8a:c0:83:bf:73:c0:7e:a3:0e:23:47:98:83:19:ec:64: 24:4d:08:40:e7:93:98:be:fa:b3:c1:61:e9:66:a8:e8:d5:fb: 58:83:42:43:0a:18:4b:68:ab:b3:aa:23:fa:d8:f8:35:e8:1c: b2:64:47:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav+TLYeBZ8ZTRM0ql8T8vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMjFjNTQzODQ0YzQxN2Y2MWFkNzkzOTI0NGQzYjc1OWMy YTQzZWQwHhcNMjUxMjI2MTMwMTIzWhcNMjUxMjI3MTMwMTIzWjAzMTEwLwYDVQQD Eyg1YWZmZjE3Y2I3MTY2YjVlNTBmZDQ4ZTZmYzJlZWIzZWU4MTc1OTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSe4IJiiwbLpLytZGA0gZS2B19F1 7j3OK2dbG+qrDoVfcQp+H0vGBcm2Fm4M/NAzrnlNnfjcLWfUm53oeW7yGtrtkGWa HlwoVD26wrMd12togfLiZVS6ZWOYltxVaUR7EgQEhB00xPrWl7SeUMnd/6m9LF1U kDMIvJ/G3GCxyyh/aGn3HGz//Xz/jKfkvhpPVH8Z8ezBamorfu1ntSw4eUmjiQcQ Jkk0OLZtpPv22yLhxB2KjMn2z4Et5X244cSPO/aZUlMOVOrDs4xm9yxMlbOknKcA QzFIgsL+LI6FCXlKckAOxp3U44TDJ6FMLCeRsbVB2lub6XYenOUgzxlHuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFr/8Xy3FmteUP1I5vwu6z7oF1lPMB8GA1UdIwQY MBaAFB8hxUOETEF/Ya15OSRNO3WcKkPtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2Qt YjhjNDg1M2U0MmJjLzEvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2QtYjhjNDg1M2U0MmJj LzEvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE6ZdE2sb 1xoO49NaPbpPOkuG789oe5Qsf+Df66Yplrb3ugXTBBZofhRd66vOGQ3CH2ybZAIZ FZSLk3n5BSPpwaPYcQ4X3iIuOpQRbybmkPidUQx4qdCZtiW4YRXfuibZCY5oENdm zUusxBTXcz54CntP8bUkxYy2EkbpnfQ5b3hE+jWXMJNuTGxFWTpVKhELXZakPQ8+ yyySLiDLagvH4HhIBNecC2rw7hjFVfSG4NvQ59oKjgoBGH8/i6P4/clTvFG0EGx9 ZiiKwIO/c8B+ow4jR5iDGexkJE0IQOeTmL76s8Fh6Wao6NX7WINCQwoYS2irs6oj +tj4NegcsmRHJA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:57 2025 by rpki-client