This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft File: HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json) Hash identifier: Nk4hSJ6kveezpcOenlNMqPWqEstCqsP63a6zsgg8CMs= Subject key identifier: 73:15:5C:58:8D:6C:7E:F3:34:2E:8B:BC:34:3C:75:F0:89:16:66:ED Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 Certificate issuer: /CN=1db690606199a5d486789c43dbffd0c065bddce6 Certificate serial: 019B58D1A73248D245BDAAF773E5B6775CAC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft Manifest number: 05CC Signing time: Fri 26 Dec 2025 04:01:33 +0000 Manifest this update: Fri 26 Dec 2025 04:01:33 +0000 Manifest next update: Sat 27 Dec 2025 04:01:33 +0000 Files and hashes: 1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: 53fgF707cKCeHGki0nJC4xfN+BR/v4CctJAVdhh+X/8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:a7:32:48:d2:45:bd:aa:f7:73:e5:b6:77:5c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6 Validity Not Before: Dec 26 04:01:33 2025 GMT Not After : Dec 27 04:01:33 2025 GMT Subject: CN=73155c588d6c7ef3342e8bbc343c75f0891666ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:46:65:38:e7:bc:4b:f3:b2:c6:e9:19:1d:37: 1f:81:c2:a6:3e:ea:45:62:77:4c:07:28:db:10:70: a0:0a:95:b7:01:89:4e:ad:f6:22:7a:d3:ea:c6:76: 42:69:57:40:2e:aa:95:86:02:0f:6a:57:6e:a7:f7: f0:80:0d:ab:39:09:a5:99:a8:c0:be:bc:e4:2a:8a: 6a:37:b9:c3:26:06:6b:9a:52:52:34:61:85:8a:b0: aa:c5:f4:50:c2:38:18:6b:98:da:77:3e:69:59:b6: 1a:14:16:4b:74:f2:e8:10:44:35:12:fe:d1:24:f7: 96:f3:96:1e:9f:c1:1f:29:b4:3a:71:e8:58:ca:11: 70:56:e9:0e:bd:d0:c6:a4:35:60:b2:45:db:52:bf: ac:04:7d:22:be:ff:b1:ca:da:b8:d3:6f:18:43:59: 2c:7d:63:dd:18:d7:c4:fd:74:68:38:e2:85:17:29: b6:8c:53:d8:06:6e:0d:8b:35:19:d9:cb:a0:d3:58: 14:b1:4a:cb:35:a2:d3:5d:02:3e:57:6f:20:65:0e: d5:fd:10:b5:0b:cd:95:1f:c9:85:18:6e:49:e2:28: e2:46:76:1c:4d:cd:00:41:c7:06:81:96:c9:2f:71: 54:d0:73:60:5e:ec:f6:b5:56:c6:25:16:80:c9:55: 91:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:15:5C:58:8D:6C:7E:F3:34:2E:8B:BC:34:3C:75:F0:89:16:66:ED X509v3 Authority Key Identifier: keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:25:ae:f3:eb:a1:6e:e5:f5:29:1e:a8:0e:c7:43:fd:e0:6c: 97:8a:8a:8f:fe:5c:bd:cb:f5:63:17:72:ed:51:5c:6a:44:90: 36:76:88:96:f8:df:93:37:23:3e:36:2b:8f:8a:6c:bf:6c:78: 33:cc:61:30:3a:79:f6:09:ca:25:67:26:75:ac:1c:3d:f0:79: e9:6e:e9:84:56:8c:fe:97:96:09:ec:84:68:b8:fa:b0:62:3a: 18:be:ac:d9:7e:d8:83:fd:f7:c3:19:06:5f:fe:ed:5b:7b:d0: e5:68:2a:d5:cf:e9:69:ca:cf:ef:e7:e3:12:f3:91:41:bc:c2: 52:62:be:cc:22:50:89:3b:7c:21:a6:6f:00:b4:fd:cc:1a:f9: 14:d8:a4:31:23:76:bc:b1:e6:d8:73:a9:ec:9f:44:f0:0f:4c: e5:73:d1:cd:8a:28:c2:d1:af:c0:4e:c2:d5:c0:1f:20:5e:01: 74:3b:ff:60:54:cf:f9:d0:68:87:5c:dd:56:72:a1:2a:96:04: df:f2:6b:19:22:bd:38:99:8f:b9:39:83:3e:d8:42:e6:ce:97: 67:27:ac:47:49:82:fc:3a:f4:9d:41:c1:8a:60:49:81:86:d2: 35:70:6d:29:5d:3c:86:85:52:7c:ac:02:f3:33:ff:02:72:87: 84:46:f1:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0acySNJFvar3c+W2d1ysMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi ZGRjZTYwHhcNMjUxMjI2MDQwMTMzWhcNMjUxMjI3MDQwMTMzWjAzMTEwLwYDVQQD Eyg3MzE1NWM1ODhkNmM3ZWYzMzQyZThiYmMzNDNjNzVmMDg5MTY2NmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00ZlOOe8S/OyxukZHTcfgcKmPupF YndMByjbEHCgCpW3AYlOrfYietPqxnZCaVdALqqVhgIPaldup/fwgA2rOQmlmajA vrzkKopqN7nDJgZrmlJSNGGFirCqxfRQwjgYa5jadz5pWbYaFBZLdPLoEEQ1Ev7R JPeW85Yen8EfKbQ6cehYyhFwVukOvdDGpDVgskXbUr+sBH0ivv+xytq4028YQ1ks fWPdGNfE/XRoOOKFFym2jFPYBm4NizUZ2cug01gUsUrLNaLTXQI+V28gZQ7V/RC1 C82VH8mFGG5J4ijiRnYcTc0AQccGgZbJL3FU0HNgXuz2tVbGJRaAyVWRdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHMVXFiNbH7zNC6LvDQ8dfCJFmbtMB8GA1UdIwQY MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1 LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAciWu8+uh buX1KR6oDsdD/eBsl4qKj/5cvcv1Yxdy7VFcakSQNnaIlvjfkzcjPjYrj4psv2x4 M8xhMDp59gnKJWcmdawcPfB56W7phFaM/peWCeyEaLj6sGI6GL6s2X7Yg/33wxkG X/7tW3vQ5Wgq1c/pacrP7+fjEvORQbzCUmK+zCJQiTt8IaZvALT9zBr5FNikMSN2 vLHm2HOp7J9E8A9M5XPRzYoowtGvwE7C1cAfIF4BdDv/YFTP+dBoh1zdVnKhKpYE 3/JrGSK9OJmPuTmDPthC5s6XZyesR0mC/Dr0nUHBimBJgYbSNXBtKV08hoVSfKwC 8zP/AnKHhEbxuQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:21 2025 by rpki-client