This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft File: HGnHYzivyQhbj71mm4t0vXqS1DE.mft (raw, json) Hash identifier: mlpdix+ZAbzRPQFKSmT2M+2PbVZ99JjC7fEawl7lVd8= Subject key identifier: CF:1D:4C:2A:06:9E:37:0C:C3:B4:F4:AA:DF:F0:F8:63:1D:F8:52:30 Authority key identifier: 1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31 Certificate issuer: /CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431 Certificate serial: 019B488339B16F993100F7EFA913D56D0BE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft Manifest number: 147B Signing time: Tue 23 Dec 2025 00:01:58 +0000 Manifest this update: Tue 23 Dec 2025 00:01:58 +0000 Manifest next update: Wed 24 Dec 2025 00:01:58 +0000 Files and hashes: 1: Biv2qTrQNJJYQlmIhX2GXCsPh8k.roa (hash: qgzc+HC1Pbq5Sym5wnfMxLGpd7cCm/TouNcPCVsFEcM=) 2: HGnHYzivyQhbj71mm4t0vXqS1DE.crl (hash: 2HLNoEkYhrtWTWzOX+/5eNu0n5o11DiMS7xuJ4tXq8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:83:39:b1:6f:99:31:00:f7:ef:a9:13:d5:6d:0b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431 Validity Not Before: Dec 23 00:01:58 2025 GMT Not After : Dec 24 00:01:58 2025 GMT Subject: CN=cf1d4c2a069e370cc3b4f4aadff0f8631df85230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:3b:39:69:65:0f:a0:d9:d2:77:07:f4:9e:12: 62:d2:be:a8:5d:9e:2e:8b:b7:d8:ef:4c:53:70:fa: cd:bc:64:bf:92:9e:0c:1f:06:c3:9e:06:9f:19:f0: 07:7a:65:7b:2b:1c:cf:25:ec:58:12:fa:c6:34:e7: 14:07:1a:9b:bf:ef:55:8a:cf:09:c1:a9:c5:40:ee: df:30:3a:5c:41:14:95:58:98:f3:9d:d6:a1:78:a2: 17:f1:d3:2f:10:2a:77:24:fb:85:6a:ef:81:72:83: a8:7d:29:1c:ae:6a:dd:33:77:98:b7:ba:86:95:6b: b7:c7:b6:30:63:e1:df:9f:e1:22:2b:79:97:07:46: 65:0c:0d:3a:e8:72:1a:5c:28:a2:8d:38:8f:4d:6a: f7:95:0c:b9:0e:ff:27:35:42:fd:50:4f:ed:17:ee: 93:47:f8:69:5b:97:f8:87:a6:d4:a4:4b:37:6f:dd: c4:1d:e4:91:c3:c3:62:93:3a:7c:33:3e:77:86:dc: bd:6a:b7:f9:64:d2:6e:29:c6:9a:1f:c9:39:8b:a8: 5a:8e:4f:31:05:c8:9b:5a:ed:b2:e7:cf:a4:41:52: 8f:b8:a4:cb:4b:08:90:5e:c8:04:ad:43:9c:2d:46: 5f:98:1e:1d:43:21:93:14:27:05:b4:05:7b:3e:7e: b6:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:1D:4C:2A:06:9E:37:0C:C3:B4:F4:AA:DF:F0:F8:63:1D:F8:52:30 X509v3 Authority Key Identifier: keyid:1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:f7:ec:28:4f:b6:7b:79:e1:50:c9:59:62:0d:7d:e4:b3:8f: 3c:af:8b:e3:e5:e7:09:b2:02:36:c9:3a:3e:26:fb:0c:d9:80: d9:cf:bb:8f:c6:2d:1f:c4:ae:59:c1:46:69:76:08:27:a6:32: 26:e8:13:9d:94:70:0a:93:f9:2a:19:ee:e4:d5:b5:c2:bc:07: c0:d6:80:62:34:e4:a2:7d:9f:7e:10:53:2b:b6:ec:cc:7e:d1: b7:6c:1a:c2:fe:92:c2:6f:84:bd:c0:1d:be:34:59:22:33:6f: 6a:6a:31:d7:16:d8:ac:d4:d7:b3:a2:9e:97:20:d7:3d:9e:69: eb:62:83:4d:2a:b4:00:09:6a:df:5b:d6:01:d8:b0:bf:ae:25: e1:af:9a:49:5e:b6:7e:0b:03:c1:ed:f0:f6:2a:73:02:b9:2a: 80:bd:9c:10:57:3f:05:b0:67:23:8b:5f:82:60:83:65:86:08: 67:72:c3:fd:2b:32:88:75:36:b2:5a:4e:d4:cb:38:7f:aa:8a: 3f:3b:a3:8b:a3:90:b7:f4:ab:45:38:fd:73:6d:63:c7:52:23: 2a:24:21:f8:0c:b6:36:47:ca:16:a0:a8:1e:67:ba:6b:22:81: 8e:b3:26:77:7f:c9:c7:21:24:21:e4:73:05:fa:23:c2:7a:c0: 0d:b3:ac:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgzmxb5kxAPfvqRPVbQvgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjNjljNzYzMzhhZmM5MDg1YjhmYmQ2NjliOGI3NGJkN2E5 MmQ0MzEwHhcNMjUxMjIzMDAwMTU4WhcNMjUxMjI0MDAwMTU4WjAzMTEwLwYDVQQD EyhjZjFkNGMyYTA2OWUzNzBjYzNiNGY0YWFkZmYwZjg2MzFkZjg1MjMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zs5aWUPoNnSdwf0nhJi0r6oXZ4u i7fY70xTcPrNvGS/kp4MHwbDngafGfAHemV7KxzPJexYEvrGNOcUBxqbv+9Vis8J wanFQO7fMDpcQRSVWJjzndaheKIX8dMvECp3JPuFau+BcoOofSkcrmrdM3eYt7qG lWu3x7YwY+Hfn+EiK3mXB0ZlDA066HIaXCiijTiPTWr3lQy5Dv8nNUL9UE/tF+6T R/hpW5f4h6bUpEs3b93EHeSRw8Nikzp8Mz53hty9arf5ZNJuKcaaH8k5i6hajk8x BcibWu2y58+kQVKPuKTLSwiQXsgErUOcLUZfmB4dQyGTFCcFtAV7Pn62EwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM8dTCoGnjcMw7T0qt/w+GMd+FIwMB8GA1UdIwQY MBaAFBxpx2M4r8kIW4+9ZpuLdL16ktQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9hMjA4OGItYTEyNi00YmE2LTg3MWMt NTc1OWI0MjdmNGQxLzEvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi9hMjA4OGItYTEyNi00YmE2LTg3MWMtNTc1OWI0MjdmNGQx LzEvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/fsKE+2 e3nhUMlZYg195LOPPK+L4+XnCbICNsk6Pib7DNmA2c+7j8YtH8SuWcFGaXYIJ6Yy JugTnZRwCpP5Khnu5NW1wrwHwNaAYjTkon2ffhBTK7bszH7Rt2wawv6Swm+EvcAd vjRZIjNvamox1xbYrNTXs6KelyDXPZ5p62KDTSq0AAlq31vWAdiwv64l4a+aSV62 fgsDwe3w9ipzArkqgL2cEFc/BbBnI4tfgmCDZYYIZ3LD/SsyiHU2slpO1Ms4f6qK Pzuji6OQt/SrRTj9c21jx1IjKiQh+Ay2NkfKFqCoHme6ayKBjrMmd3/JxyEkIeRz BfojwnrADbOs1g== -----END CERTIFICATE-----Generated at Tue Dec 23 03:15:52 2025 by rpki-client