This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft File: HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json) Hash identifier: SCHYucSblnDpElWfcpOEhU9DuH4yvG7B7jJTN4vtuJg= Subject key identifier: 46:F0:3B:17:D9:18:67:AD:3D:71:CF:0F:30:9A:68:40:65:E3:76:80 Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D Certificate issuer: /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d Certificate serial: 019B5ABF93C96BA4CC4CD4D7570382150449 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft Manifest number: 1350 Signing time: Fri 26 Dec 2025 13:01:03 +0000 Manifest this update: Fri 26 Dec 2025 13:01:03 +0000 Manifest next update: Sat 27 Dec 2025 13:01:03 +0000 Files and hashes: 1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: zCD5NN3Ik37djJOSfWJ6IzJUx7exCdm9jgs0tvC8hyw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:93:c9:6b:a4:cc:4c:d4:d7:57:03:82:15:04:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d Validity Not Before: Dec 26 13:01:03 2025 GMT Not After : Dec 27 13:01:03 2025 GMT Subject: CN=46f03b17d91867ad3d71cf0f309a684065e37680 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:77:7c:82:f7:5f:b8:87:2b:ad:f2:24:f9:c6: 3d:b9:2b:e9:11:8b:da:85:2f:25:4b:4e:e5:79:89: f1:9e:34:23:aa:bc:64:e6:d8:84:ec:a3:20:d5:d3: 87:f8:5a:5c:6c:64:e9:98:ca:0f:6f:93:e9:32:87: d9:0b:ea:27:4b:de:62:b5:38:f4:b2:eb:1b:57:fe: cb:5a:a6:c6:c6:a6:e7:4f:14:19:77:96:39:84:f0: 80:40:e2:51:8c:6e:f4:fc:d1:cc:2a:f8:f2:d0:a6: 38:bd:a9:95:97:73:23:66:0a:d0:9c:7d:96:ed:d9: ba:bf:a9:ba:5f:9a:55:f9:3a:5c:74:e7:72:77:79: 8c:bf:5b:3f:91:bd:04:30:4d:9c:3e:d1:53:27:ac: 90:1c:38:38:9d:71:d7:75:26:c2:25:93:53:ee:89: b1:6f:94:72:41:ec:6a:e8:d2:9e:f3:ae:7f:29:dc: da:7c:ac:41:7a:91:38:a0:5a:00:8f:7c:56:af:89: 04:85:70:d3:96:75:74:85:ae:40:20:86:53:85:e1: cc:b0:71:3c:88:be:65:f7:21:52:9b:2b:fa:a0:74: 0c:f7:ac:d2:5d:13:44:78:49:d4:f5:7a:be:4c:51: 6f:82:b2:6e:d6:b7:49:d7:5b:93:e5:cb:3c:82:df: 48:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:F0:3B:17:D9:18:67:AD:3D:71:CF:0F:30:9A:68:40:65:E3:76:80 X509v3 Authority Key Identifier: keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:2d:4f:89:93:db:35:cf:49:2c:5a:85:8b:5b:a4:93:88:e4: fa:e3:4e:ee:09:64:56:49:e6:ad:67:f9:08:7b:39:35:9a:19: ef:03:cc:29:f4:f9:f8:8a:fc:78:95:33:50:de:ce:dc:a0:ec: ad:6d:63:0c:7e:9a:83:b7:fb:58:81:61:fb:17:48:eb:94:58: c0:d4:25:b9:7f:61:ac:34:4f:60:51:35:ab:e7:72:54:df:01: 1a:f5:49:da:85:4a:c2:ce:9c:da:89:c3:33:38:b8:82:34:26: 03:60:d0:9e:d5:ad:59:82:3f:f9:7c:ee:68:e1:42:9f:7a:1e: f7:a6:d9:ce:06:d0:65:7b:c8:85:5c:71:27:a7:94:63:f3:c3: 06:cd:91:79:b3:13:62:d5:20:85:93:eb:e7:60:4f:d1:c0:18: cf:23:11:f6:20:26:ab:02:fe:b0:4a:ff:75:82:03:9e:e7:dc: b3:7b:d5:c5:40:22:1c:2d:a3:5b:48:5d:86:f8:20:ec:62:ba: 02:94:29:aa:11:b1:b3:52:a8:09:5b:21:46:1d:fb:7e:37:9d: 8a:9a:7b:cd:5e:8e:97:d9:d8:2a:7b:87:2d:f7:0b:84:bc:00: bb:69:22:f4:64:43:cb:fa:2a:ee:26:11:49:d1:66:fe:71:23: 61:74:cb:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav5PJa6TMTNTXVwOCFQRJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5 MmM2OGQwHhcNMjUxMjI2MTMwMTAzWhcNMjUxMjI3MTMwMTAzWjAzMTEwLwYDVQQD Eyg0NmYwM2IxN2Q5MTg2N2FkM2Q3MWNmMGYzMDlhNjg0MDY1ZTM3NjgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Xd8gvdfuIcrrfIk+cY9uSvpEYva hS8lS07leYnxnjQjqrxk5tiE7KMg1dOH+FpcbGTpmMoPb5PpMofZC+onS95itTj0 susbV/7LWqbGxqbnTxQZd5Y5hPCAQOJRjG70/NHMKvjy0KY4vamVl3MjZgrQnH2W 7dm6v6m6X5pV+TpcdOdyd3mMv1s/kb0EME2cPtFTJ6yQHDg4nXHXdSbCJZNT7omx b5RyQexq6NKe865/KdzafKxBepE4oFoAj3xWr4kEhXDTlnV0ha5AIIZTheHMsHE8 iL5l9yFSmyv6oHQM96zSXRNEeEnU9Xq+TFFvgrJu1rdJ11uT5cs8gt9IXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbwOxfZGGetPXHPDzCaaEBl43aAMB8GA1UdIwQY MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1 LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANC1PiZPb Nc9JLFqFi1ukk4jk+uNO7glkVknmrWf5CHs5NZoZ7wPMKfT5+Ir8eJUzUN7O3KDs rW1jDH6ag7f7WIFh+xdI65RYwNQluX9hrDRPYFE1q+dyVN8BGvVJ2oVKws6c2onD Mzi4gjQmA2DQntWtWYI/+XzuaOFCn3oe96bZzgbQZXvIhVxxJ6eUY/PDBs2RebMT YtUghZPr52BP0cAYzyMR9iAmqwL+sEr/dYIDnufcs3vVxUAiHC2jW0hdhvgg7GK6 ApQpqhGxs1KoCVshRh37fjedipp7zV6Ol9nYKnuHLfcLhLwAu2ki9GRDy/oq7iYR SdFm/nEjYXTL1g== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:47 2025 by rpki-client