This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft File: HRAqymzxNRE4UpTnfb4nN2jAoEs.mft (raw, json) Hash identifier: WCbbLM31wfCUNTBMYST62K5NURSAdiT7XeOFjv+tM/E= Subject key identifier: C3:FB:81:5B:62:56:CC:F5:6D:E5:EE:0E:B3:20:7A:B3:45:5E:60:00 Authority key identifier: 1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B Certificate issuer: /CN=1d102aca6cf13511385294e77dbe273768c0a04b Certificate serial: 019B4626355E3FABF39D24401CCD4073E6ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft Manifest number: 0C6A Signing time: Mon 22 Dec 2025 13:01:07 +0000 Manifest this update: Mon 22 Dec 2025 13:01:07 +0000 Manifest next update: Tue 23 Dec 2025 13:01:07 +0000 Files and hashes: 1: HRAqymzxNRE4UpTnfb4nN2jAoEs.crl (hash: 1TQsjBibeurOdrDuX22ol4Vfx0r40U9kKB7LU/DE9nw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:26:35:5e:3f:ab:f3:9d:24:40:1c:cd:40:73:e6:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d102aca6cf13511385294e77dbe273768c0a04b Validity Not Before: Dec 22 13:01:07 2025 GMT Not After : Dec 23 13:01:07 2025 GMT Subject: CN=c3fb815b6256ccf56de5ee0eb3207ab3455e6000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a0:19:9e:70:e6:8b:6d:36:3b:26:2a:89:79: 91:ed:7d:e0:c0:ec:7c:39:a7:6e:e7:16:02:0f:1f: 48:be:53:00:9c:51:7e:62:5b:d0:86:6f:10:e3:71: 10:f2:cc:d8:67:1e:09:fe:b2:77:93:fe:5c:ca:1f: 9c:6d:20:70:50:a8:25:b6:ae:3e:55:07:6b:98:5f: 54:94:da:66:bb:8c:1c:02:52:ea:4b:ef:31:af:81: 22:0a:c7:86:90:fe:d3:08:e7:61:ce:79:9d:79:0d: 18:b4:4a:ef:de:51:bc:72:9f:53:d7:ba:92:82:cc: 78:c3:11:a3:83:5b:8f:59:f8:2d:04:df:62:8a:7c: ab:8f:06:40:ba:c8:2e:d2:a4:44:c7:59:4b:c6:1c: f0:c6:0d:94:db:c2:53:eb:57:b5:73:35:f4:f9:1f: c2:cd:c0:c8:8c:63:60:10:a3:ec:51:09:7f:44:30: 90:3e:16:a0:b3:bd:04:b1:e7:d5:09:10:16:41:51: 0a:74:9c:6d:6d:ba:ea:57:68:2b:da:11:55:32:f9: ff:65:08:00:90:9c:f4:18:f6:11:67:69:a9:9d:8b: 30:78:5b:30:75:04:7b:4a:33:57:f6:18:36:69:23: 5c:35:02:2a:30:c7:c8:4e:c2:bc:39:c6:75:91:bf: 3e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:FB:81:5B:62:56:CC:F5:6D:E5:EE:0E:B3:20:7A:B3:45:5E:60:00 X509v3 Authority Key Identifier: keyid:1D:10:2A:CA:6C:F1:35:11:38:52:94:E7:7D:BE:27:37:68:C0:A0:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRAqymzxNRE4UpTnfb4nN2jAoEs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61b236-6f80-4422-84e5-e8666218a5c8/1/HRAqymzxNRE4UpTnfb4nN2jAoEs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:85:be:4d:c7:bf:43:85:7a:dc:9e:6c:d3:c3:71:1b:d9:2c: 3e:b9:ff:3b:7b:fe:8f:46:cd:bd:94:03:a1:ec:4f:51:75:46: 78:bf:63:13:16:c9:6b:97:74:6a:0c:a1:5e:d5:b5:cb:9f:eb: 70:9a:8a:e1:3f:54:46:8e:5f:bf:bb:4a:61:1a:d2:fa:14:33: c1:dc:da:fb:b7:2b:3c:b5:e6:06:27:5c:ef:a1:fd:86:14:5e: 3d:9b:3b:de:84:f2:8a:c7:46:2a:8d:cd:ab:b5:c1:1a:70:83: 1c:db:13:39:97:51:53:33:67:3c:91:fc:6b:a6:c3:6f:16:eb: 97:8a:8f:ff:fc:db:56:24:b5:08:88:7c:44:74:f7:82:34:2e: df:13:41:59:8e:3e:ff:2f:2e:3d:75:67:2b:e8:eb:81:36:d3: 09:d2:dc:cd:a2:37:b0:ad:aa:58:43:54:bf:b0:39:9b:6a:e7: b2:8b:e7:24:67:04:47:c7:df:58:a5:14:de:0c:9c:59:f6:35: 4e:1e:27:88:60:f6:fa:54:e3:7a:64:0d:68:b7:ba:4f:18:25: b2:54:6e:46:76:7e:4f:79:57:c0:0f:6b:a1:12:99:30:c5:9d: 53:d3:ed:ae:bf:1a:73:dc:ca:d6:1e:f3:0e:4e:df:13:e2:99: f4:7d:58:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJjVeP6vznSRAHM1Ac+btMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMTAyYWNhNmNmMTM1MTEzODUyOTRlNzdkYmUyNzM3Njhj MGEwNGIwHhcNMjUxMjIyMTMwMTA3WhcNMjUxMjIzMTMwMTA3WjAzMTEwLwYDVQQD EyhjM2ZiODE1YjYyNTZjY2Y1NmRlNWVlMGViMzIwN2FiMzQ1NWU2MDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaAZnnDmi202OyYqiXmR7X3gwOx8 Oadu5xYCDx9IvlMAnFF+YlvQhm8Q43EQ8szYZx4J/rJ3k/5cyh+cbSBwUKgltq4+ VQdrmF9UlNpmu4wcAlLqS+8xr4EiCseGkP7TCOdhznmdeQ0YtErv3lG8cp9T17qS gsx4wxGjg1uPWfgtBN9iinyrjwZAusgu0qREx1lLxhzwxg2U28JT61e1czX0+R/C zcDIjGNgEKPsUQl/RDCQPhags70EsefVCRAWQVEKdJxtbbrqV2gr2hFVMvn/ZQgA kJz0GPYRZ2mpnYsweFswdQR7SjNX9hg2aSNcNQIqMMfITsK8OcZ1kb8+twIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMP7gVtiVsz1beXuDrMgerNFXmAAMB8GA1UdIwQY MBaAFB0QKsps8TUROFKU532+JzdowKBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUt ZTg2NjYyMThhNWM4LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS82MWIyMzYtNmY4MC00NDIyLTg0ZTUtZTg2NjYyMThhNWM4 LzEvSFJBcXltenhOUkU0VXBUbmZiNG5OMmpBb0VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIW+Tce/ Q4V63J5s08NxG9ksPrn/O3v+j0bNvZQDoexPUXVGeL9jExbJa5d0agyhXtW1y5/r cJqK4T9URo5fv7tKYRrS+hQzwdza+7crPLXmBidc76H9hhRePZs73oTyisdGKo3N q7XBGnCDHNsTOZdRUzNnPJH8a6bDbxbrl4qP//zbViS1CIh8RHT3gjQu3xNBWY4+ /y8uPXVnK+jrgTbTCdLczaI3sK2qWENUv7A5m2rnsovnJGcER8ffWKUU3gycWfY1 Th4niGD2+lTjemQNaLe6TxglslRuRnZ+T3lXwA9roRKZMMWdU9Ptrr8ac9zK1h7z Dk7fE+KZ9H1YIw== -----END CERTIFICATE-----Generated at Mon Dec 22 22:17:59 2025 by rpki-client