This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft File: hlsHwonfa8nHYttDKboM48Up_ss.mft (raw, json) Hash identifier: N0lofVJavQsW63oFWf294CxGERnN0k5TlDRuTt2dixA= Subject key identifier: CC:B0:9C:65:2C:DE:93:FB:E4:29:76:20:ED:EA:F4:E5:D4:11:D5:53 Authority key identifier: 86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB Certificate issuer: /CN=865b07c289df6bc9c762db4329ba0ce3c529fecb Certificate serial: 019B421207C3788D8FEAEC40B2CC8F0CFA64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft Manifest number: 017D Signing time: Sun 21 Dec 2025 18:00:36 +0000 Manifest this update: Sun 21 Dec 2025 18:00:36 +0000 Manifest next update: Mon 22 Dec 2025 18:00:36 +0000 Files and hashes: 1: EyJIl9GgE7NEizESEZnZ9ODAHzw.roa (hash: TDhr2Br5ELeOUc6goo8nbxisdzgPRnJxdfCh2qX9VlY=) 2: hlsHwonfa8nHYttDKboM48Up_ss.crl (hash: 8cPGPY9D6e5+/elbzLLLG3qkGa2GiU5t2QpD7Wc4864=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 18:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:12:07:c3:78:8d:8f:ea:ec:40:b2:cc:8f:0c:fa:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=865b07c289df6bc9c762db4329ba0ce3c529fecb Validity Not Before: Dec 21 18:00:36 2025 GMT Not After : Dec 22 18:00:36 2025 GMT Subject: CN=ccb09c652cde93fbe4297620edeaf4e5d411d553 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:dd:56:9d:30:aa:1b:20:5e:e6:d9:f4:32:2a: c1:6f:60:7c:fd:a1:4b:6c:95:88:4b:13:31:12:5a: cc:fe:db:7b:64:ea:a7:d5:dd:ba:a2:02:47:9d:3a: 11:b0:0b:07:d2:35:5f:ae:4b:22:fa:da:ed:41:35: 5f:4c:c7:ea:34:14:e5:c6:99:28:cc:f1:a8:bd:ea: 6c:26:7d:f1:34:98:e8:6b:91:af:0c:d4:32:33:08: be:da:9e:87:1d:f0:e5:57:9d:98:be:98:ab:ea:cb: 7e:57:04:45:e3:d2:7f:52:e6:04:2c:0f:68:43:0e: ce:9c:21:c3:db:71:58:2e:6f:d7:78:05:d1:ca:4c: e1:a1:fb:31:4e:0d:c1:c7:6e:ee:87:2e:74:5a:fd: 09:75:2e:f7:f8:55:88:69:4d:d9:17:7a:d4:99:61: 37:ea:39:4e:07:d3:66:56:b2:a7:ae:a7:7c:c8:4e: be:0d:9d:19:33:16:09:93:94:91:17:18:04:92:b9: aa:ba:8c:da:b0:8d:7d:53:57:fe:24:4a:8a:1f:da: 8e:22:80:07:49:b6:03:4e:b3:77:30:5c:18:c3:7c: f0:10:55:fa:3f:43:99:21:10:7a:3f:5c:4b:ad:0d: f2:21:08:33:7a:84:52:d9:29:9e:18:b3:41:f8:64: e3:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B0:9C:65:2C:DE:93:FB:E4:29:76:20:ED:EA:F4:E5:D4:11:D5:53 X509v3 Authority Key Identifier: keyid:86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:9b:80:b6:06:24:f1:e2:d1:49:9f:d4:bd:33:3d:db:f1:6d: 48:b5:0a:9f:56:ef:20:e4:e0:07:88:b7:05:63:8e:ef:58:7b: 39:b9:c3:8b:11:63:52:be:15:38:42:28:28:0c:3f:72:67:b1: 51:8e:a4:f9:41:ea:66:7d:28:41:28:eb:af:f6:ab:c2:f4:86: c3:e5:73:bd:68:31:d0:56:a8:48:41:9a:07:a8:5c:78:e9:7d: d4:7b:85:3e:6e:6c:7b:0f:00:a2:e3:46:01:55:e7:d3:ef:b6: f5:d1:98:0c:7d:f5:4d:4c:3b:8a:7d:e8:59:a5:17:98:9a:25: d0:48:4b:33:40:a1:4e:40:d8:06:ed:34:cf:cc:23:2a:54:19: a3:06:cb:b8:52:bc:21:e1:a6:a6:40:8f:c5:d0:f5:c1:57:ea: ce:1d:e2:55:be:2a:bb:93:64:79:14:05:6c:59:40:db:52:b4: 6c:91:b6:ee:84:4e:7f:5d:59:90:24:44:6d:1c:73:08:39:59: 8c:7f:1b:ed:df:91:70:ed:ed:39:05:c7:b0:fa:2e:ca:53:9c: 5c:e3:f6:68:58:f2:8c:fb:8e:a5:eb:7a:df:a1:77:87:ee:38: 79:bf:36:75:fb:83:60:3f:80:3a:65:7a:b7:7d:44:a0:37:99: df:00:fa:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCEgfDeI2P6uxAssyPDPpkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NWIwN2MyODlkZjZiYzljNzYyZGI0MzI5YmEwY2UzYzUy OWZlY2IwHhcNMjUxMjIxMTgwMDM2WhcNMjUxMjIyMTgwMDM2WjAzMTEwLwYDVQQD EyhjY2IwOWM2NTJjZGU5M2ZiZTQyOTc2MjBlZGVhZjRlNWQ0MTFkNTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt1WnTCqGyBe5tn0MirBb2B8/aFL bJWISxMxElrM/tt7ZOqn1d26ogJHnToRsAsH0jVfrksi+trtQTVfTMfqNBTlxpko zPGovepsJn3xNJjoa5GvDNQyMwi+2p6HHfDlV52Yvpir6st+VwRF49J/UuYELA9o Qw7OnCHD23FYLm/XeAXRykzhofsxTg3Bx27uhy50Wv0JdS73+FWIaU3ZF3rUmWE3 6jlOB9NmVrKnrqd8yE6+DZ0ZMxYJk5SRFxgEkrmquozasI19U1f+JEqKH9qOIoAH SbYDTrN3MFwYw3zwEFX6P0OZIRB6P1xLrQ3yIQgzeoRS2SmeGLNB+GTjzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMywnGUs3pP75Cl2IO3q9OXUEdVTMB8GA1UdIwQY MBaAFIZbB8KJ32vJx2LbQym6DOPFKf7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEt MmFmYTMwM2U0OTVkLzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEtMmFmYTMwM2U0OTVk LzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJuAtgYk 8eLRSZ/UvTM92/FtSLUKn1bvIOTgB4i3BWOO71h7ObnDixFjUr4VOEIoKAw/cmex UY6k+UHqZn0oQSjrr/arwvSGw+VzvWgx0FaoSEGaB6hceOl91HuFPm5sew8AouNG AVXn0++29dGYDH31TUw7in3oWaUXmJol0EhLM0ChTkDYBu00z8wjKlQZowbLuFK8 IeGmpkCPxdD1wVfqzh3iVb4qu5NkeRQFbFlA21K0bJG27oROf11ZkCREbRxzCDlZ jH8b7d+RcO3tOQXHsPouylOcXOP2aFjyjPuOpet636F3h+44eb82dfuDYD+AOmV6 t31EoDeZ3wD6tA== -----END CERTIFICATE-----Generated at Mon Dec 22 03:07:08 2025 by rpki-client