This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft File: HVdIhaDItCBcPfLR_Nc0h33hBdk.mft (raw, json) Hash identifier: FCZHShVzt2ppHOGQqVRI6VfQFnpF4om/lORyyhQrYUU= Subject key identifier: F6:C4:AA:CD:40:73:65:98:D5:FE:F8:AC:17:96:88:5E:10:3D:40:33 Authority key identifier: 1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9 Certificate issuer: /CN=1d574885a0c8b4205c3df2d1fcd734877de105d9 Certificate serial: 019B59E39C9EDE1C5742E45F51DE67765F96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft Manifest number: 0368 Signing time: Fri 26 Dec 2025 09:00:47 +0000 Manifest this update: Fri 26 Dec 2025 09:00:47 +0000 Manifest next update: Sat 27 Dec 2025 09:00:47 +0000 Files and hashes: 1: HVdIhaDItCBcPfLR_Nc0h33hBdk.crl (hash: rNOHqMBk1hGrvyvIG1fxBe3bRCT0XKObt4MrwHGrU1Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:9c:9e:de:1c:57:42:e4:5f:51:de:67:76:5f:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d574885a0c8b4205c3df2d1fcd734877de105d9 Validity Not Before: Dec 26 09:00:47 2025 GMT Not After : Dec 27 09:00:47 2025 GMT Subject: CN=f6c4aacd40736598d5fef8ac1796885e103d4033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:03:7e:b5:cb:20:48:a0:71:e7:bb:e2:9c:14: be:cf:20:47:7c:80:46:97:bb:d5:1f:a8:50:de:fd: 8a:69:fb:2b:8f:40:75:5c:80:19:24:7e:31:09:7c: 2d:13:95:b8:be:28:b7:35:29:a2:9a:55:b9:d5:d8: e8:dd:33:ca:55:28:d2:98:b0:a4:1b:02:f7:71:e1: 53:c7:9b:32:b1:5f:7e:8c:16:d4:3a:47:36:26:ec: b2:91:b9:d6:ec:80:c0:b9:7a:3f:39:b7:1d:b5:4d: b5:44:bc:60:17:5f:d0:8d:9a:85:cf:41:99:75:78: 08:2c:5e:a2:1c:b5:16:ab:41:fa:9f:55:33:6a:b8: a1:b8:48:4d:4b:8d:58:05:e2:82:ad:ea:b2:b2:df: d6:61:46:7d:de:20:e1:0a:72:cf:00:b6:fa:74:d2: 2e:83:f6:f2:6b:0b:15:15:8b:5b:07:46:0e:3c:c9: ff:f0:1b:83:af:4a:03:95:f2:eb:d3:7c:eb:fa:4c: f3:79:3a:50:d9:a4:f8:f2:44:06:0a:e8:e1:3b:7e: 93:41:d4:01:6c:0c:f9:f8:16:32:16:0e:61:91:d7: 5a:7a:b6:1e:4c:7c:32:af:19:d0:00:2d:85:7f:35: 64:b5:f9:1f:1e:cc:b0:67:39:b3:dc:38:73:2c:db: 2d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C4:AA:CD:40:73:65:98:D5:FE:F8:AC:17:96:88:5E:10:3D:40:33 X509v3 Authority Key Identifier: keyid:1D:57:48:85:A0:C8:B4:20:5C:3D:F2:D1:FC:D7:34:87:7D:E1:05:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVdIhaDItCBcPfLR_Nc0h33hBdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/697df7-b19b-46f1-8e43-9198ca2ac766/1/HVdIhaDItCBcPfLR_Nc0h33hBdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:06:a1:5c:fc:b2:91:7f:8f:12:6d:8a:28:64:0b:26:2b:d9: b7:51:7c:69:90:1a:b4:c1:19:e2:86:95:b2:6a:9d:d1:39:61: f4:86:97:e0:f8:f3:6b:ed:3c:6e:1d:5d:f1:6a:7e:cd:2b:65: ce:92:12:5f:4d:c2:25:f5:4c:ac:b9:8f:cf:9c:cc:32:c9:99: e7:bd:dd:10:de:6f:d0:62:6b:b4:25:62:de:37:93:a1:3e:bc: ff:3d:93:c6:6c:2e:3a:2c:d8:9b:01:a6:9d:37:56:e2:dd:6d: e0:1b:4f:03:5e:c2:3b:19:13:9c:57:41:0c:30:22:2e:e2:1a: 4a:7b:18:6f:46:23:47:9b:55:f7:46:b8:19:78:7b:76:64:fb: b9:05:1c:58:19:58:f5:be:dd:d1:11:5e:e1:7f:ff:df:3b:02: f9:e3:cc:6d:b8:f1:da:9c:e7:83:83:bc:06:41:9c:4d:01:5c: 66:79:20:a5:44:af:63:83:44:ac:28:c7:7f:2c:38:13:d3:98: 77:55:1f:af:a5:b1:a3:21:b1:f6:22:3f:49:cc:96:aa:66:d6: f4:71:3b:89:1f:b6:20:7f:f3:47:f0:7f:5c:ed:10:f6:53:1b: db:9f:4e:66:43:93:87:1c:1d:9c:9b:23:43:71:19:32:01:46: 6e:95:3e:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ45ye3hxXQuRfUd5ndl+WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkNTc0ODg1YTBjOGI0MjA1YzNkZjJkMWZjZDczNDg3N2Rl MTA1ZDkwHhcNMjUxMjI2MDkwMDQ3WhcNMjUxMjI3MDkwMDQ3WjAzMTEwLwYDVQQD EyhmNmM0YWFjZDQwNzM2NTk4ZDVmZWY4YWMxNzk2ODg1ZTEwM2Q0MDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwN+tcsgSKBx57vinBS+zyBHfIBG l7vVH6hQ3v2Kafsrj0B1XIAZJH4xCXwtE5W4vii3NSmimlW51djo3TPKVSjSmLCk GwL3ceFTx5sysV9+jBbUOkc2JuyykbnW7IDAuXo/ObcdtU21RLxgF1/QjZqFz0GZ dXgILF6iHLUWq0H6n1UzarihuEhNS41YBeKCreqyst/WYUZ93iDhCnLPALb6dNIu g/byawsVFYtbB0YOPMn/8BuDr0oDlfLr03zr+kzzeTpQ2aT48kQGCujhO36TQdQB bAz5+BYyFg5hkddaerYeTHwyrxnQAC2FfzVktfkfHsywZzmz3DhzLNstVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPbEqs1Ac2WY1f74rBeWiF4QPUAzMB8GA1UdIwQY MBaAFB1XSIWgyLQgXD3y0fzXNId94QXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMt OTE5OGNhMmFjNzY2LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC82OTdkZjctYjE5Yi00NmYxLThlNDMtOTE5OGNhMmFjNzY2 LzEvSFZkSWhhREl0Q0JjUGZMUl9OYzBoMzNoQmRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAahXPyy kX+PEm2KKGQLJivZt1F8aZAatMEZ4oaVsmqd0Tlh9IaX4Pjza+08bh1d8Wp+zStl zpISX03CJfVMrLmPz5zMMsmZ573dEN5v0GJrtCVi3jeToT68/z2TxmwuOizYmwGm nTdW4t1t4BtPA17COxkTnFdBDDAiLuIaSnsYb0YjR5tV90a4GXh7dmT7uQUcWBlY 9b7d0RFe4X//3zsC+ePMbbjx2pzng4O8BkGcTQFcZnkgpUSvY4NErCjHfyw4E9OY d1Ufr6WxoyGx9iI/ScyWqmbW9HE7iR+2IH/zR/B/XO0Q9lMb259OZkOThxwdnJsj Q3EZMgFGbpU+Kw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:02 2025 by rpki-client