This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft File: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json) Hash identifier: jhg8zZEhPrjBPiDfbH/mU6qNP7cEib9RsQy7XXfKeM8= Subject key identifier: 50:15:B8:BC:21:3F:26:6B:7F:E0:92:C8:BC:B5:43:A7:69:BB:11:18 Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66 Certificate issuer: /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266 Certificate serial: 019C432270CEDF5F0F28031AAE88CE69A477 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft Manifest number: 120A Signing time: Mon 09 Feb 2026 16:00:56 +0000 Manifest this update: Mon 09 Feb 2026 16:00:56 +0000 Manifest next update: Tue 10 Feb 2026 16:00:56 +0000 Files and hashes: 1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: 1jf0dLVeUSypCg5UA7KODWdr1QBOoxPRGzwYrZGVYVo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:70:ce:df:5f:0f:28:03:1a:ae:88:ce:69:a4:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266 Validity Not Before: Feb 9 16:00:56 2026 GMT Not After : Feb 10 16:00:56 2026 GMT Subject: CN=5015b8bc213f266b7fe092c8bcb543a769bb1118 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2f:b3:cc:8a:0a:fe:e9:5d:02:9c:a5:36:d9: 8d:bb:f3:3a:fb:c5:d5:13:42:70:eb:60:ee:de:83: cc:ee:f7:3b:78:ad:25:35:ca:c3:1d:a8:85:da:ab: b6:bd:a0:5e:96:8b:38:4e:1a:07:57:d1:6d:03:c7: 9b:b3:ce:68:14:c9:40:ce:83:13:21:1a:71:09:ed: ed:36:21:61:a4:0a:88:55:bb:ef:c2:de:b4:f2:d7: 70:74:c6:17:45:3c:43:5d:32:ac:2a:98:df:ba:19: 8e:1a:f7:5e:ed:3b:46:9c:22:7d:23:80:b8:38:43: f0:cd:61:41:06:09:6b:7f:01:63:61:3d:c3:49:17: 05:49:7c:13:46:ae:ed:01:f0:fe:e9:d7:81:17:54: 16:79:83:49:54:cb:79:ae:04:b1:0d:55:30:60:02: 64:0d:f6:95:7e:58:84:97:09:e9:b4:c9:c8:84:5b: a0:54:fc:50:88:7a:da:36:e3:c2:eb:7a:d6:cd:63: 1e:8f:9c:e5:15:86:8b:0c:2b:eb:33:50:4d:32:c2: f1:2b:2f:cf:b0:79:86:96:d2:8e:04:41:a9:6b:7c: 33:70:96:ff:00:1b:aa:88:1e:57:bf:3a:8a:cf:45: 43:78:d7:a3:f2:8e:49:b3:31:60:bf:d1:67:11:58: d4:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:15:B8:BC:21:3F:26:6B:7F:E0:92:C8:BC:B5:43:A7:69:BB:11:18 X509v3 Authority Key Identifier: keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:ca:eb:c8:29:9b:c9:32:2d:8f:85:77:a3:3e:60:a1:8b:91: bc:d4:e1:ae:fb:99:b9:32:c1:a4:98:e5:59:5a:96:bd:93:df: 35:0b:4c:e9:58:ea:06:10:fb:f6:e2:9c:3d:a9:57:91:f5:1b: ab:17:e6:a4:56:ba:da:97:d9:92:00:c6:c8:15:c8:5d:e0:4a: 96:a7:26:bb:a3:0b:8b:79:5e:9a:7e:ff:99:4b:7f:df:3d:31: b2:f3:e5:11:64:9f:27:15:6f:71:81:61:d8:9f:8c:ef:5d:55: 08:c9:d8:86:2f:51:02:41:50:50:cb:ac:12:95:5e:8b:89:77: 12:7d:c6:5d:2f:3f:86:8c:5b:1d:8a:89:a8:97:48:68:a4:e2: e1:4b:a3:b3:25:cb:a0:92:9b:22:60:7d:85:46:c8:1a:09:ea: 86:ad:2f:41:f4:45:a6:df:c5:4c:3b:f5:9b:ea:b8:c0:b2:2f: 18:6d:bb:5e:f7:bc:01:98:00:ce:a3:9f:4a:77:72:0e:00:1f: 5d:89:5a:d6:23:37:39:3b:8f:89:93:a1:55:4f:c1:d5:7b:fc: 5b:52:96:15:46:52:7a:07:8a:a4:65:49:9e:1a:16:63:02:f5: ff:e4:38:17:60:9b:82:d8:eb:13:11:80:95:15:a5:aa:a2:ac: 12:38:93:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDInDO318PKAMarojOaaR3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3 MGIyNjYwHhcNMjYwMjA5MTYwMDU2WhcNMjYwMjEwMTYwMDU2WjAzMTEwLwYDVQQD Eyg1MDE1YjhiYzIxM2YyNjZiN2ZlMDkyYzhiY2I1NDNhNzY5YmIxMTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy+zzIoK/uldApylNtmNu/M6+8XV E0Jw62Du3oPM7vc7eK0lNcrDHaiF2qu2vaBelos4ThoHV9FtA8ebs85oFMlAzoMT IRpxCe3tNiFhpAqIVbvvwt608tdwdMYXRTxDXTKsKpjfuhmOGvde7TtGnCJ9I4C4 OEPwzWFBBglrfwFjYT3DSRcFSXwTRq7tAfD+6deBF1QWeYNJVMt5rgSxDVUwYAJk DfaVfliElwnptMnIhFugVPxQiHraNuPC63rWzWMej5zlFYaLDCvrM1BNMsLxKy/P sHmGltKOBEGpa3wzcJb/ABuqiB5XvzqKz0VDeNej8o5JszFgv9FnEVjUuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFAVuLwhPyZrf+CSyLy1Q6dpuxEYMB8GA1UdIwQY MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3 LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa8rryCmb yTItj4V3oz5goYuRvNThrvuZuTLBpJjlWVqWvZPfNQtM6VjqBhD79uKcPalXkfUb qxfmpFa62pfZkgDGyBXIXeBKlqcmu6MLi3lemn7/mUt/3z0xsvPlEWSfJxVvcYFh 2J+M711VCMnYhi9RAkFQUMusEpVei4l3En3GXS8/hoxbHYqJqJdIaKTi4UujsyXL oJKbImB9hUbIGgnqhq0vQfRFpt/FTDv1m+q4wLIvGG27Xve8AZgAzqOfSndyDgAf XYla1iM3OTuPiZOhVU/B1Xv8W1KWFUZSegeKpGVJnhoWYwL1/+Q4F2CbgtjrExGA lRWlqqKsEjiTyA== -----END CERTIFICATE-----Generated at Mon Feb 9 18:32:57 2026 by rpki-client