This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft File: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft (raw, json) Hash identifier: n0W3A+0iNZtzWjh/Ewoejxqf5mHIZZ7jUAsfRKbfu9k= Subject key identifier: A7:F5:F2:94:8B:BC:52:11:05:59:7D:E1:A8:63:5D:77:B7:6F:85:35 Authority key identifier: 1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74 Certificate issuer: /CN=1c1c754b7a5b541892540d24ab98d31537974574 Certificate serial: 019B337B5A7862DCA5014201615F7213005E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft Manifest number: 1784 Signing time: Thu 18 Dec 2025 22:01:20 +0000 Manifest this update: Thu 18 Dec 2025 22:01:20 +0000 Manifest next update: Fri 19 Dec 2025 22:01:20 +0000 Files and hashes: 1: HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl (hash: XE8oDZppwI1mA8vF7M8x1kmfwXS+vpJhHPEXDdjxYX8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:5a:78:62:dc:a5:01:42:01:61:5f:72:13:00:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c1c754b7a5b541892540d24ab98d31537974574 Validity Not Before: Dec 18 22:01:20 2025 GMT Not After : Dec 19 22:01:20 2025 GMT Subject: CN=a7f5f2948bbc521105597de1a8635d77b76f8535 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:c0:d8:b7:a7:04:94:c9:b1:91:1a:89:d6:6d: 4a:0e:24:af:ae:45:b3:a9:25:72:fe:68:09:c8:bd: 62:e0:b3:02:48:f1:10:ca:a5:8a:8b:80:44:da:1b: d6:b8:90:49:70:91:d6:a0:6e:89:9c:4c:bb:c6:4b: 03:2e:69:52:35:c3:9e:b7:23:d8:3c:73:e4:be:e9: 65:e7:51:c7:88:44:31:7f:25:5c:68:df:9a:0b:7d: dd:fd:cb:66:55:9e:d4:c2:9d:c3:60:10:64:e8:ee: 6e:75:bc:50:31:9b:ff:06:02:e1:aa:5c:8a:1b:d5: b9:09:95:99:16:b7:2d:1c:1b:ed:d7:32:dd:3c:eb: cf:0f:a1:d2:15:b3:fe:4b:7a:16:e3:ff:74:11:ff: e4:e8:92:8d:1f:c4:fa:58:ce:73:be:43:d5:cb:48: e9:37:31:63:be:35:23:72:af:5e:98:92:5e:14:60: dc:85:e7:e6:a4:67:d2:b6:a7:4c:55:a5:7b:39:e6: 41:24:a6:e2:af:62:cf:ed:3c:3b:d7:49:50:74:a4: 8c:85:34:f0:a1:73:15:a4:13:c6:4a:38:b7:e2:e1: ea:dd:3f:7b:48:cb:d2:23:1a:f0:86:82:c1:11:bf: 31:3b:99:6f:57:33:22:df:7a:92:c7:55:52:34:e5: 5f:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:F5:F2:94:8B:BC:52:11:05:59:7D:E1:A8:63:5D:77:B7:6F:85:35 X509v3 Authority Key Identifier: keyid:1C:1C:75:4B:7A:5B:54:18:92:54:0D:24:AB:98:D3:15:37:97:45:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/36c808-dd87-48f8-97e0-aa0f35824a27/1/HBx1S3pbVBiSVA0kq5jTFTeXRXQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:a4:6b:e2:39:e1:88:af:32:18:ef:6b:7b:ad:5b:3e:2b:3d: 48:89:bc:c8:99:de:9f:fd:4d:b5:1d:bb:d9:41:54:2e:34:8f: 2e:cf:d9:3d:2b:9f:64:00:c6:e8:29:c4:1d:05:ed:c9:db:57: ec:6b:e2:71:02:8b:18:fd:2d:f8:f9:5f:74:86:ed:72:df:62: 08:32:04:32:dc:53:7d:d9:6c:45:07:fc:05:80:f9:d4:02:a0: ff:78:23:cd:36:a6:43:7f:61:8b:e6:33:ca:67:cf:eb:70:13: 56:af:b4:73:b5:9c:ef:d5:27:37:ca:dd:bf:a8:52:61:bc:63: e4:44:5a:a8:b2:a7:5e:4b:37:64:a0:63:55:2e:31:57:ba:ff: 41:14:f9:0e:8e:4b:49:22:da:4f:f7:68:74:ae:4e:5a:c7:de: 35:0d:5f:1e:42:79:05:28:0c:e4:a5:13:17:98:37:51:34:e0: 62:6a:39:cb:1f:93:5d:b8:4a:07:34:79:cf:fd:3e:4b:cc:b6: 63:e3:13:37:41:38:0d:36:91:77:f1:6d:4b:64:87:c5:f3:d8: f6:02:bc:42:42:c9:21:a9:d6:94:be:2a:66:c9:d7:53:e4:8c: 01:f5:9b:7f:c3:cc:ef:f9:cd:64:9a:24:19:7a:5e:29:cf:56: 74:4d:6b:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsze1p4YtylAUIBYV9yEwBeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMWM3NTRiN2E1YjU0MTg5MjU0MGQyNGFiOThkMzE1Mzc5 NzQ1NzQwHhcNMjUxMjE4MjIwMTIwWhcNMjUxMjE5MjIwMTIwWjAzMTEwLwYDVQQD EyhhN2Y1ZjI5NDhiYmM1MjExMDU1OTdkZTFhODYzNWQ3N2I3NmY4NTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsDYt6cElMmxkRqJ1m1KDiSvrkWz qSVy/mgJyL1i4LMCSPEQyqWKi4BE2hvWuJBJcJHWoG6JnEy7xksDLmlSNcOetyPY PHPkvull51HHiEQxfyVcaN+aC33d/ctmVZ7Uwp3DYBBk6O5udbxQMZv/BgLhqlyK G9W5CZWZFrctHBvt1zLdPOvPD6HSFbP+S3oW4/90Ef/k6JKNH8T6WM5zvkPVy0jp NzFjvjUjcq9emJJeFGDchefmpGfStqdMVaV7OeZBJKbir2LP7Tw710lQdKSMhTTw oXMVpBPGSji34uHq3T97SMvSIxrwhoLBEb8xO5lvVzMi33qSx1VSNOVf2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKf18pSLvFIRBVl94ahjXXe3b4U1MB8GA1UdIwQY MBaAFBwcdUt6W1QYklQNJKuY0xU3l0V0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAt YWEwZjM1ODI0YTI3LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS8zNmM4MDgtZGQ4Ny00OGY4LTk3ZTAtYWEwZjM1ODI0YTI3 LzEvSEJ4MVMzcGJWQmlTVkEwa3E1alRGVGVYUlhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKRr4jnh iK8yGO9re61bPis9SIm8yJnen/1NtR272UFULjSPLs/ZPSufZADG6CnEHQXtydtX 7GvicQKLGP0t+PlfdIbtct9iCDIEMtxTfdlsRQf8BYD51AKg/3gjzTamQ39hi+Yz ymfP63ATVq+0c7Wc79UnN8rdv6hSYbxj5ERaqLKnXks3ZKBjVS4xV7r/QRT5Do5L SSLaT/dodK5OWsfeNQ1fHkJ5BSgM5KUTF5g3UTTgYmo5yx+TXbhKBzR5z/0+S8y2 Y+MTN0E4DTaRd/FtS2SHxfPY9gK8QkLJIanWlL4qZsnXU+SMAfWbf8PM7/nNZJok GXpeKc9WdE1rtg== -----END CERTIFICATE-----Generated at Fri Dec 19 03:48:47 2025 by rpki-client