This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft File: r_HNv5fWyiB-XciFq8_2ccwVyRA.mft (raw, json) Hash identifier: HNzyGSl1KUPcY6t5WkCmduM+In3bz1os7RhBTvJYhoc= Subject key identifier: FB:98:D7:C6:1F:46:22:06:0E:31:88:AD:62:9F:2C:AA:41:EA:F2:4B Authority key identifier: AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10 Certificate issuer: /CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910 Certificate serial: 019B217571E828FFE429D388F09506675D5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft Manifest number: 0C6F Signing time: Mon 15 Dec 2025 10:01:43 +0000 Manifest this update: Mon 15 Dec 2025 10:01:43 +0000 Manifest next update: Tue 16 Dec 2025 10:01:43 +0000 Files and hashes: 1: r_HNv5fWyiB-XciFq8_2ccwVyRA.crl (hash: F+IGPWspO8RJ8kbGcNfwjSP5AcNzuA/Bu01r3dgtvQE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:71:e8:28:ff:e4:29:d3:88:f0:95:06:67:5d:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910 Validity Not Before: Dec 15 10:01:43 2025 GMT Not After : Dec 16 10:01:43 2025 GMT Subject: CN=fb98d7c61f4622060e3188ad629f2caa41eaf24b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:ed:c6:94:56:bb:2a:bb:fa:ee:ae:d5:ee:79: 14:76:3f:cb:38:d5:04:e7:fe:be:f6:6a:25:0f:0d: 76:ea:b9:3b:5c:40:84:ed:1b:11:91:56:24:8f:68: 70:78:2f:c9:eb:c8:df:f1:4c:1e:e6:fc:e5:19:5d: cb:15:53:4d:a3:6b:1b:5b:3c:af:bc:79:36:81:c1: dd:f5:21:f4:a4:2c:0e:cc:93:e4:57:d5:60:58:db: a4:a4:ff:43:e5:d8:78:0d:8b:4a:0c:b1:d8:df:8b: d4:1b:6a:1d:c0:07:82:a8:ee:e6:3b:43:01:4b:27: d6:27:da:8f:3f:be:88:57:80:2d:90:d1:28:26:dc: ee:81:79:4c:33:64:0f:7a:b4:b3:12:70:1a:09:82: d1:f0:c9:b7:b5:ca:8c:d7:78:25:d2:60:53:87:83: a3:73:a1:fb:cb:7b:39:91:f8:a1:19:86:6b:c5:4d: 97:af:bb:b0:bd:7e:73:cd:d8:6b:16:c5:87:74:e5: 13:69:5a:32:03:c6:60:ee:9b:12:b5:23:7f:cf:39: 8b:d6:0c:c9:2d:24:b6:0e:48:89:e9:8b:5e:30:2e: de:c6:18:dd:c3:97:50:2f:40:b6:1f:12:d4:cf:b2: ed:19:03:0e:77:43:34:c1:be:26:7e:d2:ce:77:fb: d7:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:98:D7:C6:1F:46:22:06:0E:31:88:AD:62:9F:2C:AA:41:EA:F2:4B X509v3 Authority Key Identifier: keyid:AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:db:d7:03:9d:5b:a7:ac:e9:76:64:b4:be:da:8d:17:e0:11: 9a:e7:88:e4:5e:db:ba:2e:ad:7a:22:26:65:08:50:6e:34:89: 35:60:ac:54:49:fa:71:9d:6c:fb:b1:60:f5:01:c0:70:ea:04: cd:cd:7b:d7:be:ca:88:c5:d4:4e:75:ab:c9:e4:be:ae:41:41: 20:89:de:c4:f1:6c:8b:0b:7f:fc:e3:af:61:d5:c8:54:25:c9: bf:ef:eb:7e:6f:b0:55:b4:39:7b:15:c5:37:c2:14:74:b4:67: 32:f2:35:4a:b6:18:ed:7d:fc:48:37:19:3d:18:39:2c:9c:82: 86:41:e6:f4:0a:a9:f9:d4:74:0d:33:08:40:ae:a3:c4:4b:8a: 1a:85:41:59:21:a0:8b:ca:6c:7c:f6:86:59:a6:0b:29:32:8d: cb:e4:d9:a3:49:b6:a9:c5:c7:65:f4:3b:a3:82:ea:00:f3:99: 7a:2f:f7:ae:cd:e3:9c:0f:18:17:e5:01:b2:a8:72:a5:af:42: 0a:77:f0:ec:22:1f:85:6f:16:49:e8:92:5b:4c:c5:b5:c8:4f: c3:03:a0:3d:40:22:3d:32:70:91:20:fd:fd:36:3a:96:39:e4: c7:95:f8:63:73:96:e2:e1:59:a1:6b:cc:55:e3:e2:e3:ce:df: c0:cf:dc:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdXHoKP/kKdOI8JUGZ11aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZjFjZGJmOTdkNmNhMjA3ZTVkYzg4NWFiY2ZmNjcxY2Mx NWM5MTAwHhcNMjUxMjE1MTAwMTQzWhcNMjUxMjE2MTAwMTQzWjAzMTEwLwYDVQQD EyhmYjk4ZDdjNjFmNDYyMjA2MGUzMTg4YWQ2MjlmMmNhYTQxZWFmMjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9e3GlFa7Krv67q7V7nkUdj/LONUE 5/6+9molDw126rk7XECE7RsRkVYkj2hweC/J68jf8Uwe5vzlGV3LFVNNo2sbWzyv vHk2gcHd9SH0pCwOzJPkV9VgWNukpP9D5dh4DYtKDLHY34vUG2odwAeCqO7mO0MB SyfWJ9qPP76IV4AtkNEoJtzugXlMM2QPerSzEnAaCYLR8Mm3tcqM13gl0mBTh4Oj c6H7y3s5kfihGYZrxU2Xr7uwvX5zzdhrFsWHdOUTaVoyA8Zg7psStSN/zzmL1gzJ LSS2DkiJ6YteMC7exhjdw5dQL0C2HxLUz7LtGQMOd0M0wb4mftLOd/vXJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPuY18YfRiIGDjGIrWKfLKpB6vJLMB8GA1UdIwQY MBaAFK/xzb+X1sogfl3IhavP9nHMFckQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEt YWY4Yzc1YTkzY2QxLzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEtYWY4Yzc1YTkzY2Qx LzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9vXA51b p6zpdmS0vtqNF+ARmueI5F7bui6teiImZQhQbjSJNWCsVEn6cZ1s+7Fg9QHAcOoE zc17177KiMXUTnWryeS+rkFBIInexPFsiwt//OOvYdXIVCXJv+/rfm+wVbQ5exXF N8IUdLRnMvI1SrYY7X38SDcZPRg5LJyChkHm9Aqp+dR0DTMIQK6jxEuKGoVBWSGg i8psfPaGWaYLKTKNy+TZo0m2qcXHZfQ7o4LqAPOZei/3rs3jnA8YF+UBsqhypa9C Cnfw7CIfhW8WSeiSW0zFtchPwwOgPUAiPTJwkSD9/TY6ljnkx5X4Y3OW4uFZoWvM VePi487fwM/c+A== -----END CERTIFICATE-----Generated at Mon Dec 15 13:28:56 2025 by rpki-client