This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft File: hvKEMvItcjPdX3Xz07HMCHN4-0g.mft (raw, json) Hash identifier: TJdKVsuDsIlp02wZUfua4Tzh4I+8b6xxDDc51oS7xL4= Subject key identifier: A0:C1:8F:53:DA:90:A8:B7:76:49:5D:37:AA:15:0C:D5:89:A7:DB:E2 Authority key identifier: 86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48 Certificate issuer: /CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48 Certificate serial: 019B593ED35CFF3D10B81E13CC6A95E7522E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft Manifest number: 0143 Signing time: Fri 26 Dec 2025 06:00:48 +0000 Manifest this update: Fri 26 Dec 2025 06:00:48 +0000 Manifest next update: Sat 27 Dec 2025 06:00:48 +0000 Files and hashes: 1: hvKEMvItcjPdX3Xz07HMCHN4-0g.crl (hash: JpPG/pbCEgAEUmm4uIPJMn2lsKdPKxc394rjE+T45jo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:3e:d3:5c:ff:3d:10:b8:1e:13:cc:6a:95:e7:52:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86f28432f22d7233dd5f75f3d3b1cc087378fb48 Validity Not Before: Dec 26 06:00:48 2025 GMT Not After : Dec 27 06:00:48 2025 GMT Subject: CN=a0c18f53da90a8b776495d37aa150cd589a7dbe2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:54:6e:2e:88:a3:85:36:fa:df:b1:6e:34:46: 42:33:4b:01:fa:68:04:1d:30:53:e4:c9:0e:40:8f: 5a:ac:ff:a5:3b:69:a8:a2:91:9d:22:c2:a9:21:43: 83:35:b9:5d:55:18:89:8c:95:59:83:59:53:74:57: fd:54:76:dd:26:99:47:71:38:5e:7d:1f:97:fc:ed: 5b:0c:ca:eb:8f:e0:8e:7a:1d:e0:b5:69:42:eb:2d: d9:07:56:25:5a:eb:81:e8:1d:e9:31:b2:04:2b:58: b5:e6:57:ab:34:b5:45:24:8e:29:13:5b:f7:a7:2c: d2:cf:eb:a4:f4:48:72:3d:9c:6d:9f:4d:55:1e:6d: 43:66:e0:4c:5b:67:bd:a4:c5:13:7e:dd:80:b8:07: 90:6b:30:ed:c6:10:9b:96:aa:82:48:78:1b:f4:2a: 09:89:2f:be:42:ff:f5:00:14:77:9d:7f:78:08:5a: 7f:16:d5:5d:ad:2d:e7:12:93:a4:f6:4a:fe:45:1f: f6:67:59:1d:8e:8e:5d:74:c1:c5:60:f0:15:81:67: 61:c3:54:f2:db:58:d5:54:29:6d:ed:5d:89:0a:d7: a4:4d:8a:c0:db:f4:0d:6b:95:1e:b8:54:44:b2:5c: 7d:a3:42:f1:15:c6:4d:e7:7f:68:54:3a:23:a8:db: 1d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:C1:8F:53:DA:90:A8:B7:76:49:5D:37:AA:15:0C:D5:89:A7:DB:E2 X509v3 Authority Key Identifier: keyid:86:F2:84:32:F2:2D:72:33:DD:5F:75:F3:D3:B1:CC:08:73:78:FB:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hvKEMvItcjPdX3Xz07HMCHN4-0g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/8539cd-80ba-4c66-ba27-fe51a48c6801/1/hvKEMvItcjPdX3Xz07HMCHN4-0g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:a4:01:b5:ec:a3:89:7e:3c:56:f1:2c:33:c4:4b:af:2d:fa: 72:f3:55:ad:b4:19:aa:91:df:c0:4d:b1:b3:08:33:c0:42:17: cb:07:ce:1b:51:20:6c:f7:21:85:f3:2a:2e:cd:65:c4:ae:4e: a2:b2:ac:1a:3b:2f:8c:e7:dd:ce:34:d6:aa:59:db:bb:ed:bc: c2:a0:eb:9f:f8:12:ce:d6:1a:ad:fd:45:fd:2f:e3:a2:48:f1: a2:91:43:92:e7:af:b9:c7:3d:73:6e:d1:2e:ec:44:14:d8:ca: ed:79:c0:a8:bd:4c:6f:e5:f6:e1:29:bb:f1:7a:0d:a5:cf:0d: 99:bf:e2:67:61:dc:7a:62:9c:cc:6f:62:00:74:ff:ec:2d:c3: 6f:39:fc:09:4d:cc:c2:55:b1:bb:b7:62:da:75:f8:9f:37:c9: 1b:4e:d5:06:06:47:a7:c3:cc:b1:f8:3e:3f:d4:83:84:c5:10: 69:5d:55:6c:2a:78:d3:5f:03:25:99:63:f6:74:7b:17:cd:98: 86:87:34:59:00:03:a9:44:2e:d5:4c:6f:b5:13:06:40:45:b2: dc:0b:be:a8:0a:85:7a:d9:88:6d:33:0b:79:a7:d0:89:fa:fe: ee:9f:b9:79:39:64:c6:73:76:3c:04:70:75:1c:ef:9b:99:ca: e5:ed:e1:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZPtNc/z0QuB4TzGqV51IuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZjI4NDMyZjIyZDcyMzNkZDVmNzVmM2QzYjFjYzA4NzM3 OGZiNDgwHhcNMjUxMjI2MDYwMDQ4WhcNMjUxMjI3MDYwMDQ4WjAzMTEwLwYDVQQD EyhhMGMxOGY1M2RhOTBhOGI3NzY0OTVkMzdhYTE1MGNkNTg5YTdkYmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFRuLoijhTb637FuNEZCM0sB+mgE HTBT5MkOQI9arP+lO2moopGdIsKpIUODNbldVRiJjJVZg1lTdFf9VHbdJplHcThe fR+X/O1bDMrrj+COeh3gtWlC6y3ZB1YlWuuB6B3pMbIEK1i15lerNLVFJI4pE1v3 pyzSz+uk9EhyPZxtn01VHm1DZuBMW2e9pMUTft2AuAeQazDtxhCblqqCSHgb9CoJ iS++Qv/1ABR3nX94CFp/FtVdrS3nEpOk9kr+RR/2Z1kdjo5ddMHFYPAVgWdhw1Ty 21jVVClt7V2JCtekTYrA2/QNa5UeuFREslx9o0LxFcZN539oVDojqNsdewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKDBj1PakKi3dkldN6oVDNWJp9viMB8GA1UdIwQY MBaAFIbyhDLyLXIz3V9189OxzAhzePtIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjct ZmU1MWE0OGM2ODAxLzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi84NTM5Y2QtODBiYS00YzY2LWJhMjctZmU1MWE0OGM2ODAx LzEvaHZLRU12SXRjalBkWDNYejA3SE1DSE40LTBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkaQBteyj iX48VvEsM8RLry36cvNVrbQZqpHfwE2xswgzwEIXywfOG1EgbPchhfMqLs1lxK5O orKsGjsvjOfdzjTWqlnbu+28wqDrn/gSztYarf1F/S/jokjxopFDkuevucc9c27R LuxEFNjK7XnAqL1Mb+X24Sm78XoNpc8Nmb/iZ2HcemKczG9iAHT/7C3Dbzn8CU3M wlWxu7di2nX4nzfJG07VBgZHp8PMsfg+P9SDhMUQaV1VbCp4018DJZlj9nR7F82Y hoc0WQADqUQu1UxvtRMGQEWy3Au+qAqFetmIbTMLeafQifr+7p+5eTlkxnN2PARw dRzvm5nK5e3hRQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:15:51 2025 by rpki-client