This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft File: HLjjf1E93Cn_15HDjJZjI2nKVFE.mft (raw, json) Hash identifier: G55p9BA3J8p0TVRePEdriuEzGxVdaCa59KHPa2Pd/x4= Subject key identifier: 10:88:6D:14:2A:0B:D2:90:FC:AD:80:0F:BD:98:3D:30:8A:A3:D7:1E Authority key identifier: 1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51 Certificate issuer: /CN=1cb8e37f513ddc29ffd791c38c96632369ca5451 Certificate serial: 019B59773BA2A296C7AE1FA5B2D4FFDCD651 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft Manifest number: 1344 Signing time: Fri 26 Dec 2025 07:02:24 +0000 Manifest this update: Fri 26 Dec 2025 07:02:24 +0000 Manifest next update: Sat 27 Dec 2025 07:02:24 +0000 Files and hashes: 1: HLjjf1E93Cn_15HDjJZjI2nKVFE.crl (hash: dwJs8sFG1K1ozTsIceAyZl51itgQ5Rwiq3be6ZXhoVE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 07:02:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:3b:a2:a2:96:c7:ae:1f:a5:b2:d4:ff:dc:d6:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cb8e37f513ddc29ffd791c38c96632369ca5451 Validity Not Before: Dec 26 07:02:24 2025 GMT Not After : Dec 27 07:02:24 2025 GMT Subject: CN=10886d142a0bd290fcad800fbd983d308aa3d71e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:3d:93:ff:8a:cc:37:a7:2f:26:fc:9f:f1:99: 22:71:b8:56:f8:a8:cf:1a:75:a4:7c:20:a9:c3:54: bc:e0:2f:08:76:4d:ff:07:90:3b:4d:cc:08:d7:41: 02:20:dc:39:5d:15:8d:c9:2a:de:47:c9:ce:45:0a: 80:a3:77:59:11:b4:2a:64:bb:d7:59:17:57:5c:d2: dc:bc:78:64:f5:37:b3:44:c1:ee:c4:e3:5a:fa:e5: 90:88:bf:9b:a4:db:28:84:94:7c:70:2a:f1:d9:33: fd:25:2a:1e:85:5c:55:26:2a:df:55:88:fb:0b:a8: af:3c:fb:0d:fe:fc:e6:fb:6d:76:d5:d0:f2:c2:b9: 10:7d:2a:01:0d:81:ee:47:8f:04:33:45:f7:dc:41: 0a:70:3e:ab:2b:38:16:1a:2d:14:fc:e1:4a:7b:77: 54:f0:e0:65:22:73:53:bb:fa:48:ed:54:63:09:83: 0d:1c:83:a9:98:b9:9b:e2:e9:b6:21:73:fe:1c:60: dd:33:be:18:7c:d2:cf:d9:7b:5d:a2:48:b1:0b:e0: b5:2b:95:4b:56:45:53:94:2d:cc:11:a9:49:d4:2e: 07:6f:87:7a:e0:45:84:2a:1e:05:2c:66:3b:c6:3b: 3e:6e:af:d5:95:35:37:8d:6c:17:53:f3:92:b9:1e: 3e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:88:6D:14:2A:0B:D2:90:FC:AD:80:0F:BD:98:3D:30:8A:A3:D7:1E X509v3 Authority Key Identifier: keyid:1C:B8:E3:7F:51:3D:DC:29:FF:D7:91:C3:8C:96:63:23:69:CA:54:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HLjjf1E93Cn_15HDjJZjI2nKVFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bddfd6-76db-4331-afd3-e1cdb24c180b/1/HLjjf1E93Cn_15HDjJZjI2nKVFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:c1:3e:ab:09:dc:0d:b5:17:f2:10:e8:9c:07:f6:42:b2:9e: e1:56:93:37:11:5d:7c:5a:ea:33:1c:dc:6e:85:42:a8:40:68: 86:27:d2:64:df:a8:24:9b:fd:3f:92:99:75:64:4e:37:4c:ce: 80:ae:2c:7f:95:1d:d8:81:f3:0f:c2:10:01:e1:96:e2:58:30: 4b:ec:47:2d:b8:e0:30:1f:eb:c0:7a:10:f4:0c:3e:24:3e:29: 2f:f7:18:52:70:f4:66:fe:44:8e:04:bc:f9:ed:6f:97:af:e6: f0:25:31:f2:0e:f2:6b:32:1e:3a:43:57:b7:f0:5d:ed:be:45: 58:13:de:44:7b:67:d6:f3:7e:21:5a:37:bc:0f:47:3a:35:e8: 8a:ec:40:59:00:f9:34:da:b9:d5:3a:aa:5f:97:44:10:9e:41: ab:1c:f8:01:72:4f:50:a8:06:cd:ec:69:c5:f7:8c:16:5b:8d: 73:97:9d:81:f9:9a:85:0a:65:2e:30:d3:51:aa:b3:ac:10:35: c7:60:ab:5d:2d:9a:4b:9f:37:24:c4:89:72:31:95:d0:71:8c: 8b:9e:4a:f6:24:6a:8f:15:19:a6:e3:b7:e6:de:53:df:94:4d: 82:a1:ae:1e:18:8f:be:64:5f:3f:cb:76:48:e1:54:29:25:26: 9d:d9:d2:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdzuiopbHrh+lstT/3NZRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYjhlMzdmNTEzZGRjMjlmZmQ3OTFjMzhjOTY2MzIzNjlj YTU0NTEwHhcNMjUxMjI2MDcwMjI0WhcNMjUxMjI3MDcwMjI0WjAzMTEwLwYDVQQD EygxMDg4NmQxNDJhMGJkMjkwZmNhZDgwMGZiZDk4M2QzMDhhYTNkNzFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz2T/4rMN6cvJvyf8ZkicbhW+KjP GnWkfCCpw1S84C8Idk3/B5A7TcwI10ECINw5XRWNySreR8nORQqAo3dZEbQqZLvX WRdXXNLcvHhk9TezRMHuxONa+uWQiL+bpNsohJR8cCrx2TP9JSoehVxVJirfVYj7 C6ivPPsN/vzm+2121dDywrkQfSoBDYHuR48EM0X33EEKcD6rKzgWGi0U/OFKe3dU 8OBlInNTu/pI7VRjCYMNHIOpmLmb4um2IXP+HGDdM74YfNLP2XtdokixC+C1K5VL VkVTlC3MEalJ1C4Hb4d64EWEKh4FLGY7xjs+bq/VlTU3jWwXU/OSuR4+vwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBCIbRQqC9KQ/K2AD72YPTCKo9ceMB8GA1UdIwQY MBaAFBy4439RPdwp/9eRw4yWYyNpylRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMt ZTFjZGIyNGMxODBiLzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9iZGRmZDYtNzZkYi00MzMxLWFmZDMtZTFjZGIyNGMxODBi LzEvSExqamYxRTkzQ25fMTVIRGpKWmpJMm5LVkZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwME+qwnc DbUX8hDonAf2QrKe4VaTNxFdfFrqMxzcboVCqEBohifSZN+oJJv9P5KZdWRON0zO gK4sf5Ud2IHzD8IQAeGW4lgwS+xHLbjgMB/rwHoQ9Aw+JD4pL/cYUnD0Zv5EjgS8 +e1vl6/m8CUx8g7yazIeOkNXt/Bd7b5FWBPeRHtn1vN+IVo3vA9HOjXoiuxAWQD5 NNq51TqqX5dEEJ5Bqxz4AXJPUKgGzexpxfeMFluNc5edgfmahQplLjDTUaqzrBA1 x2CrXS2aS583JMSJcjGV0HGMi55K9iRqjxUZpuO35t5T35RNgqGuHhiPvmRfP8t2 SOFUKSUmndnS/g== -----END CERTIFICATE-----Generated at Fri Dec 26 16:05:54 2025 by rpki-client