This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft File: HPoACq4LHA_NOZiRS7dt_HLoc1g.mft (raw, json) Hash identifier: hLy/vhOdpT6k7MrExCpQA4sriDw1VtQQ5Ame4q31fpM= Subject key identifier: B8:D3:76:B6:53:27:6F:12:D2:11:51:D8:6E:29:93:A5:FD:BE:B8:F0 Authority key identifier: 1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58 Certificate issuer: /CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358 Certificate serial: 019B5A514E73AE5E8481815B2AAF3236293C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft Manifest number: 046E Signing time: Fri 26 Dec 2025 11:00:36 +0000 Manifest this update: Fri 26 Dec 2025 11:00:36 +0000 Manifest next update: Sat 27 Dec 2025 11:00:36 +0000 Files and hashes: 1: HPoACq4LHA_NOZiRS7dt_HLoc1g.crl (hash: bLXm9RorLTpnyyqfXFv2C+mGw2iPE+upPHJ2o9vswYE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:4e:73:ae:5e:84:81:81:5b:2a:af:32:36:29:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cfa000aae0b1c0fcd3998914bb76dfc72e87358 Validity Not Before: Dec 26 11:00:36 2025 GMT Not After : Dec 27 11:00:36 2025 GMT Subject: CN=b8d376b653276f12d21151d86e2993a5fdbeb8f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ba:3c:3a:ab:10:0a:7a:28:c1:50:28:3f:66: f1:5b:9e:90:04:52:25:c8:5b:c0:de:5c:72:99:8f: e7:ad:0c:b6:4f:85:8d:08:89:83:84:bf:5a:c2:1a: b2:c4:a0:e6:eb:a0:3c:f0:f6:1c:f3:40:d7:04:a5: e6:97:88:65:07:8d:cd:c6:24:52:88:36:df:90:6e: 53:e1:59:20:89:78:bc:c5:dd:66:7c:53:2f:1f:ca: 2d:25:d3:2c:2f:42:1d:0a:ac:69:b2:eb:34:bf:b6: 8d:44:bc:bf:44:8e:b3:39:69:a0:d3:24:b1:af:e7: d7:2d:d4:46:95:85:da:e1:60:07:ba:5f:15:ce:a8: c7:5f:e3:07:f4:4d:81:02:0c:d1:dc:85:ba:22:f7: 03:4a:4f:5b:f0:07:fa:d2:a5:e9:cf:66:03:e7:4e: 68:dc:0f:93:3a:59:8c:7c:58:94:5a:52:ad:8d:55: 64:94:da:b2:93:16:05:59:98:cf:df:ea:cf:4e:17: 5c:96:eb:14:70:97:21:1b:b5:e2:e3:0b:1b:07:04: 0b:42:e5:ea:e2:66:35:6d:d4:6a:b5:70:4f:bb:b1: 70:2c:0e:9e:ea:36:bf:5c:55:1a:4f:3c:88:25:67: a2:73:c6:20:c3:30:e5:9e:e9:c1:33:b3:25:00:e5: 84:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:D3:76:B6:53:27:6F:12:D2:11:51:D8:6E:29:93:A5:FD:BE:B8:F0 X509v3 Authority Key Identifier: keyid:1C:FA:00:0A:AE:0B:1C:0F:CD:39:98:91:4B:B7:6D:FC:72:E8:73:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPoACq4LHA_NOZiRS7dt_HLoc1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69b7c4-e423-4bfc-ba4b-8ef709de2d64/1/HPoACq4LHA_NOZiRS7dt_HLoc1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:c6:8b:f6:9a:4e:ca:20:76:76:95:8f:c8:e3:07:b1:18:f4: 21:71:43:f1:cc:df:7a:3a:8e:f2:f0:a8:fb:41:63:4a:c1:0c: 37:c3:1a:9f:e5:39:c1:82:69:49:4a:12:ef:49:78:31:be:51: c2:27:de:3f:ab:78:49:58:c0:49:a9:b6:7b:e0:9d:37:69:89: ac:2c:18:43:77:f6:ed:df:6d:de:27:05:cf:76:61:c0:63:91: 0f:2c:47:1e:fd:29:98:29:01:54:4b:3e:ae:2f:77:ba:95:ca: e4:3d:92:ff:34:cf:ca:99:38:60:4b:c2:5b:62:63:77:ef:ea: 4d:c4:de:06:1e:db:8a:8d:cc:9b:2a:88:6e:d3:4d:73:0d:6d: 19:89:23:dc:86:1d:28:70:64:0b:e2:e5:a5:98:f0:2c:8f:91: 85:25:60:b6:b6:0b:88:67:ef:47:c8:01:88:9b:fd:1b:3c:09: bc:e9:08:09:e9:f7:d3:34:88:77:89:a9:c3:ed:8d:be:a1:71: 74:28:0c:0e:df:5a:de:2a:eb:4c:b7:07:87:48:d6:44:6d:36: 92:38:38:d5:85:19:1b:93:b8:da:4f:4d:fd:1e:68:26:52:2d: 9e:5b:7d:80:f7:21:b5:d7:73:9f:6d:dc:66:36:02:1e:df:a0: 92:b5:b5:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUU5zrl6EgYFbKq8yNik8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjZmEwMDBhYWUwYjFjMGZjZDM5OTg5MTRiYjc2ZGZjNzJl ODczNTgwHhcNMjUxMjI2MTEwMDM2WhcNMjUxMjI3MTEwMDM2WjAzMTEwLwYDVQQD EyhiOGQzNzZiNjUzMjc2ZjEyZDIxMTUxZDg2ZTI5OTNhNWZkYmViOGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7o8OqsQCnoowVAoP2bxW56QBFIl yFvA3lxymY/nrQy2T4WNCImDhL9awhqyxKDm66A88PYc80DXBKXml4hlB43NxiRS iDbfkG5T4VkgiXi8xd1mfFMvH8otJdMsL0IdCqxpsus0v7aNRLy/RI6zOWmg0ySx r+fXLdRGlYXa4WAHul8VzqjHX+MH9E2BAgzR3IW6IvcDSk9b8Af60qXpz2YD505o 3A+TOlmMfFiUWlKtjVVklNqykxYFWZjP3+rPThdclusUcJchG7Xi4wsbBwQLQuXq 4mY1bdRqtXBPu7FwLA6e6ja/XFUaTzyIJWeic8YgwzDlnunBM7MlAOWEgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLjTdrZTJ28S0hFR2G4pk6X9vrjwMB8GA1UdIwQY MBaAFBz6AAquCxwPzTmYkUu3bfxy6HNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGIt OGVmNzA5ZGUyZDY0LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi82OWI3YzQtZTQyMy00YmZjLWJhNGItOGVmNzA5ZGUyZDY0 LzEvSFBvQUNxNExIQV9OT1ppUlM3ZHRfSExvYzFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8aL9ppO yiB2dpWPyOMHsRj0IXFD8czfejqO8vCo+0FjSsEMN8Man+U5wYJpSUoS70l4Mb5R wifeP6t4SVjASam2e+CdN2mJrCwYQ3f27d9t3icFz3ZhwGORDyxHHv0pmCkBVEs+ ri93upXK5D2S/zTPypk4YEvCW2Jjd+/qTcTeBh7bio3MmyqIbtNNcw1tGYkj3IYd KHBkC+LlpZjwLI+RhSVgtrYLiGfvR8gBiJv9GzwJvOkICen30zSId4mpw+2NvqFx dCgMDt9a3irrTLcHh0jWRG02kjg41YUZG5O42k9N/R5oJlItnlt9gPchtddzn23c ZjYCHt+gkrW15Q== -----END CERTIFICATE-----Generated at Fri Dec 26 14:15:45 2025 by rpki-client