This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft File: HMIQHIyT1FjSXDElyMm8ya8TKHE.mft (raw, json) Hash identifier: lkdChBlqSg8nFTKf8OlqY3Qj7vszlXkMFSdYd2YdZBM= Subject key identifier: 2A:21:5F:E2:EA:08:68:9A:51:03:56:C4:74:3D:F5:3F:AB:FD:BD:C9 Authority key identifier: 1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71 Certificate issuer: /CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871 Certificate serial: 019B3C7EBD1BD369CF7013C1C464F0CE5F18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft Manifest number: 05BC Signing time: Sat 20 Dec 2025 16:01:37 +0000 Manifest this update: Sat 20 Dec 2025 16:01:37 +0000 Manifest next update: Sun 21 Dec 2025 16:01:37 +0000 Files and hashes: 1: HMIQHIyT1FjSXDElyMm8ya8TKHE.crl (hash: ux6A/rfhoawstDeSyUBPa3NgD3drRJS2IPrRPobSKK8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 16:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:bd:1b:d3:69:cf:70:13:c1:c4:64:f0:ce:5f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cc2101c8c93d458d25c3125c8c9bcc9af132871 Validity Not Before: Dec 20 16:01:37 2025 GMT Not After : Dec 21 16:01:37 2025 GMT Subject: CN=2a215fe2ea08689a510356c4743df53fabfdbdc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:46:bb:b6:09:6c:96:e8:57:36:1b:0c:31:c6: c6:92:bc:bc:6f:9e:22:89:72:b2:dc:b3:7b:05:2a: b3:48:cd:49:d1:31:c9:81:94:c4:29:77:d9:1c:4e: b9:8a:7d:a7:8a:23:46:9b:a6:52:cc:54:9f:f2:b9: e8:f3:37:3c:d8:5d:ba:2a:c9:2b:da:06:c3:4e:9f: 3e:0a:ff:2c:a8:86:96:35:6a:67:a4:cb:7e:4d:da: 21:f3:52:ff:3e:35:96:c5:6e:c4:fe:25:f7:b6:70: 20:c0:92:4a:38:58:5a:7c:0e:18:d9:e7:18:e3:77: 29:cb:2d:7a:b7:e2:6d:ad:00:86:4e:b0:b3:97:74: a1:e6:9a:37:93:ac:0a:ec:cf:94:8e:4e:6c:0e:24: f9:0c:79:7e:da:1b:44:4f:26:6f:bb:c0:50:b3:80: 68:74:ed:40:06:7c:6c:c9:de:e8:7d:71:29:99:72: 6c:be:84:94:fe:10:8f:92:47:7a:9e:19:f0:87:3d: 01:04:b7:88:8e:c8:70:36:19:3c:94:de:fc:27:7c: 38:ae:b5:65:26:38:13:6d:d9:51:46:da:d4:5e:37: 22:90:cb:21:7c:0f:3c:bb:74:3d:2c:67:9d:8d:96: 0b:20:bf:13:7f:4d:7a:92:17:43:43:4c:23:73:5c: d7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:21:5F:E2:EA:08:68:9A:51:03:56:C4:74:3D:F5:3F:AB:FD:BD:C9 X509v3 Authority Key Identifier: keyid:1C:C2:10:1C:8C:93:D4:58:D2:5C:31:25:C8:C9:BC:C9:AF:13:28:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMIQHIyT1FjSXDElyMm8ya8TKHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3c293f-789d-4695-b57f-6aaf5496065e/1/HMIQHIyT1FjSXDElyMm8ya8TKHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:2d:ba:a0:7e:d8:40:a1:36:ae:b8:93:e1:66:d9:5b:d8:21: 74:a8:fc:05:09:1f:fc:cb:54:14:3d:05:cb:6e:6b:6d:d8:53: 56:69:47:5b:c3:48:93:6d:d0:01:c1:7f:85:a8:6c:43:e8:ca: b0:c5:74:4c:a5:e8:8b:87:fe:0a:04:0c:78:9b:89:20:6a:57: f7:7c:95:a6:d2:77:3f:f9:be:40:86:66:71:b4:4f:c8:78:33: cc:f9:25:2b:65:f0:ff:1d:47:84:97:2d:ca:9e:1d:a6:e9:17: 77:f5:cf:75:74:77:05:78:25:72:78:fa:8b:8a:3a:bd:e3:e6: 81:f1:45:95:8b:3a:ca:e2:60:f0:4d:ae:48:00:d2:32:aa:87: 80:e2:99:03:5a:cb:e3:df:2e:be:41:25:1e:92:a1:37:f1:ab: 70:8e:ee:36:a9:1f:c9:ad:94:a4:da:bf:85:09:9b:ef:90:c2: 87:38:a4:3a:54:8d:5a:9d:41:41:ef:f9:59:3b:f5:7e:71:75: 21:e8:be:82:24:2e:60:bc:2c:15:d4:51:7e:03:2f:96:33:02: 7d:cc:0f:6a:63:fe:a7:fc:7b:97:c1:d8:f4:ae:e2:93:41:b9: a3:11:04:cd:8c:b1:26:9d:10:79:f5:f3:db:36:8a:7c:ef:3b: fb:a5:02:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fr0b02nPcBPBxGTwzl8YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYzIxMDFjOGM5M2Q0NThkMjVjMzEyNWM4YzliY2M5YWYx MzI4NzEwHhcNMjUxMjIwMTYwMTM3WhcNMjUxMjIxMTYwMTM3WjAzMTEwLwYDVQQD EygyYTIxNWZlMmVhMDg2ODlhNTEwMzU2YzQ3NDNkZjUzZmFiZmRiZGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0a7tglsluhXNhsMMcbGkry8b54i iXKy3LN7BSqzSM1J0THJgZTEKXfZHE65in2niiNGm6ZSzFSf8rno8zc82F26Kskr 2gbDTp8+Cv8sqIaWNWpnpMt+Tdoh81L/PjWWxW7E/iX3tnAgwJJKOFhafA4Y2ecY 43cpyy16t+JtrQCGTrCzl3Sh5po3k6wK7M+Ujk5sDiT5DHl+2htETyZvu8BQs4Bo dO1ABnxsyd7ofXEpmXJsvoSU/hCPkkd6nhnwhz0BBLeIjshwNhk8lN78J3w4rrVl JjgTbdlRRtrUXjcikMshfA88u3Q9LGedjZYLIL8Tf016khdDQ0wjc1zXHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCohX+LqCGiaUQNWxHQ99T+r/b3JMB8GA1UdIwQY MBaAFBzCEByMk9RY0lwxJcjJvMmvEyhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2Yt NmFhZjU0OTYwNjVlLzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8zYzI5M2YtNzg5ZC00Njk1LWI1N2YtNmFhZjU0OTYwNjVl LzEvSE1JUUhJeVQxRmpTWERFbHlNbTh5YThUS0hFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiy26oH7Y QKE2rriT4WbZW9ghdKj8BQkf/MtUFD0Fy25rbdhTVmlHW8NIk23QAcF/hahsQ+jK sMV0TKXoi4f+CgQMeJuJIGpX93yVptJ3P/m+QIZmcbRPyHgzzPklK2Xw/x1HhJct yp4dpukXd/XPdXR3BXglcnj6i4o6vePmgfFFlYs6yuJg8E2uSADSMqqHgOKZA1rL 498uvkElHpKhN/GrcI7uNqkfya2UpNq/hQmb75DChzikOlSNWp1BQe/5WTv1fnF1 Iei+giQuYLwsFdRRfgMvljMCfcwPamP+p/x7l8HY9K7ik0G5oxEEzYyxJp0QefXz 2zaKfO87+6UCog== -----END CERTIFICATE-----Generated at Sun Dec 21 02:39:04 2025 by rpki-client