This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft File: HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft (raw, json) Hash identifier: 9dmCjsCgZJqwMQdwATF8Yz0qLEVCSF/Wrm69A99tGM4= Subject key identifier: D0:EC:05:A1:47:00:3B:1E:60:48:94:94:4F:24:7B:18:1B:E4:F9:61 Authority key identifier: 1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60 Certificate issuer: /CN=1c1618e04372d9b27f417d229f82614027bc3c60 Certificate serial: 019B9D0E420D830E9FD82F2DFE6564A337F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft Manifest number: 0B16 Signing time: Thu 08 Jan 2026 10:01:55 +0000 Manifest this update: Thu 08 Jan 2026 10:01:55 +0000 Manifest next update: Fri 09 Jan 2026 10:01:55 +0000 Files and hashes: 1: HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl (hash: aM2GzmJ2BQCll4E+zewi+CvkUuTazdU1rBfCCis253A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9d:0e:42:0d:83:0e:9f:d8:2f:2d:fe:65:64:a3:37:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c1618e04372d9b27f417d229f82614027bc3c60 Validity Not Before: Jan 8 10:01:55 2026 GMT Not After : Jan 9 10:01:55 2026 GMT Subject: CN=d0ec05a147003b1e604894944f247b181be4f961 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:11:2d:2e:31:de:be:61:b0:1e:6c:96:0d:cb: 16:a7:35:13:58:c7:54:0b:98:84:1d:c8:a0:65:6a: 83:cc:94:63:e0:05:30:79:18:51:bc:02:17:90:65: d2:aa:73:c9:c4:43:e1:28:99:c5:1b:6d:e7:9c:4a: 56:ab:fd:a5:ab:15:e7:2a:83:90:3f:53:f3:77:31: 2b:36:4f:2f:f0:df:00:65:fa:97:39:32:f3:1d:8f: ce:39:5c:78:0c:67:2b:6d:f7:72:fc:bc:e3:b1:57: 9b:78:77:1f:39:93:91:f3:cc:f5:a5:44:f9:51:76: b6:04:1a:40:24:ab:74:36:55:d2:19:22:80:15:d6: cf:6d:81:24:e3:f3:9e:8c:ba:21:8e:8e:bb:e5:ec: 0e:60:4b:ec:71:f6:20:90:b3:a7:bb:90:90:f0:ed: 88:81:cb:9d:d5:d8:c1:1c:2f:c9:79:d0:fd:e8:de: 94:24:d9:3f:c3:47:61:6c:3e:d8:4f:99:7c:3e:93: ef:d0:4a:dc:e7:16:70:8f:9a:70:23:d2:c3:4d:52: b3:dd:4d:5a:2c:ca:78:56:a4:5f:26:b8:4f:f5:0d: a3:1c:7a:06:4f:58:1b:21:12:f4:aa:d9:99:33:de: 1d:31:2c:9f:06:89:28:94:30:87:2f:a0:2b:1a:5a: a7:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:EC:05:A1:47:00:3B:1E:60:48:94:94:4F:24:7B:18:1B:E4:F9:61 X509v3 Authority Key Identifier: keyid:1C:16:18:E0:43:72:D9:B2:7F:41:7D:22:9F:82:61:40:27:BC:3C:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HBYY4ENy2bJ_QX0in4JhQCe8PGA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/cbfa04-e95a-45b2-9a7d-a395ab35d8ea/1/HBYY4ENy2bJ_QX0in4JhQCe8PGA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:39:cc:71:cf:a1:e3:e3:c1:91:6f:f5:93:6c:fc:67:51:5b: 9c:58:cb:41:ca:37:fe:32:73:42:51:9b:2b:e3:2c:21:a6:de: 24:e0:74:56:d0:49:a2:33:4f:dc:21:7a:30:71:f3:e0:d7:d6: c2:25:36:fd:b3:f4:37:98:20:3f:d8:3f:9c:75:e5:c7:0c:4a: 43:f0:5d:f0:5f:49:18:e4:bf:69:d9:c6:cb:a3:1c:98:b3:55: 29:d7:33:07:31:c4:69:93:9b:9b:44:17:3d:28:66:9b:82:f5: fe:f0:76:b4:6a:9a:5c:05:1d:b9:64:9a:be:7a:7a:e1:49:21: 6e:4a:f0:fe:b4:f9:2c:23:8b:6e:c5:01:67:34:f2:78:c1:99: 11:e3:86:e6:b7:c6:98:08:c3:09:eb:fc:dc:d7:4e:a4:04:01: 9f:58:c4:de:80:04:01:ee:6a:a4:94:dd:8f:57:4d:17:9a:95: ed:97:b8:c3:c5:2c:97:ea:2d:02:18:2a:49:d9:54:fb:14:48: 8a:95:53:db:3b:87:18:30:13:d1:dc:c5:0f:d7:31:fd:17:99: af:38:4a:49:90:e7:e2:68:a6:be:60:9a:85:e9:65:96:34:0f: 64:0a:20:03:c6:09:31:9d:fe:18:8d:62:99:81:bf:90:f5:db: 44:ed:0f:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZudDkINgw6f2C8t/mVkozf3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMTYxOGUwNDM3MmQ5YjI3ZjQxN2QyMjlmODI2MTQwMjdi YzNjNjAwHhcNMjYwMTA4MTAwMTU1WhcNMjYwMTA5MTAwMTU1WjAzMTEwLwYDVQQD EyhkMGVjMDVhMTQ3MDAzYjFlNjA0ODk0OTQ0ZjI0N2IxODFiZTRmOTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7REtLjHevmGwHmyWDcsWpzUTWMdU C5iEHcigZWqDzJRj4AUweRhRvAIXkGXSqnPJxEPhKJnFG23nnEpWq/2lqxXnKoOQ P1PzdzErNk8v8N8AZfqXOTLzHY/OOVx4DGcrbfdy/LzjsVebeHcfOZOR88z1pUT5 UXa2BBpAJKt0NlXSGSKAFdbPbYEk4/OejLohjo675ewOYEvscfYgkLOnu5CQ8O2I gcud1djBHC/JedD96N6UJNk/w0dhbD7YT5l8PpPv0Erc5xZwj5pwI9LDTVKz3U1a LMp4VqRfJrhP9Q2jHHoGT1gbIRL0qtmZM94dMSyfBokolDCHL6ArGlqnewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNDsBaFHADseYEiUlE8kexgb5PlhMB8GA1UdIwQY MBaAFBwWGOBDctmyf0F9Ip+CYUAnvDxgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2Qt YTM5NWFiMzVkOGVhLzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9jYmZhMDQtZTk1YS00NWIyLTlhN2QtYTM5NWFiMzVkOGVh LzEvSEJZWTRFTnkyYkpfUVgwaW40SmhRQ2U4UEdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALznMcc+h 4+PBkW/1k2z8Z1FbnFjLQco3/jJzQlGbK+MsIabeJOB0VtBJojNP3CF6MHHz4NfW wiU2/bP0N5ggP9g/nHXlxwxKQ/Bd8F9JGOS/adnGy6McmLNVKdczBzHEaZObm0QX PShmm4L1/vB2tGqaXAUduWSavnp64Ukhbkrw/rT5LCOLbsUBZzTyeMGZEeOG5rfG mAjDCev83NdOpAQBn1jE3oAEAe5qpJTdj1dNF5qV7Ze4w8Usl+otAhgqSdlU+xRI ipVT2zuHGDAT0dzFD9cx/ReZrzhKSZDn4mimvmCahellljQPZAogA8YJMZ3+GI1i mYG/kPXbRO0P3w== -----END CERTIFICATE-----Generated at Thu Jan 8 13:46:41 2026 by rpki-client