This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft File: HyAOBxBBRee6mHap0-55Kgc2TTY.mft (raw, json) Hash identifier: rf3bbtea+0wo2SHeJZnBka6vi+IAx+i0P4NxhhtMhts= Subject key identifier: 36:FB:EE:5D:2A:86:28:68:83:57:E7:1E:3E:75:92:DC:3E:CB:8A:84 Authority key identifier: 1F:20:0E:07:10:41:45:E7:BA:98:76:A9:D3:EE:79:2A:07:36:4D:36 Certificate issuer: /CN=1f200e07104145e7ba9876a9d3ee792a07364d36 Certificate serial: 019B2EFA46E6370A12C3F0AD0E9C60365707 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft Manifest number: 04A7 Signing time: Thu 18 Dec 2025 01:01:52 +0000 Manifest this update: Thu 18 Dec 2025 01:01:52 +0000 Manifest next update: Fri 19 Dec 2025 01:01:52 +0000 Files and hashes: 1: HyAOBxBBRee6mHap0-55Kgc2TTY.crl (hash: IHeQOKq5yIJOZ1bCEhwBflwan/N/CSjX8h6e+wuGm8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:01:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:46:e6:37:0a:12:c3:f0:ad:0e:9c:60:36:57:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f200e07104145e7ba9876a9d3ee792a07364d36 Validity Not Before: Dec 18 01:01:52 2025 GMT Not After : Dec 19 01:01:52 2025 GMT Subject: CN=36fbee5d2a8628688357e71e3e7592dc3ecb8a84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:63:11:5f:e7:da:05:92:6f:79:5b:67:09:02: c5:30:2b:8f:74:ef:62:68:80:4c:45:c5:9d:3c:27: 6d:32:64:65:0b:81:42:ed:91:0f:78:63:42:61:68: ee:64:52:ad:b4:8d:16:38:94:8e:81:65:84:d1:51: 8b:f6:e2:07:dd:45:7f:a4:5e:ae:09:f8:aa:a9:56: 51:e7:e5:fd:71:c1:18:16:fa:3d:7d:79:6a:fd:6a: 8f:bd:fc:b8:34:d7:bf:2f:27:56:0e:5e:ca:f2:1a: 47:77:41:1f:bf:34:88:97:23:b0:72:33:16:4a:f1: f6:a9:de:ef:6d:8c:4d:e1:af:8e:4f:2a:26:da:ab: c9:6c:46:4b:43:db:c0:9d:8b:8f:59:92:07:f3:c8: ac:dc:8c:b9:95:da:be:9f:d9:f7:0e:c9:48:d7:fa: 38:53:c3:c6:64:11:06:0a:56:2e:52:cc:8c:1e:66: dc:8b:da:19:24:71:ba:3b:e9:d1:7b:e9:d0:7b:af: 4b:43:27:02:26:fc:61:c3:f8:39:2c:5c:8f:03:d4: e6:ea:eb:cf:aa:cb:b0:ed:22:a3:b2:7e:66:d5:c4: d7:7d:18:8a:16:84:c2:4f:26:d6:95:9a:68:9f:90: c5:1a:c0:81:d7:3e:13:8e:3c:77:50:ca:0c:28:6c: 39:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:FB:EE:5D:2A:86:28:68:83:57:E7:1E:3E:75:92:DC:3E:CB:8A:84 X509v3 Authority Key Identifier: keyid:1F:20:0E:07:10:41:45:E7:BA:98:76:A9:D3:EE:79:2A:07:36:4D:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyAOBxBBRee6mHap0-55Kgc2TTY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/46dabf-9626-4d1f-a89e-775a7ec1ca33/1/HyAOBxBBRee6mHap0-55Kgc2TTY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:c0:bb:05:bc:d8:3e:e9:67:82:2e:db:89:67:9f:8c:81:d1: 36:52:c8:2d:4a:6a:08:97:2a:da:e8:60:db:7b:7e:a3:26:bd: 9a:ba:cf:a5:d5:c9:fe:78:de:13:75:e1:0a:68:4f:9c:0f:b4: 6f:21:ca:25:bb:66:f3:33:f7:ad:31:28:a8:21:97:8a:da:a7: 26:b3:6a:f1:d4:49:4d:53:74:8c:af:a9:f8:28:9a:cf:79:ba: 0b:b6:51:71:ac:31:07:dc:69:a9:fd:36:e0:57:fb:7e:b8:74: 2c:b4:8e:8d:42:70:3d:ec:09:a8:e8:06:95:c4:40:67:6c:26: 02:a5:3e:94:87:a8:49:a6:67:b5:c9:0c:06:b0:dc:0e:32:d6: e9:e6:5d:2f:f3:9a:8c:2d:c4:95:ab:2e:96:a7:7b:12:93:5a: f2:9b:4f:ae:20:f3:35:34:9c:f4:b4:cd:1a:b9:69:c8:01:59: 49:08:db:53:1f:6e:85:5f:2d:b9:54:89:8b:07:5a:41:17:19: 40:31:60:bc:53:23:77:16:4e:3d:f3:13:c5:5a:df:a4:86:e8: 82:a1:7b:7e:cd:37:7e:a4:6b:54:28:39:2e:0e:c7:a9:ba:ce: 97:1c:a9:ea:92:fa:2b:d1:54:4e:e4:ea:15:84:ee:2c:5a:75: 98:62:15:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+kbmNwoSw/CtDpxgNlcHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMjAwZTA3MTA0MTQ1ZTdiYTk4NzZhOWQzZWU3OTJhMDcz NjRkMzYwHhcNMjUxMjE4MDEwMTUyWhcNMjUxMjE5MDEwMTUyWjAzMTEwLwYDVQQD EygzNmZiZWU1ZDJhODYyODY4ODM1N2U3MWUzZTc1OTJkYzNlY2I4YTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmMRX+faBZJveVtnCQLFMCuPdO9i aIBMRcWdPCdtMmRlC4FC7ZEPeGNCYWjuZFKttI0WOJSOgWWE0VGL9uIH3UV/pF6u CfiqqVZR5+X9ccEYFvo9fXlq/WqPvfy4NNe/LydWDl7K8hpHd0EfvzSIlyOwcjMW SvH2qd7vbYxN4a+OTyom2qvJbEZLQ9vAnYuPWZIH88is3Iy5ldq+n9n3DslI1/o4 U8PGZBEGClYuUsyMHmbci9oZJHG6O+nRe+nQe69LQycCJvxhw/g5LFyPA9Tm6uvP qsuw7SKjsn5m1cTXfRiKFoTCTybWlZpon5DFGsCB1z4Tjjx3UMoMKGw5DwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDb77l0qhihog1fnHj51ktw+y4qEMB8GA1UdIwQY MBaAFB8gDgcQQUXnuph2qdPueSoHNk02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80NmRhYmYtOTYyNi00ZDFmLWE4OWUt Nzc1YTdlYzFjYTMzLzEvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi80NmRhYmYtOTYyNi00ZDFmLWE4OWUtNzc1YTdlYzFjYTMz LzEvSHlBT0J4QkJSZWU2bUhhcDAtNTVLZ2MyVFRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu8C7BbzY Pulngi7biWefjIHRNlLILUpqCJcq2uhg23t+oya9mrrPpdXJ/njeE3XhCmhPnA+0 byHKJbtm8zP3rTEoqCGXitqnJrNq8dRJTVN0jK+p+Ciaz3m6C7ZRcawxB9xpqf02 4Ff7frh0LLSOjUJwPewJqOgGlcRAZ2wmAqU+lIeoSaZntckMBrDcDjLW6eZdL/Oa jC3Elasulqd7EpNa8ptPriDzNTSc9LTNGrlpyAFZSQjbUx9uhV8tuVSJiwdaQRcZ QDFgvFMjdxZOPfMTxVrfpIbogqF7fs03fqRrVCg5Lg7HqbrOlxyp6pL6K9FUTuTq FYTuLFp1mGIV1g== -----END CERTIFICATE-----Generated at Thu Dec 18 06:57:09 2025 by rpki-client