This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft File: HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json) Hash identifier: 0020Y5q6ofk6ZUilkyjJKMEOW13BcOzR9UpKl0TME2w= Subject key identifier: 19:12:BA:9E:EB:2F:94:C6:3A:8E:77:86:D8:87:B7:E5:F0:78:CF:EE Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 Certificate issuer: /CN=1db690606199a5d486789c43dbffd0c065bddce6 Certificate serial: 019B3FB5BC7445AAF5009CD6D3647E35E352 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft Manifest number: 05BF Signing time: Sun 21 Dec 2025 07:00:33 +0000 Manifest this update: Sun 21 Dec 2025 07:00:33 +0000 Manifest next update: Mon 22 Dec 2025 07:00:33 +0000 Files and hashes: 1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: 9cVz/9638ImoCHvWg882v+VLsmTWcc41a35E7a0G6dY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:b5:bc:74:45:aa:f5:00:9c:d6:d3:64:7e:35:e3:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6 Validity Not Before: Dec 21 07:00:33 2025 GMT Not After : Dec 22 07:00:33 2025 GMT Subject: CN=1912ba9eeb2f94c63a8e7786d887b7e5f078cfee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fe:37:92:61:95:4b:f5:19:3f:36:c1:87:90:5d: 1c:45:30:51:60:50:82:16:8e:49:cf:b1:c1:3f:32: 17:ae:7f:35:a8:4d:4e:a1:4f:65:44:ab:3b:36:96: 3c:07:5e:bf:42:20:0a:ba:cb:d1:fb:a1:90:78:4f: c4:e6:74:11:61:10:81:8e:ff:d3:28:50:2b:a8:f7: a8:2b:0b:e1:30:cd:74:dc:fd:e1:86:47:2a:b2:cb: 52:95:9d:9e:c7:4b:5a:6e:fa:02:6b:55:a7:d3:76: 2f:cc:a4:e2:a8:11:ae:e3:c7:1f:a4:a5:c5:5b:0d: 74:70:c7:c2:6a:d9:23:50:4e:a3:7a:15:63:1a:bc: 86:11:da:f0:ee:d1:25:3c:12:b0:ab:d9:a2:c6:28: f0:3d:19:36:52:93:c9:ce:8d:2c:84:09:87:bc:f6: 3e:21:0f:07:6f:ec:27:88:af:0b:6c:07:01:69:5d: d4:36:ae:cf:1e:51:9f:4a:7a:94:c7:f4:0d:01:c6: 40:f3:af:fa:97:a7:7f:e1:fc:5a:66:01:3d:8c:cf: 88:c0:c7:16:5b:a0:19:38:7e:2d:10:58:4e:c7:63: 71:2a:80:48:7a:76:16:3c:87:8d:fb:1f:eb:2c:28: d5:90:54:79:7c:48:43:7d:a6:03:f5:54:ab:9e:b6: 4e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:12:BA:9E:EB:2F:94:C6:3A:8E:77:86:D8:87:B7:E5:F0:78:CF:EE X509v3 Authority Key Identifier: keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:01:4b:bd:29:bf:e2:76:c8:7d:1f:48:05:a8:2b:ee:4e:17: a2:6b:91:74:fd:7d:28:a8:3f:75:f9:ea:e6:6f:18:b0:81:c1: 99:ef:aa:a0:49:07:07:a7:b6:9a:f3:a7:0e:f1:06:cb:9a:28: f4:5a:3e:83:85:22:48:f6:0d:fe:79:96:33:5d:1e:f8:52:97: 17:7b:5a:32:12:4e:54:f8:88:6d:9e:10:50:5f:cb:ea:23:db: 81:bc:f2:3f:05:ed:f8:14:53:2f:37:cd:48:bf:ae:92:a3:06: a9:f9:80:f8:c9:73:9a:a2:08:95:2a:eb:be:2a:38:a0:6d:13: 91:91:67:14:2b:01:39:da:09:1d:78:50:ed:19:db:5e:8e:ce: d4:5b:91:72:8b:57:5e:09:7e:44:b4:04:0d:30:3b:d2:b0:f3: ac:88:90:38:22:ae:2f:8e:a8:a5:ff:8b:2b:ec:67:db:e9:46: 5a:0f:06:d2:eb:2a:a2:3f:6c:c0:17:55:ff:88:62:67:1f:bf: a7:b7:8b:09:02:72:61:a9:9c:91:f0:82:69:00:f5:1d:91:db: c8:06:53:24:7b:ee:34:cc:4b:70:48:20:d0:d1:e5:6d:a9:db: cd:61:b7:85:4a:3d:71:d6:e4:4e:f6:6c:7b:2a:99:74:5c:01: d7:98:9a:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/tbx0Rar1AJzW02R+NeNSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi ZGRjZTYwHhcNMjUxMjIxMDcwMDMzWhcNMjUxMjIyMDcwMDMzWjAzMTEwLwYDVQQD EygxOTEyYmE5ZWViMmY5NGM2M2E4ZTc3ODZkODg3YjdlNWYwNzhjZmVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/jeSYZVL9Rk/NsGHkF0cRTBRYFCC Fo5Jz7HBPzIXrn81qE1OoU9lRKs7NpY8B16/QiAKusvR+6GQeE/E5nQRYRCBjv/T KFArqPeoKwvhMM103P3hhkcqsstSlZ2ex0tabvoCa1Wn03YvzKTiqBGu48cfpKXF Ww10cMfCatkjUE6jehVjGryGEdrw7tElPBKwq9mixijwPRk2UpPJzo0shAmHvPY+ IQ8Hb+wniK8LbAcBaV3UNq7PHlGfSnqUx/QNAcZA86/6l6d/4fxaZgE9jM+IwMcW W6AZOH4tEFhOx2NxKoBIenYWPIeN+x/rLCjVkFR5fEhDfaYD9VSrnrZO2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBkSup7rL5TGOo53htiHt+XweM/uMB8GA1UdIwQY MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1 LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACgFLvSm/ 4nbIfR9IBagr7k4XomuRdP19KKg/dfnq5m8YsIHBme+qoEkHB6e2mvOnDvEGy5oo 9Fo+g4UiSPYN/nmWM10e+FKXF3taMhJOVPiIbZ4QUF/L6iPbgbzyPwXt+BRTLzfN SL+ukqMGqfmA+MlzmqIIlSrrvio4oG0TkZFnFCsBOdoJHXhQ7RnbXo7O1FuRcotX Xgl+RLQEDTA70rDzrIiQOCKuL46opf+LK+xn2+lGWg8G0usqoj9swBdV/4hiZx+/ p7eLCQJyYamckfCCaQD1HZHbyAZTJHvuNMxLcEgg0NHlbanbzWG3hUo9cdbkTvZs eyqZdFwB15iaww== -----END CERTIFICATE-----Generated at Sun Dec 21 13:57:41 2025 by rpki-client