This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft File: HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json) Hash identifier: MetVi8j7O+xxNl1U6apq5iNHydSvlOYVrVXjw5SfxTc= Subject key identifier: A0:CD:63:EC:09:F2:F4:41:78:85:36:BB:5F:AF:09:19:D8:31:96:6E Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 Certificate issuer: /CN=1db690606199a5d486789c43dbffd0c065bddce6 Certificate serial: 019B341F897FFA3F3BBEB335E53661278AF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft Manifest number: 05B9 Signing time: Fri 19 Dec 2025 01:00:40 +0000 Manifest this update: Fri 19 Dec 2025 01:00:40 +0000 Manifest next update: Sat 20 Dec 2025 01:00:40 +0000 Files and hashes: 1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: vfZ1Ofe+LyE/as6hDqTIFIm6iqM2mszuTDR8KKPkBzE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:1f:89:7f:fa:3f:3b:be:b3:35:e5:36:61:27:8a:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6 Validity Not Before: Dec 19 01:00:40 2025 GMT Not After : Dec 20 01:00:40 2025 GMT Subject: CN=a0cd63ec09f2f441788536bb5faf0919d831966e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:9e:c9:d2:50:e1:c1:0f:d3:14:7d:ef:4a:f6: 83:24:2a:ed:55:fe:e6:6c:60:38:48:c5:c0:56:af: 58:37:55:23:c8:cb:27:56:cc:e9:0b:08:94:0c:34: 56:b8:94:25:2e:77:19:3e:c5:5d:6b:8e:ba:00:56: 8e:ff:ba:46:f9:d7:85:b7:47:64:89:17:a6:36:b0: 6e:8e:41:a9:a9:c2:23:07:4a:81:8c:bd:92:f1:b8: 4f:fc:1b:47:d0:0e:02:50:d2:e2:b2:c6:6b:e5:d4: 5e:24:3a:5c:06:7a:e3:1b:b5:ed:73:13:8a:6d:cd: 3b:6a:a7:99:bd:bd:7b:35:32:f8:94:ae:6a:20:2b: aa:01:6f:5a:9e:f5:69:dd:2e:09:4a:72:de:63:6b: 70:81:5e:40:4e:45:8a:74:8e:69:4a:6f:51:1c:cd: fd:35:6f:28:d9:ab:3a:bd:30:f2:84:97:45:76:38: b5:90:8f:cb:02:db:38:16:11:ee:d5:f3:6e:c4:17: f9:11:59:3e:57:a9:0a:d3:0a:de:b5:e8:19:1c:df: 47:d4:be:cf:89:ab:39:98:eb:a6:f0:ea:ef:4b:79: f1:20:6f:4d:d0:1d:5b:d7:0a:9b:e8:71:4f:a1:b2: 1b:5d:2c:47:42:63:1e:7e:db:96:01:12:b5:b9:81: 2f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:CD:63:EC:09:F2:F4:41:78:85:36:BB:5F:AF:09:19:D8:31:96:6E X509v3 Authority Key Identifier: keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:a8:98:15:ab:8f:65:11:00:1e:83:17:ad:c8:47:a4:89:4d: 9b:97:51:8a:7d:d0:ee:06:a1:9b:af:74:e8:92:45:3d:ff:7f: a0:5f:4b:1e:db:ef:c4:cb:ed:25:4a:5a:74:6e:4a:76:ca:b5: 1e:22:8e:73:03:8b:3d:b0:67:ae:8b:55:d1:bf:b1:b9:09:b9: a7:78:fd:94:dd:c5:02:06:3d:dd:9d:6b:57:d8:ae:e8:4d:e1: 5c:b2:84:5a:d1:04:7f:1e:5c:02:b0:22:0d:77:97:48:26:e1: 8b:b8:e4:56:9c:77:5f:8e:45:32:e9:68:2e:97:ba:04:74:62: 54:db:39:b1:0e:6e:f6:f8:46:26:6a:97:a9:63:d9:af:6f:94: d0:ba:80:d0:e2:e3:97:bc:3f:b0:1b:8c:c9:1c:a4:39:81:23: 58:f3:22:79:3b:cb:c5:53:6f:76:c9:78:83:b5:de:e6:c8:44: 26:fd:44:80:91:ae:52:13:ab:db:2d:d3:36:9f:70:ac:05:a2: 15:74:41:b3:ce:56:14:94:42:bb:87:02:de:be:67:f5:34:ce: cf:d2:68:ef:09:4e:2d:83:fc:42:2f:e6:c0:d0:71:90:5f:ca: d8:8e:0f:82:93:2d:f6:84:26:21:f6:2a:09:eb:98:e5:a3:ef: e3:04:51:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0H4l/+j87vrM15TZhJ4ryMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi ZGRjZTYwHhcNMjUxMjE5MDEwMDQwWhcNMjUxMjIwMDEwMDQwWjAzMTEwLwYDVQQD EyhhMGNkNjNlYzA5ZjJmNDQxNzg4NTM2YmI1ZmFmMDkxOWQ4MzE5NjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA157J0lDhwQ/TFH3vSvaDJCrtVf7m bGA4SMXAVq9YN1UjyMsnVszpCwiUDDRWuJQlLncZPsVda466AFaO/7pG+deFt0dk iRemNrBujkGpqcIjB0qBjL2S8bhP/BtH0A4CUNLissZr5dReJDpcBnrjG7XtcxOK bc07aqeZvb17NTL4lK5qICuqAW9anvVp3S4JSnLeY2twgV5ATkWKdI5pSm9RHM39 NW8o2as6vTDyhJdFdji1kI/LAts4FhHu1fNuxBf5EVk+V6kK0wretegZHN9H1L7P ias5mOum8OrvS3nxIG9N0B1b1wqb6HFPobIbXSxHQmMeftuWARK1uYEvSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKDNY+wJ8vRBeIU2u1+vCRnYMZZuMB8GA1UdIwQY MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1 LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQKiYFauP ZREAHoMXrchHpIlNm5dRin3Q7gahm6906JJFPf9/oF9LHtvvxMvtJUpadG5Kdsq1 HiKOcwOLPbBnrotV0b+xuQm5p3j9lN3FAgY93Z1rV9iu6E3hXLKEWtEEfx5cArAi DXeXSCbhi7jkVpx3X45FMuloLpe6BHRiVNs5sQ5u9vhGJmqXqWPZr2+U0LqA0OLj l7w/sBuMyRykOYEjWPMieTvLxVNvdsl4g7Xe5shEJv1EgJGuUhOr2y3TNp9wrAWi FXRBs85WFJRCu4cC3r5n9TTOz9Jo7wlOLYP8Qi/mwNBxkF/K2I4PgpMt9oQmIfYq CeuY5aPv4wRRiQ== -----END CERTIFICATE-----Generated at Fri Dec 19 02:45:43 2025 by rpki-client