This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft File: HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft (raw, json) Hash identifier: 5RJxZBJi+UTG02wTAUGprRrM4/aPe7tHczKiXX+C4Ms= Subject key identifier: FC:7E:1F:2F:FC:79:E2:07:F4:94:91:F3:39:05:CF:B3:0B:7B:63:04 Authority key identifier: 1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F Certificate issuer: /CN=1d8933c193f04e32441e37162dc4defa9744b84f Certificate serial: 019BB1A740F6901A943258C07BB6FAD317E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft Manifest number: 1589 Signing time: Mon 12 Jan 2026 10:01:26 +0000 Manifest this update: Mon 12 Jan 2026 10:01:26 +0000 Manifest next update: Tue 13 Jan 2026 10:01:26 +0000 Files and hashes: 1: HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl (hash: u34orkcEn6udJEmlPPuZtNK7tNRuWpl06n8MAb0Oqus=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 10:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b1:a7:40:f6:90:1a:94:32:58:c0:7b:b6:fa:d3:17:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d8933c193f04e32441e37162dc4defa9744b84f Validity Not Before: Jan 12 10:01:26 2026 GMT Not After : Jan 13 10:01:26 2026 GMT Subject: CN=fc7e1f2ffc79e207f49491f33905cfb30b7b6304 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:09:f7:4d:b4:de:74:08:12:24:f7:fd:ec:9c: 01:06:8b:22:53:d0:70:c6:4f:f1:61:b4:62:5f:d4: 05:b6:31:06:8d:ca:5e:30:b6:9c:8b:b4:ba:be:f5: b5:64:ce:ae:fc:54:d1:ed:ca:ef:ab:25:ff:8f:9d: 68:05:91:31:7a:c4:7c:5c:e5:b9:f8:5d:17:4f:0e: 51:1f:20:cf:95:28:f7:b8:60:9d:32:86:9c:78:e2: a1:70:1a:59:61:46:da:a2:ca:40:08:1c:95:d1:8f: 51:27:fd:d9:15:a9:05:8d:7e:ed:b0:27:aa:6b:f8: 0c:9f:2d:c4:18:87:14:9b:ba:6c:9c:7a:63:9e:6c: e3:0c:21:c5:23:0b:87:d9:cd:45:7c:bf:d1:8a:c2: 28:3e:19:10:2b:0c:6e:83:d2:d9:0d:bc:6b:59:ab: 65:5f:97:a0:62:6d:48:7c:30:d5:a3:16:82:72:8d: b7:47:6f:33:fe:99:ff:2c:a4:3e:90:50:4a:6c:6f: 80:3a:6f:4a:b0:41:9c:bd:f6:03:e2:8f:aa:65:dd: 0d:8d:b2:a2:55:bc:ac:ef:6a:1c:d6:36:47:00:c4: f9:70:8e:c0:f4:7c:4c:16:42:2e:45:47:32:1b:0a: a2:93:6b:1e:9d:e2:03:94:b0:77:ba:de:d3:7b:ac: 8c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:7E:1F:2F:FC:79:E2:07:F4:94:91:F3:39:05:CF:B3:0B:7B:63:04 X509v3 Authority Key Identifier: keyid:1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:3a:95:87:02:bc:a1:5b:a1:d9:bb:bd:37:bd:f7:f4:c7:cd: ca:ce:94:98:51:7a:62:ed:51:43:87:de:08:d3:01:ff:b0:49: 24:e9:16:f1:66:1d:45:3e:60:79:33:40:cc:15:06:c3:53:11: d3:f0:37:2e:e1:1d:fa:ac:c8:8f:d0:ce:19:89:f6:7d:6c:8b: 57:65:da:f0:79:d7:10:64:81:aa:59:0e:bb:85:e9:48:76:7c: 7e:36:56:4d:79:02:b7:96:6e:20:41:95:0f:f9:da:0e:83:45: 25:24:ad:2d:bb:17:88:94:00:e9:f7:c5:59:0f:a5:6d:f6:b8: fe:5e:fe:c4:0f:41:86:ec:24:71:03:12:b4:b7:27:7f:e4:c7: c5:96:83:f0:cf:bd:29:92:d1:33:f5:09:0d:b0:8c:14:e3:9c: 66:7c:91:07:da:6d:76:95:31:a8:90:ea:f9:7c:86:26:32:d8: f1:7c:12:02:e3:d5:f2:0b:b2:70:2c:c1:e3:cf:9e:56:0a:36: 55:24:22:2e:26:d9:a8:d5:6b:08:d2:30:fc:0c:56:03:e1:33: aa:db:7e:83:bf:c6:2d:70:97:ee:45:35:e2:31:6a:9f:10:5b: 17:f3:e5:87:ef:a8:0f:7a:e0:95:bf:ab:47:07:e9:a9:00:f9: 44:96:7a:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuxp0D2kBqUMljAe7b60xfjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkODkzM2MxOTNmMDRlMzI0NDFlMzcxNjJkYzRkZWZhOTc0 NGI4NGYwHhcNMjYwMTEyMTAwMTI2WhcNMjYwMTEzMTAwMTI2WjAzMTEwLwYDVQQD EyhmYzdlMWYyZmZjNzllMjA3ZjQ5NDkxZjMzOTA1Y2ZiMzBiN2I2MzA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgn3TbTedAgSJPf97JwBBosiU9Bw xk/xYbRiX9QFtjEGjcpeMLaci7S6vvW1ZM6u/FTR7crvqyX/j51oBZExesR8XOW5 +F0XTw5RHyDPlSj3uGCdMoaceOKhcBpZYUbaospACByV0Y9RJ/3ZFakFjX7tsCeq a/gMny3EGIcUm7psnHpjnmzjDCHFIwuH2c1FfL/RisIoPhkQKwxug9LZDbxrWatl X5egYm1IfDDVoxaCco23R28z/pn/LKQ+kFBKbG+AOm9KsEGcvfYD4o+qZd0NjbKi Vbys72oc1jZHAMT5cI7A9HxMFkIuRUcyGwqik2seneIDlLB3ut7Te6yMOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPx+Hy/8eeIH9JSR8zkFz7MLe2MEMB8GA1UdIwQY MBaAFB2JM8GT8E4yRB43Fi3E3vqXRLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEt MzQyZDFiMzgxZDg3LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEtMzQyZDFiMzgxZDg3 LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArDqVhwK8 oVuh2bu9N7339MfNys6UmFF6Yu1RQ4feCNMB/7BJJOkW8WYdRT5geTNAzBUGw1MR 0/A3LuEd+qzIj9DOGYn2fWyLV2Xa8HnXEGSBqlkOu4XpSHZ8fjZWTXkCt5ZuIEGV D/naDoNFJSStLbsXiJQA6ffFWQ+lbfa4/l7+xA9BhuwkcQMStLcnf+THxZaD8M+9 KZLRM/UJDbCMFOOcZnyRB9ptdpUxqJDq+XyGJjLY8XwSAuPV8guycCzB48+eVgo2 VSQiLibZqNVrCNIw/AxWA+Ezqtt+g7/GLXCX7kU14jFqnxBbF/Plh++oD3rglb+r RwfpqQD5RJZ6tw== -----END CERTIFICATE-----Generated at Mon Jan 12 15:32:59 2026 by rpki-client