This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft File: hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json) Hash identifier: MNhoLyc0sZKrL7RZZSZInz0/JdW+gKVAZxdg7XRod10= Subject key identifier: 0D:7E:FD:2F:A7:CD:FE:25:74:75:A7:87:95:AE:E6:70:AC:4B:30:AA Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67 Certificate issuer: /CN=86985bae0d938de24385c4053cda391b74450267 Certificate serial: 019B4249686AF24B8E4409E23D28BFFA8032 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft Manifest number: 0AFB Signing time: Sun 21 Dec 2025 19:01:05 +0000 Manifest this update: Sun 21 Dec 2025 19:01:05 +0000 Manifest next update: Mon 22 Dec 2025 19:01:05 +0000 Files and hashes: 1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: 9EYRVCywfO8APheHsS5uaG6VKMIxHzHi2oFFAVP+uDg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 19:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:68:6a:f2:4b:8e:44:09:e2:3d:28:bf:fa:80:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86985bae0d938de24385c4053cda391b74450267 Validity Not Before: Dec 21 19:01:05 2025 GMT Not After : Dec 22 19:01:05 2025 GMT Subject: CN=0d7efd2fa7cdfe257475a78795aee670ac4b30aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:5b:cb:01:8d:7d:fb:91:be:d1:05:d3:fe:40: 3e:cb:7a:ba:21:05:ab:32:5e:3b:6a:e1:07:5a:a7: 29:3e:c6:d0:98:fc:91:15:a0:35:de:44:1f:ed:12: 16:9b:65:de:dd:f3:4d:82:91:fa:7d:67:cd:59:b1: 5d:59:38:c6:47:3f:ac:4a:c5:4f:ea:d1:d8:67:92: 08:8b:e2:81:8c:e5:d2:b7:ff:fc:2c:3e:dc:49:af: 62:d3:51:86:fd:09:ec:8f:ba:2d:da:e5:f5:b8:b1: ee:15:2e:21:76:55:a6:df:88:e5:b3:27:c0:be:bc: 3d:8e:b9:50:b7:17:1b:9e:c2:b3:f5:2a:3c:98:eb: ff:d6:76:8e:86:02:79:85:f9:d6:dd:b7:88:1f:0d: a0:92:fa:19:5d:28:7b:37:32:f0:97:ea:10:13:d1: 5a:80:86:7a:82:51:8a:e5:78:95:6b:9b:16:b8:9a: 66:4c:c7:e1:a6:9e:c1:f6:b3:ef:41:d7:12:d5:31: f5:7e:65:d8:3e:79:f6:69:8a:4e:7b:66:f1:d8:cb: ba:55:14:90:f2:65:58:c4:c5:ce:32:86:37:01:8a: bc:b1:f3:98:77:de:97:70:40:f0:33:ab:e9:bb:c4: b4:16:66:fd:ee:43:69:3e:95:20:48:21:2b:fc:dd: bc:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:7E:FD:2F:A7:CD:FE:25:74:75:A7:87:95:AE:E6:70:AC:4B:30:AA X509v3 Authority Key Identifier: keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:2f:e4:e9:60:b7:b7:aa:37:6f:8a:f0:34:aa:fe:2f:0f:70: fd:4d:32:81:7c:80:c5:f4:4d:59:9c:b7:9c:a0:8c:87:3e:78: dd:91:77:bb:69:be:1a:a6:18:e0:6a:6e:18:31:83:72:39:4e: e1:16:a3:bc:7a:a9:09:00:e6:73:9b:69:36:56:f9:06:95:d7: 0d:83:2c:e0:2c:43:e1:ec:eb:f5:5f:92:2d:61:24:fd:47:9b: 2b:77:f9:f5:7f:37:f0:f0:4c:da:67:54:73:e7:62:e5:21:3c: c3:07:aa:7f:bc:7d:33:f6:2a:63:92:05:b9:19:02:d0:f0:c8: 23:c7:4f:3d:d8:95:fe:04:2b:c0:e8:1c:eb:8d:1e:25:63:eb: 6a:66:e1:55:de:1e:5a:69:76:85:c7:c8:24:3f:56:3a:d6:eb: ee:72:c7:c0:ad:88:1a:ec:6e:c0:91:8d:a0:4a:eb:79:22:0f: f4:e0:ac:fe:1c:12:28:28:6d:33:8f:36:fc:b3:47:23:f1:96: f6:42:72:8c:fc:bb:e6:c6:25:fa:d2:3d:e4:99:f7:da:ec:59: b8:6a:2d:00:5a:fb:7c:e1:8f:99:a9:2b:d9:1a:74:ec:b6:3c: 49:c6:ab:e3:cf:f1:db:f0:26:26:53:76:0b:39:84:ad:3a:fa: 7e:ba:89:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSWhq8kuORAniPSi/+oAyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0 NTAyNjcwHhcNMjUxMjIxMTkwMTA1WhcNMjUxMjIyMTkwMTA1WjAzMTEwLwYDVQQD EygwZDdlZmQyZmE3Y2RmZTI1NzQ3NWE3ODc5NWFlZTY3MGFjNGIzMGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVvLAY19+5G+0QXT/kA+y3q6IQWr Ml47auEHWqcpPsbQmPyRFaA13kQf7RIWm2Xe3fNNgpH6fWfNWbFdWTjGRz+sSsVP 6tHYZ5IIi+KBjOXSt//8LD7cSa9i01GG/Qnsj7ot2uX1uLHuFS4hdlWm34jlsyfA vrw9jrlQtxcbnsKz9So8mOv/1naOhgJ5hfnW3beIHw2gkvoZXSh7NzLwl+oQE9Fa gIZ6glGK5XiVa5sWuJpmTMfhpp7B9rPvQdcS1TH1fmXYPnn2aYpOe2bx2Mu6VRSQ 8mVYxMXOMoY3AYq8sfOYd96XcEDwM6vpu8S0Fmb97kNpPpUgSCEr/N28jQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA1+/S+nzf4ldHWnh5Wu5nCsSzCqMB8GA1UdIwQY MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAC/k6WC3 t6o3b4rwNKr+Lw9w/U0ygXyAxfRNWZy3nKCMhz543ZF3u2m+GqYY4GpuGDGDcjlO 4RajvHqpCQDmc5tpNlb5BpXXDYMs4CxD4ezr9V+SLWEk/UebK3f59X838PBM2mdU c+di5SE8wweqf7x9M/YqY5IFuRkC0PDII8dPPdiV/gQrwOgc640eJWPrambhVd4e Wml2hcfIJD9WOtbr7nLHwK2IGuxuwJGNoErreSIP9OCs/hwSKChtM482/LNHI/GW 9kJyjPy75sYl+tI95Jn32uxZuGotAFr7fOGPmakr2Rp07LY8Scar48/x2/AmJlN2 CzmErTr6frqJgQ== -----END CERTIFICATE-----Generated at Mon Dec 22 01:41:55 2025 by rpki-client