This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft File: HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft (raw, json) Hash identifier: wym/NYzXZQhxhlDR4LOIqAvmR7Cmy9GTJPryoeguNq8= Subject key identifier: 86:EA:77:4F:5C:37:62:EA:CD:BB:20:C2:84:DD:32:64:F9:68:21:24 Authority key identifier: 1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D Certificate issuer: /CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d Certificate serial: 019B40FF75FE63FA4AB7F6E828C3F973F64E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft Manifest number: 14D7 Signing time: Sun 21 Dec 2025 13:00:42 +0000 Manifest this update: Sun 21 Dec 2025 13:00:42 +0000 Manifest next update: Mon 22 Dec 2025 13:00:42 +0000 Files and hashes: 1: HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl (hash: zmWqfPdof7nkZ/7VLT4kTxZ0f4gCSKfjxRGdMGRHE5Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:ff:75:fe:63:fa:4a:b7:f6:e8:28:c3:f9:73:f6:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d Validity Not Before: Dec 21 13:00:42 2025 GMT Not After : Dec 22 13:00:42 2025 GMT Subject: CN=86ea774f5c3762eacdbb20c284dd3264f9682124 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:33:2e:15:a8:e4:ed:66:f5:2d:a7:81:ba:9e: 2f:f4:94:ba:b0:30:66:4a:bf:10:25:bc:6d:f1:26: 17:b2:cb:61:73:6e:5f:b0:3f:22:5d:b8:e3:8d:1a: 9c:e6:40:36:8d:c1:b0:80:c8:23:5c:57:6e:9d:1c: 3c:1b:17:e4:a7:30:a0:8f:0a:f1:9d:ea:ea:4a:55: 2c:2e:6c:fb:17:72:4a:ba:60:0c:b0:6f:e4:69:56: 0c:e8:25:12:6d:e9:53:6a:9c:82:7a:e9:18:ae:3a: 7b:2a:61:98:ba:f9:b9:75:44:5b:91:eb:4f:c4:52: ef:34:bb:00:ff:52:95:fe:ca:97:10:93:8a:2e:bd: 3e:1e:3b:29:b1:76:40:c5:a9:2b:4e:fc:eb:f6:8a: 1e:e5:96:cd:9d:17:cf:f1:3c:68:4f:1f:c0:75:2b: 53:fb:8e:6f:70:9f:4a:7a:e2:8b:1d:ee:55:bb:4b: 85:84:ff:c4:91:64:e7:9b:6f:0a:3b:6e:a0:34:93: 2f:5c:55:1f:f3:00:2d:68:3b:62:4e:bb:04:db:01: 48:41:70:68:7e:dc:7e:b2:2e:96:49:e7:fe:cc:39: e4:a2:0b:f3:91:24:63:d5:7d:34:d0:30:7c:94:ba: cb:fc:fd:20:e1:d0:0f:bc:24:d7:92:c7:b3:9f:fe: d4:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:EA:77:4F:5C:37:62:EA:CD:BB:20:C2:84:DD:32:64:F9:68:21:24 X509v3 Authority Key Identifier: keyid:1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:d0:81:81:6f:32:ec:86:d3:05:b2:bb:62:c4:91:c3:cc:af: c9:a9:f6:e8:30:14:e6:4f:3a:5e:94:12:a1:e2:14:87:3f:0b: 14:a1:dc:75:69:5e:2b:ec:2f:ea:0e:e5:0b:8c:58:34:04:f5: 30:78:2d:7d:8f:a9:69:90:a4:13:8a:59:38:c6:42:10:ab:9c: 43:0a:0a:6d:63:2f:4a:c6:f8:64:19:5f:ce:c5:c1:4a:9e:27: 98:cb:2d:ed:84:4b:54:b2:15:a7:86:bb:41:a1:50:4c:3c:24: b4:7d:eb:e6:e6:f3:08:46:33:5e:07:49:ef:7c:03:3f:f4:6b: a9:f3:59:89:6f:4a:db:b4:17:a7:29:00:d4:c7:76:d4:b9:8c: 50:ad:cf:d4:cd:dd:1c:8e:11:77:8a:60:49:4a:e5:6c:bf:1e: cc:dc:2b:cd:c5:e0:61:8e:4e:c8:53:a0:fb:14:bc:5c:79:12: f4:9c:73:78:fa:b1:b3:75:e7:9b:21:a4:d7:7d:3d:49:bd:e2: 9e:70:3e:ec:b2:0c:64:e9:2a:94:f2:d0:5e:68:0b:44:5b:cf: 3a:58:5b:92:fd:cf:32:cc:be:7b:fc:5c:93:ac:19:40:21:da: 10:4f:a1:b9:8b:a6:3c:41:85:d8:80:76:37:d9:68:c7:0b:76: 61:d2:90:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtA/3X+Y/pKt/boKMP5c/ZOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMGMzOTFlZGQ1Y2JlZTFhMTRlMGFiM2Y5M2Q4MzRmYWU1 MTFlNGQwHhcNMjUxMjIxMTMwMDQyWhcNMjUxMjIyMTMwMDQyWjAzMTEwLwYDVQQD Eyg4NmVhNzc0ZjVjMzc2MmVhY2RiYjIwYzI4NGRkMzI2NGY5NjgyMTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjMuFajk7Wb1LaeBup4v9JS6sDBm Sr8QJbxt8SYXssthc25fsD8iXbjjjRqc5kA2jcGwgMgjXFdunRw8GxfkpzCgjwrx nerqSlUsLmz7F3JKumAMsG/kaVYM6CUSbelTapyCeukYrjp7KmGYuvm5dURbketP xFLvNLsA/1KV/sqXEJOKLr0+HjspsXZAxakrTvzr9ooe5ZbNnRfP8TxoTx/AdStT +45vcJ9KeuKLHe5Vu0uFhP/EkWTnm28KO26gNJMvXFUf8wAtaDtiTrsE2wFIQXBo ftx+si6WSef+zDnkogvzkSRj1X000DB8lLrL/P0g4dAPvCTXksezn/7U6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIbqd09cN2LqzbsgwoTdMmT5aCEkMB8GA1UdIwQY MBaAFB0MOR7dXL7hoU4Ks/k9g0+uUR5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQt MGY4OTllMGMyMGNkLzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQtMGY4OTllMGMyMGNk LzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtdCBgW8y 7IbTBbK7YsSRw8yvyan26DAU5k86XpQSoeIUhz8LFKHcdWleK+wv6g7lC4xYNAT1 MHgtfY+paZCkE4pZOMZCEKucQwoKbWMvSsb4ZBlfzsXBSp4nmMst7YRLVLIVp4a7 QaFQTDwktH3r5ubzCEYzXgdJ73wDP/RrqfNZiW9K27QXpykA1Md21LmMUK3P1M3d HI4Rd4pgSUrlbL8ezNwrzcXgYY5OyFOg+xS8XHkS9JxzePqxs3XnmyGk1309Sb3i nnA+7LIMZOkqlPLQXmgLRFvPOlhbkv3PMsy+e/xck6wZQCHaEE+huYumPEGF2IB2 N9loxwt2YdKQ/g== -----END CERTIFICATE-----Generated at Sun Dec 21 19:15:31 2025 by rpki-client