This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft File: hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json) Hash identifier: b2DKPQX3NmG67WMP8VoViSv9HGb2CfLnP1KS+nL+tHc= Subject key identifier: BF:40:E1:15:81:B6:54:00:B7:35:94:9E:7E:C7:15:E5:CC:C4:AA:F9 Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B Certificate issuer: /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b Certificate serial: 019B39B432A0F8AAAEE5089551AEE634CC75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft Manifest number: 08B5 Signing time: Sat 20 Dec 2025 03:01:09 +0000 Manifest this update: Sat 20 Dec 2025 03:01:09 +0000 Manifest next update: Sun 21 Dec 2025 03:01:09 +0000 Files and hashes: 1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: OUDukpMy2DYbu7YWdXKiRJMROyUXYJpp3WH5f4NfRHE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:b4:32:a0:f8:aa:ae:e5:08:95:51:ae:e6:34:cc:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b Validity Not Before: Dec 20 03:01:09 2025 GMT Not After : Dec 21 03:01:09 2025 GMT Subject: CN=bf40e11581b65400b735949e7ec715e5ccc4aaf9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cb:ed:73:d2:6f:40:48:67:8c:8b:29:ac:3d: a4:0d:7d:11:b4:a6:db:fb:c4:6a:b3:11:21:2f:be: 52:4c:d0:e5:13:d2:e8:e0:92:df:87:15:ab:0c:0f: e3:88:a6:3f:54:34:8c:3a:b5:cf:b7:65:9f:cf:aa: 51:dd:e5:d6:15:1f:52:91:c3:bf:81:77:56:49:14: 36:d5:91:9d:c6:a9:a7:82:d0:ed:7b:ab:31:f7:09: c0:3d:24:d6:37:1b:8b:85:8f:fc:8c:58:c1:52:5b: 10:ab:81:f9:b1:42:2d:73:47:5c:c6:4c:39:0f:49: ea:0f:3e:45:46:28:7d:db:56:a6:18:00:d7:40:96: 86:f1:d3:99:9d:b7:aa:d1:f5:cd:34:96:1f:de:80: 25:4a:7f:7f:bb:b3:41:7b:f6:28:ed:5e:11:81:07: c2:68:64:28:78:12:6d:57:89:0d:d4:90:be:cc:b4: 15:43:cd:93:4c:af:9b:2c:e2:b9:25:07:8e:9e:18: 86:67:67:e2:eb:3c:33:bd:d4:1a:24:71:47:b7:36: 31:8c:7f:c0:1c:46:53:fe:58:5f:f3:42:27:d9:ff: 28:9c:11:0a:bb:aa:f3:21:9b:0b:e7:70:33:9f:60: f1:97:d1:bd:cf:af:59:5b:6e:50:ba:6b:42:7f:40: 0e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:40:E1:15:81:B6:54:00:B7:35:94:9E:7E:C7:15:E5:CC:C4:AA:F9 X509v3 Authority Key Identifier: keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:93:a8:0b:dd:45:78:61:a0:ab:ae:ac:2f:c4:92:79:97:ff: e9:10:74:e5:df:79:99:27:e6:0a:30:ce:ed:e0:3a:14:38:bb: 5e:94:85:43:8e:f5:dd:14:df:ea:af:6d:d9:46:b5:3c:ec:b7: bc:e8:0c:31:e6:28:77:63:20:43:2a:6d:69:5c:ad:7e:08:2a: 9b:79:d1:17:d3:24:3b:7f:c9:09:5e:65:9d:95:a1:7c:62:ba: 4a:11:aa:e0:a8:40:b0:26:0e:59:c3:b4:3a:37:1f:21:c1:63: 43:69:af:44:8b:5a:fc:eb:cb:17:e1:64:29:bb:89:1b:b1:c5: 23:3a:09:8e:7f:86:80:53:50:54:a7:c7:af:9f:02:ec:f8:af: b3:38:fa:b3:a1:05:3b:11:dd:d1:c8:5b:1d:e4:c5:bd:a5:f0: 8e:9b:68:d0:ab:64:24:13:2f:13:79:90:cd:b5:9a:8c:e4:c0: 3b:f7:b0:2d:34:0c:f7:5e:0b:c9:68:32:d3:cc:9a:e7:ff:d9: 5a:52:63:99:52:a4:f2:06:dc:24:84:0f:93:fe:70:62:a2:c1: 33:8b:09:65:c0:14:e6:7e:77:9c:83:3a:61:54:ee:91:f5:08: 86:23:c5:29:3e:86:6e:0d:5e:1a:13:a9:16:4b:36:ee:a8:c6: b8:5a:39:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5tDKg+Kqu5QiVUa7mNMx1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2 YjU3MGIwHhcNMjUxMjIwMDMwMTA5WhcNMjUxMjIxMDMwMTA5WjAzMTEwLwYDVQQD EyhiZjQwZTExNTgxYjY1NDAwYjczNTk0OWU3ZWM3MTVlNWNjYzRhYWY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8vtc9JvQEhnjIsprD2kDX0RtKbb +8RqsxEhL75STNDlE9Lo4JLfhxWrDA/jiKY/VDSMOrXPt2Wfz6pR3eXWFR9SkcO/ gXdWSRQ21ZGdxqmngtDte6sx9wnAPSTWNxuLhY/8jFjBUlsQq4H5sUItc0dcxkw5 D0nqDz5FRih921amGADXQJaG8dOZnbeq0fXNNJYf3oAlSn9/u7NBe/Yo7V4RgQfC aGQoeBJtV4kN1JC+zLQVQ82TTK+bLOK5JQeOnhiGZ2fi6zwzvdQaJHFHtzYxjH/A HEZT/lhf80In2f8onBEKu6rzIZsL53Azn2Dxl9G9z69ZW25QumtCf0AOIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL9A4RWBtlQAtzWUnn7HFeXMxKr5MB8GA1UdIwQY MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpOoC91F eGGgq66sL8SSeZf/6RB05d95mSfmCjDO7eA6FDi7XpSFQ4713RTf6q9t2Ua1POy3 vOgMMeYod2MgQyptaVytfggqm3nRF9MkO3/JCV5lnZWhfGK6ShGq4KhAsCYOWcO0 OjcfIcFjQ2mvRIta/OvLF+FkKbuJG7HFIzoJjn+GgFNQVKfHr58C7Pivszj6s6EF OxHd0chbHeTFvaXwjpto0KtkJBMvE3mQzbWajOTAO/ewLTQM914LyWgy08ya5//Z WlJjmVKk8gbcJIQPk/5wYqLBM4sJZcAU5n53nIM6YVTukfUIhiPFKT6Gbg1eGhOp Fks27qjGuFo5oA== -----END CERTIFICATE-----Generated at Sat Dec 20 10:37:33 2025 by rpki-client