This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.mft File: hleGx1_BZYSwJx_ye5cdcjQWYY0.mft (raw, json) Hash identifier: AzTcfdhYCg1QVWXb/IeexBfXhdeGj9bVkg1OTFND0aM= Subject key identifier: 05:AB:16:81:7B:90:63:79:E9:93:4E:62:06:6D:DC:6A:B8:FA:72:BD Authority key identifier: 86:57:86:C7:5F:C1:65:84:B0:27:1F:F2:7B:97:1D:72:34:16:61:8D Certificate issuer: /CN=865786c75fc16584b0271ff27b971d723416618d Certificate serial: 019B3FECB39ADE6CCCD4D1569B5A2F8A4B6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hleGx1_BZYSwJx_ye5cdcjQWYY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.mft Manifest number: 1015 Signing time: Sun 21 Dec 2025 08:00:35 +0000 Manifest this update: Sun 21 Dec 2025 08:00:35 +0000 Manifest next update: Mon 22 Dec 2025 08:00:35 +0000 Files and hashes: 1: hleGx1_BZYSwJx_ye5cdcjQWYY0.crl (hash: wod1GF7XLTXONvhX02+9ene924d8dAhwMMrE/huMPYQ=) 2: ninSWYVRxBIemI94j-PYMUSu2YA.roa (hash: QrrWAcI9XBwetBsmpQPw5YCVH1U9RR0mswsdxCxACug=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.crl rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.mft rsync://rpki.ripe.net/repository/DEFAULT/hleGx1_BZYSwJx_ye5cdcjQWYY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 08:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ec:b3:9a:de:6c:cc:d4:d1:56:9b:5a:2f:8a:4b:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=865786c75fc16584b0271ff27b971d723416618d Validity Not Before: Dec 21 08:00:35 2025 GMT Not After : Dec 22 08:00:35 2025 GMT Subject: CN=05ab16817b906379e9934e62066ddc6ab8fa72bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:65:b0:f5:2e:55:6e:86:96:59:75:38:ef:bb: f7:22:4a:a0:1c:fb:15:eb:f3:05:1d:07:18:8e:28: 81:d0:dd:e4:8b:a5:a0:b4:95:32:c7:08:76:17:03: fd:4d:13:f9:36:e7:c7:a4:4b:1d:94:8e:ec:85:a4: 7a:a5:30:81:1f:16:10:9a:c9:76:93:30:da:1e:87: 63:8e:9f:f3:88:99:cc:d7:7d:ff:8d:79:5c:84:6e: be:c6:47:f7:00:8f:0a:c6:aa:17:64:81:03:64:d6: 0d:8f:c9:7b:72:f0:1f:72:55:1d:a8:5c:15:d5:c7: a4:e1:b6:a5:ee:6f:ee:28:77:63:8c:3c:b8:eb:51: 38:52:91:2b:aa:74:68:3e:b2:53:56:de:52:fd:59: 9e:28:ff:1a:4d:45:eb:b6:b6:c3:eb:55:74:b7:86: e7:84:8d:08:de:9d:1b:10:1e:1a:98:db:4d:66:cc: 77:12:b1:4c:0f:52:44:2d:a5:03:27:56:85:6c:9f: a5:80:de:c9:b7:0c:bb:f8:1c:ff:b1:a8:0c:95:22: 20:f2:57:15:2e:50:e0:e8:cd:36:12:bf:58:d5:42: 1d:35:a7:87:6b:31:1f:69:b8:d2:f3:81:f5:c3:53: 6e:08:f2:37:f4:9f:f4:48:f5:ba:ac:de:5b:01:ee: c9:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:AB:16:81:7B:90:63:79:E9:93:4E:62:06:6D:DC:6A:B8:FA:72:BD X509v3 Authority Key Identifier: keyid:86:57:86:C7:5F:C1:65:84:B0:27:1F:F2:7B:97:1D:72:34:16:61:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hleGx1_BZYSwJx_ye5cdcjQWYY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:12:ae:54:e9:22:f8:0a:92:5a:da:01:71:21:e2:7b:a6:75: 35:6b:df:0a:22:a7:66:f0:ec:46:c9:5e:a3:b8:76:6b:1d:26: e1:f2:96:be:8e:9b:fe:68:e5:a5:ec:5d:93:00:4f:23:23:4d: b3:34:70:22:ad:d7:ae:8c:7f:22:c1:df:aa:f9:7c:e6:13:1d: 91:09:34:83:da:3b:b9:19:cc:fb:1d:40:f2:87:58:b5:57:3e: a8:95:94:8e:d8:df:86:c4:26:37:8e:d4:2e:47:fb:88:03:ee: 83:4f:bc:2a:91:ec:62:f4:1c:27:3a:15:16:8d:bf:ce:99:9e: 4e:c7:bd:8c:37:2b:d8:31:7f:0e:ad:34:2d:d5:f0:62:40:7b: 02:18:db:94:93:49:e7:05:50:0d:02:b7:af:17:6d:8c:cd:f8: 06:95:ad:4e:bd:b8:0b:c3:73:09:15:b7:3b:d9:02:c8:90:b0: 82:de:78:ac:37:35:ad:51:a0:14:f2:53:0a:81:ca:fa:69:f5: 9b:aa:17:59:fc:d8:67:5b:42:0d:d2:6e:9d:de:da:45:dd:9d: 3e:06:75:04:e0:40:5a:b3:56:25:9c:ad:a9:d4:bf:4d:1d:34: a8:c6:54:60:90:ce:31:ab:68:cf:a5:37:69:21:3b:ca:5a:06: bc:3a:bc:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7LOa3mzM1NFWm1oviktqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NTc4NmM3NWZjMTY1ODRiMDI3MWZmMjdiOTcxZDcyMzQx NjYxOGQwHhcNMjUxMjIxMDgwMDM1WhcNMjUxMjIyMDgwMDM1WjAzMTEwLwYDVQQD EygwNWFiMTY4MTdiOTA2Mzc5ZTk5MzRlNjIwNjZkZGM2YWI4ZmE3MmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGWw9S5VboaWWXU477v3IkqgHPsV 6/MFHQcYjiiB0N3ki6WgtJUyxwh2FwP9TRP5NufHpEsdlI7shaR6pTCBHxYQmsl2 kzDaHodjjp/ziJnM133/jXlchG6+xkf3AI8KxqoXZIEDZNYNj8l7cvAfclUdqFwV 1cek4bal7m/uKHdjjDy461E4UpErqnRoPrJTVt5S/VmeKP8aTUXrtrbD61V0t4bn hI0I3p0bEB4amNtNZsx3ErFMD1JELaUDJ1aFbJ+lgN7Jtwy7+Bz/sagMlSIg8lcV LlDg6M02Er9Y1UIdNaeHazEfabjS84H1w1NuCPI39J/0SPW6rN5bAe7JNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAWrFoF7kGN56ZNOYgZt3Gq4+nK9MB8GA1UdIwQY MBaAFIZXhsdfwWWEsCcf8nuXHXI0FmGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGxlR3gxX0JaWVN3SnhfeWU1Y2RjalFXWVkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xOWE2NDktMDQ0Mi00ZjNkLTljYjkt OGNmOWQ1MGFkZjI5LzEvaGxlR3gxX0JaWVN3SnhfeWU1Y2RjalFXWVkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My8xOWE2NDktMDQ0Mi00ZjNkLTljYjktOGNmOWQ1MGFkZjI5 LzEvaGxlR3gxX0JaWVN3SnhfeWU1Y2RjalFXWVkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBKuVOki +AqSWtoBcSHie6Z1NWvfCiKnZvDsRsleo7h2ax0m4fKWvo6b/mjlpexdkwBPIyNN szRwIq3Xrox/IsHfqvl85hMdkQk0g9o7uRnM+x1A8odYtVc+qJWUjtjfhsQmN47U Lkf7iAPug0+8KpHsYvQcJzoVFo2/zpmeTse9jDcr2DF/Dq00LdXwYkB7AhjblJNJ 5wVQDQK3rxdtjM34BpWtTr24C8NzCRW3O9kCyJCwgt54rDc1rVGgFPJTCoHK+mn1 m6oXWfzYZ1tCDdJund7aRd2dPgZ1BOBAWrNWJZytqdS/TR00qMZUYJDOMatoz6U3 aSE7yloGvDq8Gg== -----END CERTIFICATE-----Generated at Sun Dec 21 18:17:39 2025 by rpki-client