This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft File: hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft (raw, json) Hash identifier: nbdY+wdkkI51F4C4jya7INx4YmwkqOKa/QEIuEPg5Ps= Subject key identifier: D8:0E:36:FF:FE:49:92:5D:09:3F:3E:B1:06:02:50:40:A3:7E:2C:81 Authority key identifier: 84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C Certificate issuer: /CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c Certificate serial: 019B97425E7EEDEA403D7C2959C64FB182C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft Manifest number: 0A9C Signing time: Wed 07 Jan 2026 07:01:07 +0000 Manifest this update: Wed 07 Jan 2026 07:01:07 +0000 Manifest next update: Thu 08 Jan 2026 07:01:07 +0000 Files and hashes: 1: hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl (hash: CKHx/YzVSCEVcMg6e6bZwp5WiPdWZXTOpmhNiBCIOrs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 07:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:97:42:5e:7e:ed:ea:40:3d:7c:29:59:c6:4f:b1:82:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=842b18f8d1db1f947621b2d8f786603e2b1bd50c Validity Not Before: Jan 7 07:01:07 2026 GMT Not After : Jan 8 07:01:07 2026 GMT Subject: CN=d80e36fffe49925d093f3eb106025040a37e2c81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ae:bc:91:6c:2c:76:21:a3:44:8d:94:a7:9d: ce:27:ba:f6:22:ab:51:00:b7:8a:5c:83:12:ff:10: 8a:c8:9c:5a:53:71:45:34:86:fb:ea:e8:35:25:11: d2:2b:0a:70:55:8d:b8:4c:a1:c2:ce:5b:fa:5f:bd: 09:ef:8a:15:f0:d1:b2:f2:88:a0:2f:a1:94:e8:b8: 7c:af:58:3c:be:39:99:37:05:01:bb:d4:df:5d:5d: 15:41:17:a9:3d:9d:4a:3b:ba:be:e4:bf:12:37:f4: cb:35:45:5e:a4:16:a7:89:e2:d4:11:89:52:50:1a: 89:1d:99:c3:a9:88:f7:97:bb:da:3e:e3:db:cc:4d: 5f:08:be:14:57:33:4b:5c:0d:24:9a:7f:e7:41:f8: 98:85:2c:37:8d:4a:bf:2c:cb:80:74:b3:a2:ca:9c: 00:53:94:c0:26:30:ef:9f:f3:82:27:bc:6f:d9:ba: 89:48:7f:8a:87:3d:df:62:ff:6e:44:74:9c:50:31: 8c:a0:71:92:ab:8f:21:e2:c0:ed:97:da:cd:e4:3a: d3:84:7f:c8:9f:ca:57:6d:4e:03:af:da:30:c3:d6: 4f:f3:26:ee:83:d3:c2:60:c0:eb:03:e5:7d:9b:07: fc:3e:07:0c:61:a9:05:0c:1f:92:c7:5a:ea:95:8f: 1d:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:0E:36:FF:FE:49:92:5D:09:3F:3E:B1:06:02:50:40:A3:7E:2C:81 X509v3 Authority Key Identifier: keyid:84:2B:18:F8:D1:DB:1F:94:76:21:B2:D8:F7:86:60:3E:2B:1B:D5:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCsY-NHbH5R2IbLY94ZgPisb1Qw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/3c8e78-dfa0-4616-b228-0b970b96c90b/1/hCsY-NHbH5R2IbLY94ZgPisb1Qw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:de:45:4f:0e:0e:98:61:a7:ba:bd:05:16:78:53:eb:13:08: f4:bc:bb:2a:dc:78:82:67:3f:a9:5b:2d:49:8a:8a:12:c6:37: cc:52:b4:45:8e:21:68:e1:08:d6:70:7b:5e:b2:ab:a5:9b:c2: 76:b5:6a:97:50:6f:42:3d:94:a1:09:c6:e0:0c:c0:92:89:44: bf:ae:4a:a8:40:20:92:ce:cc:a4:81:19:85:b4:c4:8e:c5:2a: d8:0a:04:4f:56:25:bd:80:d4:37:2e:c6:36:12:59:af:52:5c: 9e:5a:91:c7:35:eb:01:67:4d:09:a1:6c:83:8c:7b:7b:18:d3: 0f:fb:37:8f:da:e2:5d:17:09:fb:40:e9:ca:b2:eb:7f:ab:bf: a5:96:cd:fe:b8:03:1f:80:bc:92:a6:02:08:90:e9:08:84:55: 6d:b8:c3:08:61:ee:f3:8f:53:19:7b:18:1f:32:3a:55:2f:9c: 30:07:10:60:ef:26:f0:60:eb:5a:ae:ab:0f:58:bd:fb:b9:b2: ac:f1:b3:9d:6e:ca:62:b5:dc:97:ba:ca:e6:75:16:be:15:31: 22:53:08:d3:61:29:aa:77:c8:3f:1a:82:72:c0:fa:53:db:6e: 87:40:26:7d:76:eb:9c:a5:e4:10:42:85:7a:13:d4:8e:f1:87: b2:04:d1:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuXQl5+7epAPXwpWcZPsYLDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0MmIxOGY4ZDFkYjFmOTQ3NjIxYjJkOGY3ODY2MDNlMmIx YmQ1MGMwHhcNMjYwMTA3MDcwMTA3WhcNMjYwMTA4MDcwMTA3WjAzMTEwLwYDVQQD EyhkODBlMzZmZmZlNDk5MjVkMDkzZjNlYjEwNjAyNTA0MGEzN2UyYzgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq668kWwsdiGjRI2Up53OJ7r2IqtR ALeKXIMS/xCKyJxaU3FFNIb76ug1JRHSKwpwVY24TKHCzlv6X70J74oV8NGy8oig L6GU6Lh8r1g8vjmZNwUBu9TfXV0VQRepPZ1KO7q+5L8SN/TLNUVepBanieLUEYlS UBqJHZnDqYj3l7vaPuPbzE1fCL4UVzNLXA0kmn/nQfiYhSw3jUq/LMuAdLOiypwA U5TAJjDvn/OCJ7xv2bqJSH+Khz3fYv9uRHScUDGMoHGSq48h4sDtl9rN5DrThH/I n8pXbU4Dr9oww9ZP8ybug9PCYMDrA+V9mwf8PgcMYakFDB+Sx1rqlY8dwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNgONv/+SZJdCT8+sQYCUECjfiyBMB8GA1UdIwQY MBaAFIQrGPjR2x+UdiGy2PeGYD4rG9UMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgt MGI5NzBiOTZjOTBiLzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8zYzhlNzgtZGZhMC00NjE2LWIyMjgtMGI5NzBiOTZjOTBi LzEvaENzWS1OSGJINVIySWJMWTk0WmdQaXNiMVF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAd5FTw4O mGGnur0FFnhT6xMI9Ly7Ktx4gmc/qVstSYqKEsY3zFK0RY4haOEI1nB7XrKrpZvC drVql1BvQj2UoQnG4AzAkolEv65KqEAgks7MpIEZhbTEjsUq2AoET1YlvYDUNy7G NhJZr1JcnlqRxzXrAWdNCaFsg4x7exjTD/s3j9riXRcJ+0DpyrLrf6u/pZbN/rgD H4C8kqYCCJDpCIRVbbjDCGHu849TGXsYHzI6VS+cMAcQYO8m8GDrWq6rD1i9+7my rPGznW7KYrXcl7rK5nUWvhUxIlMI02EpqnfIPxqCcsD6U9tuh0AmfXbrnKXkEEKF ehPUjvGHsgTRtA== -----END CERTIFICATE-----Generated at Wed Jan 7 10:23:44 2026 by rpki-client