This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft File: hlsHwonfa8nHYttDKboM48Up_ss.mft (raw, json) Hash identifier: c2ECh1UB4Q85fuShA9LvThzggrI1UrCbFgRwGMoaQdc= Subject key identifier: 1D:AD:B4:CE:9E:9E:3E:83:5C:56:E6:8B:00:A9:46:25:A5:7F:3B:6E Authority key identifier: 86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB Certificate issuer: /CN=865b07c289df6bc9c762db4329ba0ce3c529fecb Certificate serial: 019B3E356F4FC25729EDEA26AAB319769508 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft Manifest number: 017B Signing time: Sun 21 Dec 2025 00:00:47 +0000 Manifest this update: Sun 21 Dec 2025 00:00:47 +0000 Manifest next update: Mon 22 Dec 2025 00:00:47 +0000 Files and hashes: 1: EyJIl9GgE7NEizESEZnZ9ODAHzw.roa (hash: TDhr2Br5ELeOUc6goo8nbxisdzgPRnJxdfCh2qX9VlY=) 2: hlsHwonfa8nHYttDKboM48Up_ss.crl (hash: vSBktRwtJShPQVp1fuLhVSUi9fQFqSQZwZrnhJGiq6E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:35:6f:4f:c2:57:29:ed:ea:26:aa:b3:19:76:95:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=865b07c289df6bc9c762db4329ba0ce3c529fecb Validity Not Before: Dec 21 00:00:47 2025 GMT Not After : Dec 22 00:00:47 2025 GMT Subject: CN=1dadb4ce9e9e3e835c56e68b00a94625a57f3b6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:1c:f2:ae:f8:47:b3:3c:55:d9:df:7b:8c:c3: db:b1:b3:4e:8b:66:cd:03:59:6f:fc:a6:d5:8d:48: 0c:28:ef:ac:41:40:5e:6f:ab:75:0d:ff:ed:da:f3: b5:7e:68:e4:64:c4:a4:a9:17:ea:f3:52:6e:94:5c: 92:1b:a6:e0:32:8e:0b:6e:ff:c2:9d:14:40:fc:c4: 5f:91:14:e9:eb:fe:1b:06:8d:16:36:e6:c8:5e:92: 21:00:35:e5:c9:19:60:ac:fa:8f:ed:82:a0:d2:4e: 56:10:21:ab:52:b6:31:c1:34:99:f5:88:1f:db:02: 14:fc:43:1e:e8:95:ad:16:b6:b5:01:0b:94:1d:f1: b0:50:b6:ec:2a:68:78:a4:12:c8:3a:55:f8:55:b6: 89:7b:1e:73:a3:fc:2d:73:dd:97:b5:6c:b3:44:d5: 9c:da:dc:d8:a6:d4:bf:c1:8c:d2:36:55:ae:d1:46: 5e:b1:ab:e8:bd:28:d1:6a:46:65:ae:2b:e4:62:16: 11:63:b3:55:4d:de:71:92:9b:13:0a:ed:0e:93:4a: a3:9f:f7:28:5c:bb:90:32:1e:79:78:ce:ac:b0:4f: d0:4e:f8:ba:a8:d5:a2:6c:09:e5:30:fc:43:ab:9f: 39:23:51:cf:6d:1e:42:f5:41:a1:8d:48:06:d0:44: 43:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:AD:B4:CE:9E:9E:3E:83:5C:56:E6:8B:00:A9:46:25:A5:7F:3B:6E X509v3 Authority Key Identifier: keyid:86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:eb:b1:33:10:d4:4c:da:73:d1:03:63:84:55:ea:23:43:a4: fb:87:57:b9:d5:78:0f:32:7f:8b:8d:9c:4b:3b:a6:a8:1e:3b: d4:49:97:2c:e2:5a:6f:8e:16:fc:16:13:19:8e:86:a7:3b:3e: 58:77:c7:a7:97:8c:8c:d2:ae:bf:d5:af:80:03:bb:36:77:7b: 80:55:8f:74:b9:4f:36:3f:af:90:2c:40:d2:7d:2e:58:4b:a9: b1:13:dd:fa:78:65:31:c9:20:8f:5b:4c:7e:b3:8e:4b:96:7d: 78:72:6a:51:0d:d5:fc:f9:61:21:92:65:cb:81:28:02:c7:e8: 29:85:b5:7e:92:9f:25:65:53:67:f4:c6:40:ce:51:51:09:f5: 41:b7:9a:0c:28:fa:cf:01:93:c1:ca:e9:78:02:81:48:03:52: c6:39:ba:25:86:6f:b6:56:5f:5e:04:0d:7e:01:e2:87:dd:24: ee:67:10:46:7e:86:32:70:73:98:b4:27:b5:ae:11:ba:2a:37: 46:b9:eb:64:73:20:6b:e4:a5:bb:96:3e:d4:b7:c2:53:82:96: 35:1f:a1:00:7f:87:81:80:80:22:9e:73:11:d9:22:a6:22:58: d6:c9:26:91:d8:29:9f:f2:a4:05:d8:6a:ac:4d:de:36:c6:d5: 58:35:49:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+NW9Pwlcp7eomqrMZdpUIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NWIwN2MyODlkZjZiYzljNzYyZGI0MzI5YmEwY2UzYzUy OWZlY2IwHhcNMjUxMjIxMDAwMDQ3WhcNMjUxMjIyMDAwMDQ3WjAzMTEwLwYDVQQD EygxZGFkYjRjZTllOWUzZTgzNWM1NmU2OGIwMGE5NDYyNWE1N2YzYjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRzyrvhHszxV2d97jMPbsbNOi2bN A1lv/KbVjUgMKO+sQUBeb6t1Df/t2vO1fmjkZMSkqRfq81JulFySG6bgMo4Lbv/C nRRA/MRfkRTp6/4bBo0WNubIXpIhADXlyRlgrPqP7YKg0k5WECGrUrYxwTSZ9Ygf 2wIU/EMe6JWtFra1AQuUHfGwULbsKmh4pBLIOlX4VbaJex5zo/wtc92XtWyzRNWc 2tzYptS/wYzSNlWu0UZesavovSjRakZlrivkYhYRY7NVTd5xkpsTCu0Ok0qjn/co XLuQMh55eM6ssE/QTvi6qNWibAnlMPxDq585I1HPbR5C9UGhjUgG0ERDzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB2ttM6enj6DXFbmiwCpRiWlfztuMB8GA1UdIwQY MBaAFIZbB8KJ32vJx2LbQym6DOPFKf7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEt MmFmYTMwM2U0OTVkLzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEtMmFmYTMwM2U0OTVk LzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+uxMxDU TNpz0QNjhFXqI0Ok+4dXudV4DzJ/i42cSzumqB471EmXLOJab44W/BYTGY6Gpzs+ WHfHp5eMjNKuv9WvgAO7Nnd7gFWPdLlPNj+vkCxA0n0uWEupsRPd+nhlMckgj1tM frOOS5Z9eHJqUQ3V/PlhIZJly4EoAsfoKYW1fpKfJWVTZ/TGQM5RUQn1QbeaDCj6 zwGTwcrpeAKBSANSxjm6JYZvtlZfXgQNfgHih90k7mcQRn6GMnBzmLQnta4Ruio3 RrnrZHMga+Slu5Y+1LfCU4KWNR+hAH+HgYCAIp5zEdkipiJY1skmkdgpn/KkBdhq rE3eNsbVWDVJmg== -----END CERTIFICATE-----Generated at Sun Dec 21 03:56:34 2025 by rpki-client