This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft File: HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json) Hash identifier: 86yjn9n5GNQBhfC9PgU3BgqRhgPMYXUN33PJJE/8ACM= Subject key identifier: 2C:A0:C7:5E:DD:F7:E7:E8:FE:E4:7B:4D:EC:E9:DF:9D:E8:5C:AA:1A Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8 Certificate issuer: /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8 Certificate serial: 019B2FD4EF54DCAF408A1B0D30A93487BDBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft Manifest number: 0320 Signing time: Thu 18 Dec 2025 05:00:42 +0000 Manifest this update: Thu 18 Dec 2025 05:00:42 +0000 Manifest next update: Fri 19 Dec 2025 05:00:42 +0000 Files and hashes: 1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: z94w4K3lMDnGQ8wMOnS89sN+Qze4i9+zU0MNahJ6/ZY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d4:ef:54:dc:af:40:8a:1b:0d:30:a9:34:87:bd:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8 Validity Not Before: Dec 18 05:00:42 2025 GMT Not After : Dec 19 05:00:42 2025 GMT Subject: CN=2ca0c75eddf7e7e8fee47b4dece9df9de85caa1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:f1:d1:f9:ee:6f:62:64:19:92:04:1b:62:74: d3:17:6c:08:5c:61:b3:0b:bf:a0:42:6f:ae:02:24: d3:59:2c:d6:dd:fe:36:84:46:f3:63:29:8d:84:34: ed:41:9e:6e:93:02:52:4c:9b:d6:a7:80:1f:ba:53: e7:93:b4:70:4e:b7:24:40:e8:d8:a6:8e:2f:96:98: 1f:29:52:a6:14:0a:03:42:d3:62:7e:7f:d3:ee:12: 93:d7:a4:9e:c5:b7:b8:33:d9:da:74:a8:27:d4:87: 5d:b9:b1:bd:4b:35:8c:1a:3a:40:ee:5f:31:18:b2: 45:49:94:52:39:a1:ae:cf:89:0c:47:6f:c8:53:cb: f3:61:a0:07:bc:a4:dd:e7:46:dd:fa:72:52:08:ad: d7:64:be:db:c7:43:a2:05:83:31:04:0a:65:0b:b2: f0:07:8f:f3:65:35:db:3e:dc:49:ac:50:d8:77:d7: a1:4f:4e:c0:5e:39:ab:f8:47:2f:a7:06:a1:92:a6: 70:52:1b:41:60:84:8f:11:1d:cd:c3:6f:36:42:ea: 70:08:1f:70:95:61:d7:07:b9:f9:c0:70:a2:00:b9: c8:6c:49:24:f2:38:9a:93:e8:c7:d2:cf:74:1e:17: c2:cb:fa:bc:04:38:9a:7c:a0:d6:8f:05:92:73:a8: 9a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:A0:C7:5E:DD:F7:E7:E8:FE:E4:7B:4D:EC:E9:DF:9D:E8:5C:AA:1A X509v3 Authority Key Identifier: keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:00:d7:59:87:86:e1:85:96:40:f3:3d:04:8a:14:7a:50:30: b8:3b:b5:ad:3e:09:4d:f9:d2:37:30:0c:6c:b2:af:9f:ab:97: af:45:b1:bc:fd:05:f2:8d:cc:fd:2c:bc:87:95:25:f1:4d:7c: 92:0c:88:0d:88:00:16:e3:ff:3b:24:95:2e:d5:54:19:33:48: 4d:a4:31:1d:b2:0d:90:38:b6:ac:3e:4e:0c:a1:b3:3a:d7:48: 4f:42:2b:ee:54:d6:ca:1f:42:69:92:63:f7:0f:93:98:d6:44: 9f:d9:c4:4d:7d:36:3c:ef:7d:23:e6:13:7a:60:a4:5c:46:d0: 27:6b:1d:6e:60:f1:23:e1:bf:11:96:e9:c0:74:ea:69:3d:26: 96:e4:95:01:27:b0:fc:39:50:3e:45:e3:20:75:6f:e3:60:9f: 26:a6:13:16:f0:c1:5c:b7:8f:fe:d2:46:b0:cd:88:6f:7b:fd: 33:6a:59:dd:41:97:bd:54:6d:dc:ec:1a:5a:a7:b4:93:33:32: a6:9e:f3:c2:70:42:02:35:e0:55:6f:85:d1:5d:a1:17:43:32: 7e:3e:5b:dc:e7:6d:e8:03:58:c9:7a:1b:b2:ba:bc:16:95:40: 50:a5:82:a0:29:af:93:12:24:68:0c:5c:3c:97:ff:1e:6a:5b: 20:f0:b5:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1O9U3K9AihsNMKk0h72/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh NWExYjgwHhcNMjUxMjE4MDUwMDQyWhcNMjUxMjE5MDUwMDQyWjAzMTEwLwYDVQQD EygyY2EwYzc1ZWRkZjdlN2U4ZmVlNDdiNGRlY2U5ZGY5ZGU4NWNhYTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fHR+e5vYmQZkgQbYnTTF2wIXGGz C7+gQm+uAiTTWSzW3f42hEbzYymNhDTtQZ5ukwJSTJvWp4AfulPnk7RwTrckQOjY po4vlpgfKVKmFAoDQtNifn/T7hKT16Sexbe4M9nadKgn1IddubG9SzWMGjpA7l8x GLJFSZRSOaGuz4kMR2/IU8vzYaAHvKTd50bd+nJSCK3XZL7bx0OiBYMxBAplC7Lw B4/zZTXbPtxJrFDYd9ehT07AXjmr+EcvpwahkqZwUhtBYISPER3Nw282QupwCB9w lWHXB7n5wHCiALnIbEkk8jiak+jH0s90HhfCy/q8BDiafKDWjwWSc6iauwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCygx17d9+fo/uR7Tezp353oXKoaMB8GA1UdIwQY MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2 LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQDXWYeG 4YWWQPM9BIoUelAwuDu1rT4JTfnSNzAMbLKvn6uXr0WxvP0F8o3M/Sy8h5Ul8U18 kgyIDYgAFuP/OySVLtVUGTNITaQxHbINkDi2rD5ODKGzOtdIT0Ir7lTWyh9CaZJj 9w+TmNZEn9nETX02PO99I+YTemCkXEbQJ2sdbmDxI+G/EZbpwHTqaT0mluSVASew /DlQPkXjIHVv42CfJqYTFvDBXLeP/tJGsM2Ib3v9M2pZ3UGXvVRt3OwaWqe0kzMy pp7zwnBCAjXgVW+F0V2hF0Myfj5b3Odt6ANYyXobsrq8FpVAUKWCoCmvkxIkaAxc PJf/HmpbIPC1aQ== -----END CERTIFICATE-----Generated at Thu Dec 18 11:11:04 2025 by rpki-client