This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft File: HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json) Hash identifier: M5XOFKnyssvnof+rKRh/Qzc42mH4tqIWsGo2N/gj59o= Subject key identifier: E0:F1:2C:D3:F8:08:C4:1D:60:F0:C4:92:95:DA:72:F2:65:25:96:68 Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F Certificate issuer: /CN=1c24f1caafb3208eb827a07826417bcb9493412f Certificate serial: 019B76A45A4DF5AB7CEEF98F4781B5231C79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft Manifest number: 071C Signing time: Wed 31 Dec 2025 23:00:41 +0000 Manifest this update: Wed 31 Dec 2025 23:00:41 +0000 Manifest next update: Thu 01 Jan 2026 23:00:41 +0000 Files and hashes: 1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: 7rZv5kGu2CXmkXAFfgmxqj5Zq0/bnwDQgKdjZXnDpi4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 23:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:a4:5a:4d:f5:ab:7c:ee:f9:8f:47:81:b5:23:1c:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f Validity Not Before: Dec 31 23:00:41 2025 GMT Not After : Jan 1 23:00:41 2026 GMT Subject: CN=e0f12cd3f808c41d60f0c49295da72f265259668 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:2e:18:ac:7b:e9:98:54:8f:73:56:e8:b1:4d: 54:31:c1:39:8f:6c:fe:56:7d:6c:96:f6:f0:51:22: f4:27:c0:78:49:fe:8d:d8:b4:a2:58:cd:27:90:e0: a2:73:2d:c3:60:0d:48:6d:76:c2:0b:9e:38:c4:c9: 53:f5:fa:fa:54:2b:cf:2e:7d:39:1e:4c:85:ea:a6: 85:e0:39:68:64:da:ec:cf:d1:8f:89:9d:38:7c:cb: b9:66:3f:fb:97:62:ee:f4:3b:68:f8:3a:6f:b6:31: 9c:41:7c:43:4d:97:1f:e1:aa:14:d0:d2:15:b5:e1: 66:64:4f:0e:16:c3:83:42:eb:61:cb:88:c2:f7:53: a0:fb:c2:75:91:3e:c0:3b:f6:f6:35:c0:ac:b7:83: 42:35:e1:e6:12:e2:25:e0:79:07:d4:97:bd:5a:37: 42:1a:89:4c:13:7f:55:1a:59:b1:c0:a0:51:5a:3e: 1b:ad:ac:97:f5:5e:f9:8a:7f:6b:86:83:6d:ba:63: 27:7d:09:e4:eb:eb:a1:b0:dd:61:36:4f:7e:90:19: 6a:84:e7:b8:81:0b:02:78:6a:69:9b:fa:35:82:83: ce:8f:4e:00:3d:5e:ea:9b:20:f1:21:57:ab:40:65: ce:3a:c7:66:0b:15:2e:c1:95:24:20:92:28:a5:bd: 97:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:F1:2C:D3:F8:08:C4:1D:60:F0:C4:92:95:DA:72:F2:65:25:96:68 X509v3 Authority Key Identifier: keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:a4:dd:93:8d:76:21:fc:1d:da:88:8a:50:f1:89:96:65:9c: 22:6a:70:08:3f:c9:0f:f2:bc:d8:93:3f:55:63:66:96:47:1f: 5f:cb:37:6d:5d:d4:26:c7:a8:37:11:a5:df:3a:54:8f:0d:95: b8:1c:ec:0a:72:17:79:5a:d2:7d:2e:48:e0:62:a0:e8:d9:b4: bd:5d:a0:53:e9:1b:3c:1c:e5:9a:d1:04:37:ee:7b:44:bf:3c: b8:d6:b1:14:6f:dd:c4:ca:98:f7:5a:35:a4:cb:07:7f:4d:f7: 76:8c:58:ed:2d:7f:cf:bb:36:5a:a6:be:c7:b9:dd:78:aa:90: 74:69:00:62:9c:49:ac:cb:24:45:ca:a9:11:64:90:a2:26:9c: 7e:55:42:d2:16:bc:89:85:aa:94:4f:a7:d7:fb:7d:fc:6d:68: b0:0a:bb:b3:c8:34:be:c5:32:b7:53:04:bc:46:58:1b:54:f0: 0e:48:1f:ae:35:16:79:9e:53:1b:12:6e:28:4b:91:9e:f5:53: 12:42:15:9a:be:99:f9:65:a4:b8:c9:68:e7:cc:c8:0b:b8:7b: 43:3f:39:b2:b6:69:91:1a:37:c0:68:c9:c3:09:a3:c2:22:bc: a6:a5:47:db:83:a1:66:55:87:95:63:76:b2:d4:0c:c1:66:8b: f9:a4:d1:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt2pFpN9at87vmPR4G1Ixx5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5 MzQxMmYwHhcNMjUxMjMxMjMwMDQxWhcNMjYwMTAxMjMwMDQxWjAzMTEwLwYDVQQD EyhlMGYxMmNkM2Y4MDhjNDFkNjBmMGM0OTI5NWRhNzJmMjY1MjU5NjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy4YrHvpmFSPc1bosU1UMcE5j2z+ Vn1slvbwUSL0J8B4Sf6N2LSiWM0nkOCicy3DYA1IbXbCC544xMlT9fr6VCvPLn05 HkyF6qaF4DloZNrsz9GPiZ04fMu5Zj/7l2Lu9Dto+DpvtjGcQXxDTZcf4aoU0NIV teFmZE8OFsODQuthy4jC91Og+8J1kT7AO/b2NcCst4NCNeHmEuIl4HkH1Je9WjdC GolME39VGlmxwKBRWj4brayX9V75in9rhoNtumMnfQnk6+uhsN1hNk9+kBlqhOe4 gQsCeGppm/o1goPOj04APV7qmyDxIVerQGXOOsdmCxUuwZUkIJIopb2XPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFODxLNP4CMQdYPDEkpXacvJlJZZoMB8GA1UdIwQY MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf6Tdk412 Ifwd2oiKUPGJlmWcImpwCD/JD/K82JM/VWNmlkcfX8s3bV3UJseoNxGl3zpUjw2V uBzsCnIXeVrSfS5I4GKg6Nm0vV2gU+kbPBzlmtEEN+57RL88uNaxFG/dxMqY91o1 pMsHf033doxY7S1/z7s2Wqa+x7ndeKqQdGkAYpxJrMskRcqpEWSQoiacflVC0ha8 iYWqlE+n1/t9/G1osAq7s8g0vsUyt1MEvEZYG1TwDkgfrjUWeZ5TGxJuKEuRnvVT EkIVmr6Z+WWkuMlo58zIC7h7Qz85srZpkRo3wGjJwwmjwiK8pqVH24OhZlWHlWN2 stQMwWaL+aTR3w== -----END CERTIFICATE-----Generated at Thu Jan 1 08:46:18 2026 by rpki-client