This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft File: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json) Hash identifier: St0P3IlWo8Ua+U8FFHiBrhVaqhzG91m37BFMKhEhuaw= Subject key identifier: E4:E6:8E:22:86:A2:27:26:45:25:AF:CB:2E:61:8E:CA:98:94:6C:C6 Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66 Certificate issuer: /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266 Certificate serial: 019B53ABCD2962094D8C1DB4DDD2E1A5A06B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft Manifest number: 118E Signing time: Thu 25 Dec 2025 04:02:06 +0000 Manifest this update: Thu 25 Dec 2025 04:02:06 +0000 Manifest next update: Fri 26 Dec 2025 04:02:06 +0000 Files and hashes: 1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: r+6cw+G7dNppa0QErdCXWLzhJ9o51LpRD3WkAG6d24U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:ab:cd:29:62:09:4d:8c:1d:b4:dd:d2:e1:a5:a0:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266 Validity Not Before: Dec 25 04:02:06 2025 GMT Not After : Dec 26 04:02:06 2025 GMT Subject: CN=e4e68e2286a227264525afcb2e618eca98946cc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:d6:eb:a9:7e:e5:8e:76:68:ea:1a:17:5a:49: 54:74:13:ef:c8:e2:d5:0a:47:3d:f6:2d:1c:10:0f: c4:5b:03:2d:4f:6e:21:13:52:2d:02:7b:0b:d2:ff: 70:14:5a:fe:44:a5:2e:3d:62:8a:f9:d7:6b:0f:c9: 2c:02:8e:42:83:45:6c:08:fa:c3:03:9b:01:e2:fd: b6:17:41:f3:7a:d2:da:2d:53:be:68:ba:d3:db:b9: 85:5e:e8:97:50:ea:41:8f:42:3b:07:9a:06:3a:76: 7b:18:12:85:d0:c4:97:46:ec:be:0b:26:5b:40:5d: cb:ec:20:a7:4a:59:b5:ba:87:71:aa:84:88:92:97: ba:a3:d6:79:ae:bb:3c:24:66:59:bf:b3:ac:c0:ab: ec:5d:fd:9a:69:40:0f:5e:d2:8b:4a:c9:5e:2b:44: 94:8e:10:ec:88:6f:57:4c:86:b5:52:83:9f:4c:14: 92:03:44:39:85:32:93:64:55:e5:14:1c:e4:90:1c: 6a:d9:b1:4f:cb:dc:e2:62:08:d4:66:0c:91:ad:80: bd:12:cf:8f:f1:7f:e1:57:1d:7a:7a:a8:4c:bb:8a: b5:52:52:e0:e5:68:de:f1:55:a9:3b:41:79:73:3b: af:76:6e:94:38:62:a8:b7:9c:a2:20:7c:cf:ce:80: 75:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:E6:8E:22:86:A2:27:26:45:25:AF:CB:2E:61:8E:CA:98:94:6C:C6 X509v3 Authority Key Identifier: keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:8f:f8:c4:80:a5:b9:34:18:b3:d2:57:33:27:d5:de:08:a7: 27:f9:b9:3e:40:04:3f:23:cf:1c:c0:95:b3:5a:68:22:44:00: 15:33:8e:2d:ba:d7:2c:fc:e7:33:f8:11:c8:35:75:ef:f3:d1: ef:78:e7:6a:5a:29:4f:eb:cc:20:31:e1:0c:7d:44:01:f9:f3: 0e:6e:4d:73:ac:2e:d8:70:5e:f0:3f:b0:6b:be:58:7d:9c:6c: 13:10:8f:d3:df:85:c8:4b:fe:5f:19:33:19:6d:7b:c7:07:39: 38:ab:72:4c:5c:ee:d5:c4:e9:5c:b0:db:65:d2:bf:1a:81:e1: eb:00:06:36:1c:f6:44:5f:14:13:64:4e:82:19:fd:11:38:99: 2d:8f:2e:25:3f:7c:bf:2f:f1:b3:c4:0e:44:71:3d:f8:5f:63: 13:1d:6e:c6:a8:52:a8:e2:45:d4:3c:66:d3:b9:ab:62:71:36: 63:54:3b:b4:fe:b4:35:b3:17:cd:51:fc:48:13:d6:b0:fd:9a: b1:88:9c:14:97:9e:a0:a0:c3:3c:99:d4:b6:79:11:40:ef:5e: a0:aa:69:3f:b5:f0:3a:c6:b2:30:01:70:4f:13:b8:48:6a:86: d9:8c:55:68:38:f0:3a:4e:c4:18:dc:9c:f0:a3:46:d7:fb:c0: 3d:e2:99:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTq80pYglNjB203dLhpaBrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3 MGIyNjYwHhcNMjUxMjI1MDQwMjA2WhcNMjUxMjI2MDQwMjA2WjAzMTEwLwYDVQQD EyhlNGU2OGUyMjg2YTIyNzI2NDUyNWFmY2IyZTYxOGVjYTk4OTQ2Y2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9brqX7ljnZo6hoXWklUdBPvyOLV Ckc99i0cEA/EWwMtT24hE1ItAnsL0v9wFFr+RKUuPWKK+ddrD8ksAo5Cg0VsCPrD A5sB4v22F0HzetLaLVO+aLrT27mFXuiXUOpBj0I7B5oGOnZ7GBKF0MSXRuy+CyZb QF3L7CCnSlm1uodxqoSIkpe6o9Z5rrs8JGZZv7OswKvsXf2aaUAPXtKLSsleK0SU jhDsiG9XTIa1UoOfTBSSA0Q5hTKTZFXlFBzkkBxq2bFPy9ziYgjUZgyRrYC9Es+P 8X/hVx16eqhMu4q1UlLg5Wje8VWpO0F5czuvdm6UOGKot5yiIHzPzoB1pwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOTmjiKGoicmRSWvyy5hjsqYlGzGMB8GA1UdIwQY MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3 LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATo/4xICl uTQYs9JXMyfV3ginJ/m5PkAEPyPPHMCVs1poIkQAFTOOLbrXLPznM/gRyDV17/PR 73jnalopT+vMIDHhDH1EAfnzDm5Nc6wu2HBe8D+wa75YfZxsExCP09+FyEv+Xxkz GW17xwc5OKtyTFzu1cTpXLDbZdK/GoHh6wAGNhz2RF8UE2ROghn9ETiZLY8uJT98 vy/xs8QORHE9+F9jEx1uxqhSqOJF1Dxm07mrYnE2Y1Q7tP60NbMXzVH8SBPWsP2a sYicFJeeoKDDPJnUtnkRQO9eoKppP7XwOsayMAFwTxO4SGqG2YxVaDjwOk7EGNyc 8KNG1/vAPeKZXA== -----END CERTIFICATE-----Generated at Thu Dec 25 11:17:02 2025 by rpki-client