This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft File: HbaQYGGZpdSGeJxD2__QwGW93OY.mft (raw, json) Hash identifier: SIMlJH6jKECQs/l/zqE9ezLfcUXuPGsEWOx7mG7XTAE= Subject key identifier: BE:0A:2C:55:3C:97:FE:98:8F:6D:BD:AC:4A:4B:C0:C8:37:2D:D2:2A Authority key identifier: 1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 Certificate issuer: /CN=1db690606199a5d486789c43dbffd0c065bddce6 Certificate serial: 019B304320D68B3EDA9B7FEAD95EAC7D9E81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft Manifest number: 05B7 Signing time: Thu 18 Dec 2025 07:01:04 +0000 Manifest this update: Thu 18 Dec 2025 07:01:04 +0000 Manifest next update: Fri 19 Dec 2025 07:01:04 +0000 Files and hashes: 1: HbaQYGGZpdSGeJxD2__QwGW93OY.crl (hash: uj4HZyUCVeoMC5QSiWZ9oEBsmLt5klNWxyk422mdNAI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 07:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:43:20:d6:8b:3e:da:9b:7f:ea:d9:5e:ac:7d:9e:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1db690606199a5d486789c43dbffd0c065bddce6 Validity Not Before: Dec 18 07:01:04 2025 GMT Not After : Dec 19 07:01:04 2025 GMT Subject: CN=be0a2c553c97fe988f6dbdac4a4bc0c8372dd22a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:de:2b:a9:1a:ee:5c:a8:d1:5f:93:b9:14:ae: ef:a6:65:87:60:ce:8b:a3:b0:ce:4e:11:8c:8b:89: f3:e5:48:2c:1b:fb:52:4e:34:cd:8e:a4:16:e1:20: 4f:df:e9:f3:db:96:66:22:fd:ad:bd:d0:54:37:95: f2:56:d4:dc:e1:0e:25:08:8c:a0:47:d9:0d:a7:18: 5f:15:66:9b:0c:f4:1f:9e:d1:8b:6e:2b:dc:d0:07: f6:2e:a9:1e:ee:10:9e:f5:8b:6f:49:98:19:b4:44: c9:97:e9:09:b7:16:50:5b:67:20:82:7d:cc:50:45: 2b:ec:28:51:f7:d9:08:44:96:2f:1f:1a:84:33:ea: d1:36:1f:25:08:91:d5:9b:d9:57:cf:fc:2e:c2:d6: 0a:01:ba:ae:dc:44:01:33:41:ac:78:9e:49:75:4e: 3d:f3:4d:cc:83:1f:07:49:bd:10:61:ce:39:6c:ed: b3:a9:3c:d1:4a:fa:95:6b:3c:16:8c:cf:b6:ae:f1: 7d:65:c0:a7:76:86:fe:d5:4c:21:c6:bb:09:1a:c2: 8f:60:7e:f6:f7:67:45:6d:5b:fa:78:aa:42:dc:e5: b9:56:36:fa:1a:54:c3:42:76:88:20:01:5e:b1:a8: c7:cf:3e:3d:14:66:16:6a:30:ce:90:e7:6b:c8:12: bf:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:0A:2C:55:3C:97:FE:98:8F:6D:BD:AC:4A:4B:C0:C8:37:2D:D2:2A X509v3 Authority Key Identifier: keyid:1D:B6:90:60:61:99:A5:D4:86:78:9C:43:DB:FF:D0:C0:65:BD:DC:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbaQYGGZpdSGeJxD2__QwGW93OY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/03d175-30f2-4913-99b2-ffc409c503d5/1/HbaQYGGZpdSGeJxD2__QwGW93OY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:51:7d:e5:ca:9e:11:1b:e4:ed:60:e4:fa:f8:6a:6c:42:1d: 66:2a:56:5f:43:4c:b5:a1:b6:41:0d:8c:d0:d6:f6:34:92:8f: d9:64:4a:79:c2:83:a0:11:99:81:8b:ab:5e:70:c0:74:e4:2b: a1:06:62:7a:6c:bf:25:74:ac:8d:b3:e0:e6:01:31:69:16:c4: 15:e1:dc:e9:f6:95:12:9e:e3:e7:7d:e1:b6:a3:ad:9f:ef:56: 52:48:d2:31:c9:7b:bf:41:db:15:4f:27:ab:0b:01:59:70:bf: 44:12:92:e5:3b:57:e6:c3:17:1c:52:1d:80:6e:15:44:6e:bd: 50:3a:7e:c5:d8:bf:c0:85:cb:c0:ee:80:8a:58:00:df:9c:b0: 86:ea:dc:b6:0a:35:6e:5d:bb:56:6e:e1:85:f6:b0:9b:03:d6: 6c:cf:07:6c:f6:c4:f4:b9:95:3d:0b:01:34:40:0a:f4:63:20: f3:59:91:ae:57:86:98:f5:81:5b:e7:95:1f:2f:61:2d:e0:1b: 29:6c:ed:88:24:0b:a6:44:97:92:c9:29:63:58:df:80:6f:4c: 97:73:ca:43:7e:f5:7a:ad:0b:20:e3:df:e7:8a:c5:98:42:0e: 5b:48:b6:4f:e5:64:5a:02:c1:29:7f:7e:10:ea:e5:c7:f2:15: 5b:aa:74:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswQyDWiz7am3/q2V6sfZ6BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYjY5MDYwNjE5OWE1ZDQ4Njc4OWM0M2RiZmZkMGMwNjVi ZGRjZTYwHhcNMjUxMjE4MDcwMTA0WhcNMjUxMjE5MDcwMTA0WjAzMTEwLwYDVQQD EyhiZTBhMmM1NTNjOTdmZTk4OGY2ZGJkYWM0YTRiYzBjODM3MmRkMjJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt4rqRruXKjRX5O5FK7vpmWHYM6L o7DOThGMi4nz5UgsG/tSTjTNjqQW4SBP3+nz25ZmIv2tvdBUN5XyVtTc4Q4lCIyg R9kNpxhfFWabDPQfntGLbivc0Af2Lqke7hCe9YtvSZgZtETJl+kJtxZQW2cggn3M UEUr7ChR99kIRJYvHxqEM+rRNh8lCJHVm9lXz/wuwtYKAbqu3EQBM0GseJ5JdU49 803Mgx8HSb0QYc45bO2zqTzRSvqVazwWjM+2rvF9ZcCndob+1UwhxrsJGsKPYH72 92dFbVv6eKpC3OW5Vjb6GlTDQnaIIAFesajHzz49FGYWajDOkOdryBK/8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL4KLFU8l/6Yj229rEpLwMg3LdIqMB8GA1UdIwQY MBaAFB22kGBhmaXUhnicQ9v/0MBlvdzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjIt ZmZjNDA5YzUwM2Q1LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8wM2QxNzUtMzBmMi00OTEzLTk5YjItZmZjNDA5YzUwM2Q1 LzEvSGJhUVlHR1pwZFNHZUp4RDJfX1F3R1c5M09ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVF95cqe ERvk7WDk+vhqbEIdZipWX0NMtaG2QQ2M0Nb2NJKP2WRKecKDoBGZgYurXnDAdOQr oQZiemy/JXSsjbPg5gExaRbEFeHc6faVEp7j533htqOtn+9WUkjSMcl7v0HbFU8n qwsBWXC/RBKS5TtX5sMXHFIdgG4VRG69UDp+xdi/wIXLwO6AilgA35ywhurctgo1 bl27Vm7hhfawmwPWbM8HbPbE9LmVPQsBNEAK9GMg81mRrleGmPWBW+eVHy9hLeAb KWztiCQLpkSXkskpY1jfgG9Ml3PKQ371eq0LIOPf54rFmEIOW0i2T+VkWgLBKX9+ EOrlx/IVW6p0Rw== -----END CERTIFICATE-----Generated at Thu Dec 18 14:18:39 2025 by rpki-client