This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft File: HSXQyIRbeYhsGZNFuJD16KzVFtg.mft (raw, json) Hash identifier: WVzyvmYwgitUERvRWX++9uiAMQmmiSkcaVEvy/lxBbU= Subject key identifier: 25:17:63:67:42:2A:6F:73:7F:18:35:5F:5B:78:8A:05:74:0F:5D:C3 Authority key identifier: 1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8 Certificate issuer: /CN=1d25d0c8845b79886c199345b890f5e8acd516d8 Certificate serial: 019AF19B2EE2AD0D3FA88645EAEF98342F78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft Manifest number: 175B Signing time: Sat 06 Dec 2025 03:01:10 +0000 Manifest this update: Sat 06 Dec 2025 03:01:10 +0000 Manifest next update: Sun 07 Dec 2025 03:01:10 +0000 Files and hashes: 1: HSXQyIRbeYhsGZNFuJD16KzVFtg.crl (hash: PBJvyfOMJ+qpV2Wp6iZDCAueepDGPj5AO9jKhVab7GI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:2e:e2:ad:0d:3f:a8:86:45:ea:ef:98:34:2f:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d25d0c8845b79886c199345b890f5e8acd516d8 Validity Not Before: Dec 6 03:01:10 2025 GMT Not After : Dec 7 03:01:10 2025 GMT Subject: CN=25176367422a6f737f18355f5b788a05740f5dc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0d:78:b0:fb:53:58:6a:25:78:78:c8:15:02: d9:67:1b:95:d6:c7:e6:fe:a6:fc:9f:31:64:ce:92: 63:5f:6c:42:65:6f:7c:46:70:ef:30:67:e1:0b:47: 29:83:01:b0:cc:7f:8a:81:ca:8f:39:6b:be:d6:ec: 57:35:e3:20:5c:79:fc:41:e7:62:15:55:db:f4:99: 0d:79:10:73:e8:b2:67:6b:aa:8b:b5:cf:9e:aa:06: e2:2d:cd:1d:8d:41:d5:32:fb:95:f4:71:a7:95:e0: b0:6a:02:3c:f6:c2:00:ce:6d:81:5b:d0:1d:c5:e6: 14:32:71:73:99:0a:1f:bb:14:15:d0:aa:4e:b5:8a: 81:cf:2b:2a:71:5b:de:20:d0:f9:1c:5e:08:b5:b8: 0c:77:98:04:09:37:93:4f:3c:db:79:5e:42:ff:ba: d1:21:c0:97:49:1b:85:70:9a:7e:94:16:69:1f:4e: 8a:51:31:cc:03:25:37:6e:1d:70:74:08:00:0b:f7: 93:aa:4a:00:e5:46:37:51:28:3d:9d:37:63:7d:82: ec:7d:8f:f2:06:cf:15:9f:ca:c5:14:9c:96:8d:8c: 67:4b:3e:8f:42:ea:a5:df:ad:9d:11:30:e6:48:d4: ae:32:8c:31:93:c2:34:21:39:67:fa:d2:74:30:53: 84:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:17:63:67:42:2A:6F:73:7F:18:35:5F:5B:78:8A:05:74:0F:5D:C3 X509v3 Authority Key Identifier: keyid:1D:25:D0:C8:84:5B:79:88:6C:19:93:45:B8:90:F5:E8:AC:D5:16:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSXQyIRbeYhsGZNFuJD16KzVFtg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/557524-297d-4849-b4be-c52eb56bfa5b/1/HSXQyIRbeYhsGZNFuJD16KzVFtg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:99:01:24:db:ab:0b:06:5c:67:78:09:1f:75:d3:65:63:dc: 7e:ad:44:51:91:0a:c2:55:16:76:7f:9d:34:01:ed:67:fb:e1: b0:11:b3:76:2b:79:fd:2e:4c:e3:7c:c6:19:54:0a:e5:80:12: 1d:af:41:05:9b:11:75:03:9c:b8:01:b0:79:2f:fa:23:60:d2: ff:2f:b7:74:92:d2:7e:92:d1:e0:ee:96:74:3a:13:5f:ad:8c: 99:1b:f1:76:42:f6:08:ed:27:da:89:e1:03:4b:ed:71:30:d9: aa:93:86:74:68:2a:0c:95:01:6b:46:a5:69:c0:76:44:ec:13: 81:7a:d8:85:3a:54:61:48:b9:fa:ed:d2:73:20:3c:8f:a9:e3: 0c:0e:39:fc:a9:f1:3a:1c:82:1a:a8:e2:cb:e0:db:63:51:15: 94:5b:49:f4:03:73:5f:c9:40:59:9b:0c:52:3d:28:12:9b:ab: f3:a6:9c:98:b6:dd:40:e5:e5:20:d5:6a:13:19:fe:c0:57:a0: 77:09:5a:33:39:aa:9d:c7:a6:1f:b3:ea:c2:1a:be:42:2f:a5: 16:48:5a:54:b2:6e:5a:0c:47:a0:54:4f:da:c3:a4:33:8d:46: 24:59:ab:43:95:83:1a:0d:d0:d6:6f:40:9b:46:48:0d:62:53: e0:d9:68:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmy7irQ0/qIZF6u+YNC94MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMjVkMGM4ODQ1Yjc5ODg2YzE5OTM0NWI4OTBmNWU4YWNk NTE2ZDgwHhcNMjUxMjA2MDMwMTEwWhcNMjUxMjA3MDMwMTEwWjAzMTEwLwYDVQQD EygyNTE3NjM2NzQyMmE2ZjczN2YxODM1NWY1Yjc4OGEwNTc0MGY1ZGMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ14sPtTWGoleHjIFQLZZxuV1sfm /qb8nzFkzpJjX2xCZW98RnDvMGfhC0cpgwGwzH+KgcqPOWu+1uxXNeMgXHn8Qedi FVXb9JkNeRBz6LJna6qLtc+eqgbiLc0djUHVMvuV9HGnleCwagI89sIAzm2BW9Ad xeYUMnFzmQofuxQV0KpOtYqBzysqcVveIND5HF4ItbgMd5gECTeTTzzbeV5C/7rR IcCXSRuFcJp+lBZpH06KUTHMAyU3bh1wdAgAC/eTqkoA5UY3USg9nTdjfYLsfY/y Bs8Vn8rFFJyWjYxnSz6PQuql362dETDmSNSuMowxk8I0ITln+tJ0MFOEFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCUXY2dCKm9zfxg1X1t4igV0D13DMB8GA1UdIwQY MBaAFB0l0MiEW3mIbBmTRbiQ9eis1RbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUt YzUyZWI1NmJmYTViLzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy81NTc1MjQtMjk3ZC00ODQ5LWI0YmUtYzUyZWI1NmJmYTVi LzEvSFNYUXlJUmJlWWhzR1pORnVKRDE2S3pWRnRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl5kBJNur CwZcZ3gJH3XTZWPcfq1EUZEKwlUWdn+dNAHtZ/vhsBGzdit5/S5M43zGGVQK5YAS Ha9BBZsRdQOcuAGweS/6I2DS/y+3dJLSfpLR4O6WdDoTX62MmRvxdkL2CO0n2onh A0vtcTDZqpOGdGgqDJUBa0alacB2ROwTgXrYhTpUYUi5+u3ScyA8j6njDA45/Knx OhyCGqjiy+DbY1EVlFtJ9ANzX8lAWZsMUj0oEpur86acmLbdQOXlINVqExn+wFeg dwlaMzmqncemH7Pqwhq+Qi+lFkhaVLJuWgxHoFRP2sOkM41GJFmrQ5WDGg3Q1m9A m0ZIDWJT4NloOQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:44 2025 by rpki-client