This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft File: HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft (raw, json) Hash identifier: E/HFv8vWY3DzYPROpcUGrHXaFfOX3DvJL7Fijaap1DM= Subject key identifier: 1A:F3:4E:F7:4E:91:CC:48:08:24:20:32:1A:70:0F:1C:65:D3:CF:A6 Authority key identifier: 1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F Certificate issuer: /CN=1d8933c193f04e32441e37162dc4defa9744b84f Certificate serial: 019AF2771AA002A24CEC144A0CAA29C64C77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft Manifest number: 1526 Signing time: Sat 06 Dec 2025 07:01:22 +0000 Manifest this update: Sat 06 Dec 2025 07:01:22 +0000 Manifest next update: Sun 07 Dec 2025 07:01:22 +0000 Files and hashes: 1: HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl (hash: g1AIB/FIQgGNB6CBu27WnXzKwfJi23wuUxMpJJzVqv8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:1a:a0:02:a2:4c:ec:14:4a:0c:aa:29:c6:4c:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d8933c193f04e32441e37162dc4defa9744b84f Validity Not Before: Dec 6 07:01:22 2025 GMT Not After : Dec 7 07:01:22 2025 GMT Subject: CN=1af34ef74e91cc48082420321a700f1c65d3cfa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:aa:85:ce:b8:bf:86:df:f3:2c:67:a1:99:84: 39:47:7d:4f:8b:cd:de:ed:86:93:3d:b4:68:a2:0a: 6b:4e:23:ef:e5:ed:a2:75:1d:99:b6:9e:ee:ed:ff: 54:da:0e:a8:cc:04:6b:e5:cc:c8:fc:0e:4b:92:99: fc:76:37:ba:a7:8a:07:9f:58:3a:a5:80:f8:81:86: 86:d7:d6:93:15:86:a2:9c:43:54:fd:a9:3b:d4:e1: 88:bb:a6:81:76:9d:ea:6e:25:ef:f9:95:74:a4:4e: 54:09:4e:67:56:88:60:01:10:8a:f8:d5:d4:2d:23: fb:50:ce:58:b2:1f:f1:a5:19:22:b7:26:31:d0:04: 9f:c9:10:70:ee:11:05:e5:cb:05:92:d5:a4:b7:b3: ac:e9:3e:74:1a:4a:d4:26:7d:0a:6d:d4:b7:85:f1: e3:f9:6a:08:5b:f3:67:1e:f1:33:99:29:65:b9:73: fd:47:b4:ce:ed:e1:80:10:2f:dc:4d:09:b6:a9:86: 38:ff:06:56:5e:01:a0:22:c0:c4:5e:02:00:06:85: 31:3e:6b:0c:91:49:48:d6:9d:3f:44:40:ab:50:e1: 92:59:c9:be:c7:44:b3:82:f9:8c:85:2c:e3:6b:29: f5:58:4a:fb:9a:51:0f:f4:7a:02:b3:a0:e1:fc:26: 40:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:F3:4E:F7:4E:91:CC:48:08:24:20:32:1A:70:0F:1C:65:D3:CF:A6 X509v3 Authority Key Identifier: keyid:1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:77:10:8d:70:41:2b:bf:ab:5e:8f:9c:0e:7e:45:6f:e1:bb: 0b:96:2e:18:d0:80:a0:5a:5b:2a:17:65:06:53:a6:66:75:2b: 7c:13:7b:53:99:7d:38:83:65:2d:74:c4:6a:45:0a:b7:b9:60: e4:cb:54:19:d8:e8:89:79:ca:b3:ec:8b:22:5a:97:8e:de:a5: 7b:69:69:69:44:e8:bb:de:7d:15:3f:de:56:03:63:da:f2:62: 71:9b:59:61:82:12:8b:b0:27:c2:8e:79:b4:78:80:12:d5:fc: 56:a7:6e:bb:cf:7a:0c:70:1d:a0:63:e7:43:08:21:39:c1:eb: f5:f6:cb:fa:27:d0:7b:eb:a9:ab:dc:77:3f:d1:5f:98:df:3e: 06:78:37:5e:83:ec:5b:61:06:42:ea:e0:33:5a:6d:60:d0:45: 76:05:6a:bd:ab:34:d2:01:c3:c1:85:36:88:07:c4:7f:04:c2: 92:c6:6d:85:ec:42:7f:6b:57:42:fa:01:67:52:50:f7:fc:97: a6:0d:09:5c:bd:3e:eb:f5:e2:4d:cf:2e:a3:77:2f:b1:1c:18: 4c:6d:6b:10:6a:b4:0b:73:a3:83:56:ff:f1:ee:3a:ab:3f:59: f7:45:e1:20:3e:96:cd:0a:33:fd:69:1c:53:1f:66:03:34:e9: ab:7d:39:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydxqgAqJM7BRKDKopxkx3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkODkzM2MxOTNmMDRlMzI0NDFlMzcxNjJkYzRkZWZhOTc0 NGI4NGYwHhcNMjUxMjA2MDcwMTIyWhcNMjUxMjA3MDcwMTIyWjAzMTEwLwYDVQQD EygxYWYzNGVmNzRlOTFjYzQ4MDgyNDIwMzIxYTcwMGYxYzY1ZDNjZmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKqFzri/ht/zLGehmYQ5R31Pi83e 7YaTPbRoogprTiPv5e2idR2Ztp7u7f9U2g6ozARr5czI/A5Lkpn8dje6p4oHn1g6 pYD4gYaG19aTFYainENU/ak71OGIu6aBdp3qbiXv+ZV0pE5UCU5nVohgARCK+NXU LSP7UM5Ysh/xpRkityYx0ASfyRBw7hEF5csFktWkt7Os6T50GkrUJn0KbdS3hfHj +WoIW/NnHvEzmSlluXP9R7TO7eGAEC/cTQm2qYY4/wZWXgGgIsDEXgIABoUxPmsM kUlI1p0/RECrUOGSWcm+x0SzgvmMhSzjayn1WEr7mlEP9HoCs6Dh/CZA6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBrzTvdOkcxICCQgMhpwDxxl08+mMB8GA1UdIwQY MBaAFB2JM8GT8E4yRB43Fi3E3vqXRLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEt MzQyZDFiMzgxZDg3LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEtMzQyZDFiMzgxZDg3 LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmXcQjXBB K7+rXo+cDn5Fb+G7C5YuGNCAoFpbKhdlBlOmZnUrfBN7U5l9OINlLXTEakUKt7lg 5MtUGdjoiXnKs+yLIlqXjt6le2lpaUTou959FT/eVgNj2vJicZtZYYISi7Anwo55 tHiAEtX8Vqduu896DHAdoGPnQwghOcHr9fbL+ifQe+upq9x3P9FfmN8+Bng3XoPs W2EGQurgM1ptYNBFdgVqvas00gHDwYU2iAfEfwTCksZthexCf2tXQvoBZ1JQ9/yX pg0JXL0+6/XiTc8uo3cvsRwYTG1rEGq0C3Ojg1b/8e46qz9Z90XhID6WzQoz/Wkc Ux9mAzTpq305dA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:29:27 2025 by rpki-client