This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft File: hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json) Hash identifier: 2JUQYGimuH/rVIDfqbVpPf3CPcNmXM3JQ1ltKT65c/4= Subject key identifier: 07:87:5A:37:E2:DD:A5:E0:64:D2:74:0D:1C:B3:04:AE:15:29:D5:33 Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B Certificate issuer: /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b Certificate serial: 019AF23FE947ED4AA71DF15213C2EA6AB996 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft Manifest number: 0890 Signing time: Sat 06 Dec 2025 06:01:05 +0000 Manifest this update: Sat 06 Dec 2025 06:01:05 +0000 Manifest next update: Sun 07 Dec 2025 06:01:05 +0000 Files and hashes: 1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: k8GghKsDcecrSivCzNI5ZJgBnBfuyD4tIO3sg/srVgE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:e9:47:ed:4a:a7:1d:f1:52:13:c2:ea:6a:b9:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b Validity Not Before: Dec 6 06:01:05 2025 GMT Not After : Dec 7 06:01:05 2025 GMT Subject: CN=07875a37e2dda5e064d2740d1cb304ae1529d533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:b3:e0:c6:4e:4d:27:82:62:0f:36:4c:2f:0c: 8e:6c:e9:0c:3c:46:61:06:f5:8e:04:4c:c2:d5:b9: b8:aa:8a:ca:e3:41:43:7d:fb:3d:bb:8b:4e:32:60: f9:c6:f0:ef:67:79:ce:d6:d4:c5:e8:bc:90:23:78: 6d:af:b2:27:e9:6a:3c:22:4e:cf:fb:49:64:0c:4c: f7:76:98:4c:4a:d6:9e:c3:4e:18:c0:8a:5f:6f:e0: 49:b6:48:f4:ec:63:70:21:8e:b9:c4:16:b3:b7:75: ff:51:00:64:a5:53:30:a8:44:73:b5:9d:6a:b7:ca: 0b:23:76:e4:9f:02:96:e1:f1:2b:42:09:48:4a:34: 7a:c0:bf:23:a4:9d:77:71:f2:34:6e:7e:c8:f4:35: e3:91:0e:54:61:f1:2c:07:04:89:11:a4:b5:c6:82: bb:f3:d8:db:ee:87:c3:00:51:3f:40:24:1b:99:48: 5d:b4:50:52:95:54:fb:53:9a:d0:ad:08:75:69:bb: 04:7f:73:3c:24:a3:f7:f9:c1:c6:de:15:d2:67:4d: ba:e1:d7:a2:94:65:6f:93:20:a0:0e:8a:d0:84:3e: d5:7b:21:1c:4d:c4:23:59:5c:30:09:42:1b:84:d0: 2e:27:51:8a:92:15:f8:57:b0:39:f3:8c:9f:3a:68: 6b:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:87:5A:37:E2:DD:A5:E0:64:D2:74:0D:1C:B3:04:AE:15:29:D5:33 X509v3 Authority Key Identifier: keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:74:29:35:16:1a:d3:25:6a:a1:bc:05:26:5d:59:95:bc:f1: 1a:84:07:d9:07:a6:bf:9f:ec:88:23:33:61:f3:0c:f9:49:29: de:75:78:2e:ff:1b:45:fe:ae:c4:92:25:cb:c5:0e:9b:c8:9e: 94:47:ed:5a:62:bc:26:9f:b0:8f:b3:c4:cc:11:d4:6f:66:9b: 5d:cc:13:b7:c4:81:f3:f9:46:b0:e0:d8:c6:96:4b:f3:69:68: 1a:fb:cd:58:94:e6:e9:a1:5a:09:cb:c5:c0:49:83:a7:18:aa: ee:40:93:dd:9a:44:24:51:ba:e5:8e:55:a9:39:d5:9b:43:15: de:a2:03:03:f7:55:bc:18:ae:1e:99:15:5f:0c:28:d8:93:6c: a2:f9:62:28:fe:fd:99:b2:92:8e:b1:ce:61:6a:86:f0:9f:ba: 8c:01:6d:5c:a9:2c:cb:8d:d2:4d:d0:08:4d:d2:f8:10:b3:46: 97:38:39:ff:37:2a:2e:e5:d5:21:e4:7d:81:36:7e:c9:58:3f: 09:cd:c5:d3:ac:26:a8:3e:5b:6a:ba:1b:54:94:a9:e8:91:7b: b4:1c:8b:75:55:fb:fb:85:5e:67:3c:8a:d9:3f:49:72:3e:b9: 39:de:9c:11:2f:82:67:f3:68:9f:35:25:7b:41:1d:5e:a0:c5: 16:ac:94:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP+lH7UqnHfFSE8LqarmWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2 YjU3MGIwHhcNMjUxMjA2MDYwMTA1WhcNMjUxMjA3MDYwMTA1WjAzMTEwLwYDVQQD EygwNzg3NWEzN2UyZGRhNWUwNjRkMjc0MGQxY2IzMDRhZTE1MjlkNTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrPgxk5NJ4JiDzZMLwyObOkMPEZh BvWOBEzC1bm4qorK40FDffs9u4tOMmD5xvDvZ3nO1tTF6LyQI3htr7In6Wo8Ik7P +0lkDEz3dphMStaew04YwIpfb+BJtkj07GNwIY65xBazt3X/UQBkpVMwqERztZ1q t8oLI3bknwKW4fErQglISjR6wL8jpJ13cfI0bn7I9DXjkQ5UYfEsBwSJEaS1xoK7 89jb7ofDAFE/QCQbmUhdtFBSlVT7U5rQrQh1absEf3M8JKP3+cHG3hXSZ0264dei lGVvkyCgDorQhD7VeyEcTcQjWVwwCUIbhNAuJ1GKkhX4V7A584yfOmhrowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAeHWjfi3aXgZNJ0DRyzBK4VKdUzMB8GA1UdIwQY MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeXQpNRYa 0yVqobwFJl1ZlbzxGoQH2Qemv5/siCMzYfMM+Ukp3nV4Lv8bRf6uxJIly8UOm8ie lEftWmK8Jp+wj7PEzBHUb2abXcwTt8SB8/lGsODYxpZL82loGvvNWJTm6aFaCcvF wEmDpxiq7kCT3ZpEJFG65Y5VqTnVm0MV3qIDA/dVvBiuHpkVXwwo2JNsovliKP79 mbKSjrHOYWqG8J+6jAFtXKksy43STdAITdL4ELNGlzg5/zcqLuXVIeR9gTZ+yVg/ Cc3F06wmqD5barobVJSp6JF7tByLdVX7+4VeZzyK2T9Jcj65Od6cES+CZ/NonzUl e0EdXqDFFqyUFg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:06:20 2025 by rpki-client