This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft File: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft (raw, json) Hash identifier: aU5yEeiYy9L1uDe0lujw4ZkBdbTZZZaNbX8h/uXz5gQ= Subject key identifier: B9:7D:F7:41:79:92:42:34:19:1D:7A:37:40:77:2C:2F:6F:11:33:E0 Authority key identifier: 1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A Certificate issuer: /CN=1ca4bf6c9a50c81f04b029836a427861ad72829a Certificate serial: 019AF276B09D6A69AA4EF74F13ECAB214A2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft Manifest number: 0DD1 Signing time: Sat 06 Dec 2025 07:00:55 +0000 Manifest this update: Sat 06 Dec 2025 07:00:55 +0000 Manifest next update: Sun 07 Dec 2025 07:00:55 +0000 Files and hashes: 1: HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl (hash: hhOKUb0lVNe5Tn0d3i0S+PZKdg1H/hhQHFJecnu30RI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:b0:9d:6a:69:aa:4e:f7:4f:13:ec:ab:21:4a:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ca4bf6c9a50c81f04b029836a427861ad72829a Validity Not Before: Dec 6 07:00:55 2025 GMT Not After : Dec 7 07:00:55 2025 GMT Subject: CN=b97df74179924234191d7a3740772c2f6f1133e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d2:66:a9:9c:4c:53:61:cc:b7:69:19:d6:b6: 4b:3e:16:a7:16:ae:8d:cc:5e:75:89:0d:5e:ce:86: 2f:02:9d:81:05:56:57:b1:40:30:66:ce:6b:43:f2: f0:e2:83:17:d1:0a:8c:e8:63:25:cf:69:8e:19:6a: e3:63:d7:8a:74:0e:85:ef:fe:44:27:b2:57:9e:a6: 6c:73:c3:e9:b3:7f:02:83:d0:be:25:a8:b0:df:b8: 0e:62:c6:32:6d:70:c0:ee:2b:31:3d:fb:28:8c:5f: 4d:dd:88:5f:04:2c:d9:9e:6e:09:fb:77:3c:14:0c: ac:c0:b8:f6:23:fc:3c:01:94:75:b2:fb:41:bf:2d: 94:a9:d3:d6:61:53:da:05:48:30:30:33:fc:b4:14: f4:6c:4f:29:7b:15:74:04:36:41:54:59:23:c9:8d: b9:17:17:2a:8e:02:da:3f:58:c0:06:c3:1a:b4:ae: 31:72:cb:2b:bc:ce:3f:12:8f:a6:91:24:11:f0:28: 1a:bc:cb:fb:a4:d6:1e:36:8f:99:cc:c1:9d:1c:5c: 74:38:51:05:1d:ae:6e:ed:48:c8:29:a7:5d:25:48: d4:39:7b:40:91:e8:d6:40:7d:64:51:12:b2:57:13: bf:b4:e2:54:a6:db:a9:5b:6e:fc:df:7f:0d:31:79: ea:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:7D:F7:41:79:92:42:34:19:1D:7A:37:40:77:2C:2F:6F:11:33:E0 X509v3 Authority Key Identifier: keyid:1C:A4:BF:6C:9A:50:C8:1F:04:B0:29:83:6A:42:78:61:AD:72:82:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ebd061-6c00-4c8b-a88e-5f84b68dd044/1/HKS_bJpQyB8EsCmDakJ4Ya1ygpo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:94:c7:b9:78:cf:fd:14:ac:08:a6:fd:49:7d:70:90:50:72: ab:06:40:ea:e9:8c:0e:bc:6d:6a:ef:4a:c0:60:fc:ca:a1:08: ed:51:b7:69:5a:b0:26:23:d1:b4:31:17:1c:ad:82:56:4a:ea: a2:45:66:2c:94:21:40:0d:db:8b:2d:4b:2a:66:1f:d5:e6:fe: ad:49:c8:6e:97:eb:16:fb:53:ee:56:53:23:1d:88:69:f5:87: 2e:ca:7f:61:d1:1f:b1:3d:6d:a8:b3:4d:4e:dc:26:dc:ac:b0: 32:48:13:d9:ca:be:ce:92:d9:aa:1a:ad:1f:f7:4e:bd:44:ce: 36:f8:c2:5c:a7:0b:4f:77:bd:7a:b7:b3:7d:ee:20:b6:e0:99: 97:36:fa:7c:fa:1f:d4:72:13:4a:22:e9:9d:8a:fd:8a:67:e9: b1:bf:c2:48:d8:df:bc:af:71:97:4a:f9:c3:37:4d:f5:32:45: 4f:62:28:78:be:ba:ea:ab:ae:d2:66:cb:a4:5c:6d:00:b8:7e: db:7b:b5:b8:0e:0f:c1:0e:b0:ef:e0:c4:87:03:85:fd:e3:2c: 63:2d:10:ba:84:94:ff:95:fd:cc:24:71:c5:22:e0:67:37:71: 34:ae:41:21:2a:25:a0:3d:63:d6:91:08:cb:89:fa:08:87:e5: bb:14:67:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydrCdammqTvdPE+yrIUosMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYTRiZjZjOWE1MGM4MWYwNGIwMjk4MzZhNDI3ODYxYWQ3 MjgyOWEwHhcNMjUxMjA2MDcwMDU1WhcNMjUxMjA3MDcwMDU1WjAzMTEwLwYDVQQD EyhiOTdkZjc0MTc5OTI0MjM0MTkxZDdhMzc0MDc3MmMyZjZmMTEzM2UwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNJmqZxMU2HMt2kZ1rZLPhanFq6N zF51iQ1ezoYvAp2BBVZXsUAwZs5rQ/Lw4oMX0QqM6GMlz2mOGWrjY9eKdA6F7/5E J7JXnqZsc8Pps38Cg9C+Jaiw37gOYsYybXDA7isxPfsojF9N3YhfBCzZnm4J+3c8 FAyswLj2I/w8AZR1svtBvy2UqdPWYVPaBUgwMDP8tBT0bE8pexV0BDZBVFkjyY25 FxcqjgLaP1jABsMatK4xcssrvM4/Eo+mkSQR8CgavMv7pNYeNo+ZzMGdHFx0OFEF Ha5u7UjIKaddJUjUOXtAkejWQH1kURKyVxO/tOJUptupW278338NMXnqqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLl990F5kkI0GR16N0B3LC9vETPgMB8GA1UdIwQY MBaAFBykv2yaUMgfBLApg2pCeGGtcoKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUt NWY4NGI2OGRkMDQ0LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9lYmQwNjEtNmMwMC00YzhiLWE4OGUtNWY4NGI2OGRkMDQ0 LzEvSEtTX2JKcFF5QjhFc0NtRGFrSjRZYTF5Z3BvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKpTHuXjP /RSsCKb9SX1wkFByqwZA6umMDrxtau9KwGD8yqEI7VG3aVqwJiPRtDEXHK2CVkrq okVmLJQhQA3biy1LKmYf1eb+rUnIbpfrFvtT7lZTIx2IafWHLsp/YdEfsT1tqLNN Ttwm3KywMkgT2cq+zpLZqhqtH/dOvUTONvjCXKcLT3e9erezfe4gtuCZlzb6fPof 1HITSiLpnYr9imfpsb/CSNjfvK9xl0r5wzdN9TJFT2IoeL666quu0mbLpFxtALh+ 23u1uA4PwQ6w7+DEhwOF/eMsYy0QuoSU/5X9zCRxxSLgZzdxNK5BISoloD1j1pEI y4n6CIfluxRnCA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:20:42 2025 by rpki-client