This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft File: HhkRubtcij4eK4pRFl-KcaCSxo0.mft (raw, json) Hash identifier: mSJs2H8EgChvwOqb94r+RJiSEkzbd1I7CVmj9IBwXAs= Subject key identifier: BC:45:49:2F:B0:90:A0:5C:3B:71:09:0A:AA:BB:F7:3D:4F:7D:2D:29 Authority key identifier: 1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D Certificate issuer: /CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d Certificate serial: 019AF276D54893D7A69B4CAD654C29A67D68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft Manifest number: 131A Signing time: Sat 06 Dec 2025 07:01:05 +0000 Manifest this update: Sat 06 Dec 2025 07:01:05 +0000 Manifest next update: Sun 07 Dec 2025 07:01:05 +0000 Files and hashes: 1: HhkRubtcij4eK4pRFl-KcaCSxo0.crl (hash: kyhV+P45KaHMcJy2XyvqqTiEBh+uY0SKFJoen7xg0GU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:d5:48:93:d7:a6:9b:4c:ad:65:4c:29:a6:7d:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e1911b9bb5c8a3e1e2b8a51165f8a71a092c68d Validity Not Before: Dec 6 07:01:05 2025 GMT Not After : Dec 7 07:01:05 2025 GMT Subject: CN=bc45492fb090a05c3b71090aaabbf73d4f7d2d29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c3:b9:ad:1a:9c:d5:35:c1:1b:38:bf:c6:fd: fb:9c:bd:a4:42:39:27:10:35:bc:51:6f:e2:72:78: e2:4f:0c:ee:83:57:97:3f:cc:ed:0d:8b:d5:62:00: a7:3c:fb:ec:10:f5:df:88:a6:9a:01:43:6f:15:1e: 83:a9:1f:c3:0a:73:39:19:09:be:35:9f:c3:d1:e8: f9:d4:7e:61:b0:70:c5:b7:0f:63:97:3b:b2:5a:43: 85:f9:08:61:d7:cd:8c:70:03:88:d5:f8:9d:8b:5d: 75:c5:5d:11:ca:83:12:c1:b7:66:83:92:30:bc:9e: e0:35:1a:85:e1:58:33:62:63:54:86:98:ae:25:0a: 91:eb:40:0b:13:ee:6f:37:20:b1:a1:1e:15:26:2c: c2:c8:55:0a:7c:b3:93:7c:83:b8:43:8c:a6:64:2f: 59:fd:81:04:0d:fa:a7:58:17:58:0b:f8:2c:42:c0: 75:d1:d8:3d:e8:2a:1d:ac:e2:e1:76:8c:cd:72:65: b9:05:c0:ae:a5:b2:74:5b:d0:c9:e3:b2:30:2c:84: 63:d3:6c:04:9d:9c:9d:f8:29:d6:c3:b3:7e:df:7e: 9e:d9:5e:0c:84:1b:02:36:17:1c:1e:70:93:ee:98: 6a:7f:46:61:f7:ec:22:7a:c7:ce:0d:5c:63:a9:16: 06:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:45:49:2F:B0:90:A0:5C:3B:71:09:0A:AA:BB:F7:3D:4F:7D:2D:29 X509v3 Authority Key Identifier: keyid:1E:19:11:B9:BB:5C:8A:3E:1E:2B:8A:51:16:5F:8A:71:A0:92:C6:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhkRubtcij4eK4pRFl-KcaCSxo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/761ab1-d572-496e-adad-b7686b9061a5/1/HhkRubtcij4eK4pRFl-KcaCSxo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:dc:b7:6a:c2:b7:14:3f:4f:b1:70:a7:bc:94:ee:77:3b:3b: 4f:0f:a0:af:95:db:c4:e5:a3:ed:f5:0d:6e:a6:b2:c3:e6:02: 91:3f:90:1b:97:00:95:b2:08:a2:af:b8:76:70:f0:8d:81:47: 7b:41:be:f8:a4:5b:27:53:a7:dd:d8:ed:9f:e7:5a:eb:22:ea: ca:90:e2:a7:0e:f1:be:b1:75:7f:01:6e:a5:c7:84:13:8a:69: f2:bd:bc:d3:85:66:d6:24:4c:e3:76:70:81:7f:fd:d7:16:8b: ed:95:87:a0:7c:5f:89:18:29:74:a5:0f:67:02:50:48:69:c8: 36:99:47:60:06:5a:cc:4b:77:ce:3a:6e:2a:e3:c0:01:95:74: 81:41:51:7a:58:85:ee:7f:ac:99:45:7a:26:96:a2:1b:75:00: 84:96:e1:99:26:8b:5c:89:b7:bb:fd:53:0a:55:52:e1:d2:95: 0d:b9:50:22:66:41:93:a5:23:c2:10:a8:2a:be:4a:bc:e8:6f: 0a:a3:62:21:d1:67:a8:a0:50:6d:a0:41:b5:63:e4:da:b7:50: 2a:71:31:bf:88:a0:c8:ca:ed:a9:0f:62:2b:b7:0b:f0:4e:11: bd:71:89:62:66:9f:50:9d:1b:81:67:54:d1:53:58:f0:9a:7d: 86:69:ce:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydtVIk9emm0ytZUwppn1oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMTkxMWI5YmI1YzhhM2UxZTJiOGE1MTE2NWY4YTcxYTA5 MmM2OGQwHhcNMjUxMjA2MDcwMTA1WhcNMjUxMjA3MDcwMTA1WjAzMTEwLwYDVQQD EyhiYzQ1NDkyZmIwOTBhMDVjM2I3MTA5MGFhYWJiZjczZDRmN2QyZDI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsO5rRqc1TXBGzi/xv37nL2kQjkn EDW8UW/icnjiTwzug1eXP8ztDYvVYgCnPPvsEPXfiKaaAUNvFR6DqR/DCnM5GQm+ NZ/D0ej51H5hsHDFtw9jlzuyWkOF+Qhh182McAOI1fidi111xV0RyoMSwbdmg5Iw vJ7gNRqF4VgzYmNUhpiuJQqR60ALE+5vNyCxoR4VJizCyFUKfLOTfIO4Q4ymZC9Z /YEEDfqnWBdYC/gsQsB10dg96CodrOLhdozNcmW5BcCupbJ0W9DJ47IwLIRj02wE nZyd+CnWw7N+336e2V4MhBsCNhccHnCT7phqf0Zh9+wiesfODVxjqRYGPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLxFSS+wkKBcO3EJCqq79z1PfS0pMB8GA1UdIwQY MBaAFB4ZEbm7XIo+HiuKURZfinGgksaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQt Yjc2ODZiOTA2MWE1LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS83NjFhYjEtZDU3Mi00OTZlLWFkYWQtYjc2ODZiOTA2MWE1 LzEvSGhrUnVidGNpajRlSzRwUkZsLUtjYUNTeG8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9y3asK3 FD9PsXCnvJTudzs7Tw+gr5XbxOWj7fUNbqayw+YCkT+QG5cAlbIIoq+4dnDwjYFH e0G++KRbJ1On3djtn+da6yLqypDipw7xvrF1fwFupceEE4pp8r2804Vm1iRM43Zw gX/91xaL7ZWHoHxfiRgpdKUPZwJQSGnINplHYAZazEt3zjpuKuPAAZV0gUFReliF 7n+smUV6JpaiG3UAhJbhmSaLXIm3u/1TClVS4dKVDblQImZBk6UjwhCoKr5KvOhv CqNiIdFnqKBQbaBBtWPk2rdQKnExv4igyMrtqQ9iK7cL8E4RvXGJYmafUJ0bgWdU 0VNY8Jp9hmnOPQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:06:46 2025 by rpki-client