This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/55283a-09a0-4da8-a968-43c7f027c6e4/1/Hd50Y-2EmAIN05IyJFnSz0DyJrI.mft File: Hd50Y-2EmAIN05IyJFnSz0DyJrI.mft (raw, json) Hash identifier: YOqf8aSSMMkHgnkjB8QPesXb9M8V6tf0/PBpGzsRuy8= Subject key identifier: 8D:B2:C5:7B:B0:8A:F9:A3:A3:0D:8E:29:23:B9:A7:FB:06:7B:51:59 Authority key identifier: 1D:DE:74:63:ED:84:98:02:0D:D3:92:32:24:59:D2:CF:40:F2:26:B2 Certificate issuer: /CN=1dde7463ed8498020dd392322459d2cf40f226b2 Certificate serial: 019B3343A785AC833253D821EC1E9F9B1DA0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd50Y-2EmAIN05IyJFnSz0DyJrI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/55283a-09a0-4da8-a968-43c7f027c6e4/1/Hd50Y-2EmAIN05IyJFnSz0DyJrI.mft Manifest number: 0BB8 Signing time: Thu 18 Dec 2025 21:00:30 +0000 Manifest this update: Thu 18 Dec 2025 21:00:30 +0000 Manifest next update: Fri 19 Dec 2025 21:00:30 +0000 Files and hashes: 1: Hd50Y-2EmAIN05IyJFnSz0DyJrI.crl (hash: LG/i27iJ3dk7OgaPmjrY+j2IE057HzigivTdEgVLXNo=) 2: ZeLziwVcKFCzlXV46oF95sJgQFI.roa (hash: YJb2jXI2aFgonHfwW6/ZhSjIG0Uw2jOF0vpZ55dF3+8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/55283a-09a0-4da8-a968-43c7f027c6e4/1/Hd50Y-2EmAIN05IyJFnSz0DyJrI.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/55283a-09a0-4da8-a968-43c7f027c6e4/1/Hd50Y-2EmAIN05IyJFnSz0DyJrI.mft rsync://rpki.ripe.net/repository/DEFAULT/Hd50Y-2EmAIN05IyJFnSz0DyJrI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:43:a7:85:ac:83:32:53:d8:21:ec:1e:9f:9b:1d:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1dde7463ed8498020dd392322459d2cf40f226b2 Validity Not Before: Dec 18 21:00:30 2025 GMT Not After : Dec 19 21:00:30 2025 GMT Subject: CN=8db2c57bb08af9a3a30d8e2923b9a7fb067b5159 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:41:ec:fe:54:05:25:4d:34:ab:28:4e:f2:b7: b9:24:75:ec:d1:e5:96:f0:0a:26:ba:80:6b:1a:a1: f1:21:79:8a:1e:55:10:50:57:0b:28:46:4f:37:7c: 33:2b:e3:73:59:fb:01:ed:e1:7d:8a:82:28:56:04: d3:5d:4a:09:32:a2:65:fa:ab:2b:75:51:15:30:70: aa:05:18:27:e1:92:e7:33:77:c2:d8:fa:4b:8c:eb: a1:46:99:f1:2f:e3:a1:13:95:7a:46:a5:e5:51:c2: 8a:bb:ac:b6:95:c6:7d:93:ce:9b:e8:7d:56:7c:16: 19:f6:05:de:f2:fc:82:57:15:f8:7b:6f:9c:3b:35: 6a:d9:6f:00:1d:90:8f:0d:2e:19:b2:d9:e0:76:75: de:2f:23:74:0f:6d:cb:5b:f8:ff:6b:6a:c1:cb:00: e7:15:53:34:e7:6e:4f:16:e8:c7:6f:c4:0d:45:24: ec:93:d1:2f:d5:a9:45:f9:ce:9f:3f:61:7a:3b:3d: c6:5a:83:25:b8:5c:58:d1:3b:49:e2:5d:57:53:3a: 57:a9:21:af:94:c9:f9:1d:0a:e5:bd:fa:37:f5:45: 7e:ea:51:2b:2e:d3:ed:1d:02:41:95:26:01:0c:9a: bf:23:79:d5:12:69:94:eb:2b:c0:f2:3d:28:1b:d3: 1a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:B2:C5:7B:B0:8A:F9:A3:A3:0D:8E:29:23:B9:A7:FB:06:7B:51:59 X509v3 Authority Key Identifier: keyid:1D:DE:74:63:ED:84:98:02:0D:D3:92:32:24:59:D2:CF:40:F2:26:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd50Y-2EmAIN05IyJFnSz0DyJrI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/55283a-09a0-4da8-a968-43c7f027c6e4/1/Hd50Y-2EmAIN05IyJFnSz0DyJrI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/55283a-09a0-4da8-a968-43c7f027c6e4/1/Hd50Y-2EmAIN05IyJFnSz0DyJrI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:e3:fd:49:ea:9e:3d:5f:a8:30:d5:56:e2:a4:34:64:ec:a9: 76:a8:36:e7:6a:36:0a:d1:e5:2f:9c:15:91:b9:f0:aa:b6:6a: 0d:90:f4:0a:35:ba:76:b0:7c:63:b3:40:b2:5d:02:63:3d:20: 41:a5:7e:e9:7a:47:1b:7a:ac:49:b5:2e:ac:87:71:33:06:f4: 4f:6c:31:65:a8:c3:de:36:a2:dd:e7:a7:77:06:7f:62:7e:a6: b3:a8:b3:ca:a3:ea:be:99:d1:b6:a8:d6:84:a4:d3:b6:88:08: c6:32:58:c6:41:cb:6c:73:47:24:81:83:c3:15:fe:59:28:cf: 5a:96:51:8d:f8:dd:f7:fb:83:d9:91:ee:10:1c:fa:14:e8:3d: 75:58:de:37:b1:ba:a6:25:07:2a:40:19:b0:d3:68:e3:87:ea: 87:b3:f4:34:3e:0a:1e:7d:8b:d7:f0:0b:f4:1a:28:5f:8f:6a: eb:c0:b7:0d:12:d7:53:3c:d1:e9:8b:86:6b:47:73:c9:5d:dd: 35:32:e7:74:70:cd:02:6a:09:04:18:3d:84:a2:d9:7f:93:2b: 7e:0b:27:c9:a8:e4:be:8a:58:80:43:e3:85:27:ae:f4:61:7a: be:e7:18:2f:76:d4:06:ff:16:f1:93:94:06:9c:eb:6c:75:c0: 33:b7:23:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszQ6eFrIMyU9gh7B6fmx2gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZGU3NDYzZWQ4NDk4MDIwZGQzOTIzMjI0NTlkMmNmNDBm MjI2YjIwHhcNMjUxMjE4MjEwMDMwWhcNMjUxMjE5MjEwMDMwWjAzMTEwLwYDVQQD Eyg4ZGIyYzU3YmIwOGFmOWEzYTMwZDhlMjkyM2I5YTdmYjA2N2I1MTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UHs/lQFJU00qyhO8re5JHXs0eWW 8AomuoBrGqHxIXmKHlUQUFcLKEZPN3wzK+NzWfsB7eF9ioIoVgTTXUoJMqJl+qsr dVEVMHCqBRgn4ZLnM3fC2PpLjOuhRpnxL+OhE5V6RqXlUcKKu6y2lcZ9k86b6H1W fBYZ9gXe8vyCVxX4e2+cOzVq2W8AHZCPDS4ZstngdnXeLyN0D23LW/j/a2rBywDn FVM0525PFujHb8QNRSTsk9Ev1alF+c6fP2F6Oz3GWoMluFxY0TtJ4l1XUzpXqSGv lMn5HQrlvfo39UV+6lErLtPtHQJBlSYBDJq/I3nVEmmU6yvA8j0oG9MauQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI2yxXuwivmjow2OKSO5p/sGe1FZMB8GA1UdIwQY MBaAFB3edGPthJgCDdOSMiRZ0s9A8iayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGQ1MFktMkVtQUlOMDVJeUpGblN6MER5SnJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NTI4M2EtMDlhMC00ZGE4LWE5Njgt NDNjN2YwMjdjNmU0LzEvSGQ1MFktMkVtQUlOMDVJeUpGblN6MER5SnJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi81NTI4M2EtMDlhMC00ZGE4LWE5NjgtNDNjN2YwMjdjNmU0 LzEvSGQ1MFktMkVtQUlOMDVJeUpGblN6MER5SnJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJOP9Seqe PV+oMNVW4qQ0ZOypdqg252o2CtHlL5wVkbnwqrZqDZD0CjW6drB8Y7NAsl0CYz0g QaV+6XpHG3qsSbUurIdxMwb0T2wxZajD3jai3eendwZ/Yn6ms6izyqPqvpnRtqjW hKTTtogIxjJYxkHLbHNHJIGDwxX+WSjPWpZRjfjd9/uD2ZHuEBz6FOg9dVjeN7G6 piUHKkAZsNNo44fqh7P0ND4KHn2L1/AL9BooX49q68C3DRLXUzzR6YuGa0dzyV3d NTLndHDNAmoJBBg9hKLZf5MrfgsnyajkvopYgEPjhSeu9GF6vucYL3bUBv8W8ZOU BpzrbHXAM7cj4g== -----END CERTIFICATE-----Generated at Thu Dec 18 23:11:08 2025 by rpki-client