This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft File: HAaGYxPWaK_oeYb65f95QfkoBps.mft (raw, json) Hash identifier: tYoC6N2IDJwa4bbjT77aS6KeoIn8IU4ZLwS6UH//Ues= Subject key identifier: 8A:52:F0:8B:1F:02:2D:C2:B2:A7:4F:7D:FC:B0:A9:06:BF:92:57:84 Authority key identifier: 1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B Certificate issuer: /CN=1c06866313d668afe87986fae5ff7941f928069b Certificate serial: 019AF19AD8F520E555F779387F23905A6D86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft Manifest number: 1159 Signing time: Sat 06 Dec 2025 03:00:48 +0000 Manifest this update: Sat 06 Dec 2025 03:00:48 +0000 Manifest next update: Sun 07 Dec 2025 03:00:48 +0000 Files and hashes: 1: HAaGYxPWaK_oeYb65f95QfkoBps.crl (hash: 5DeIHcPeXqwO4KcrLfytTAm0KqoxsE3gtjKlgxsgxaI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:d8:f5:20:e5:55:f7:79:38:7f:23:90:5a:6d:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c06866313d668afe87986fae5ff7941f928069b Validity Not Before: Dec 6 03:00:48 2025 GMT Not After : Dec 7 03:00:48 2025 GMT Subject: CN=8a52f08b1f022dc2b2a74f7dfcb0a906bf925784 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d4:c5:de:86:06:65:3d:11:a9:a2:51:c8:2c: cd:14:77:79:e0:2e:63:e5:2d:c7:5d:84:10:f6:f0: a9:60:32:f8:ab:ec:f5:0d:74:ec:f1:1d:f9:fe:fa: 5e:a6:69:aa:e4:d4:ba:ea:f5:ba:ec:06:cc:54:06: c2:40:30:b4:24:19:b9:07:e8:4e:6f:5e:3f:50:78: 3c:97:70:e2:f4:98:3c:e4:e3:9b:8c:0a:27:21:e6: 9a:f0:55:32:f7:bf:80:6d:01:0a:cf:07:13:4c:fb: 04:74:0c:48:a5:66:88:03:c1:eb:00:e4:f1:f3:6e: 17:57:22:d1:9c:91:b5:70:3e:08:30:0f:38:cb:8f: 01:5c:6f:18:d1:a3:2d:ff:37:ba:98:5d:d2:9b:3b: 61:ae:07:2b:a2:1f:17:fc:65:f7:1c:6c:1b:b4:a1: 90:69:cd:a1:90:cf:e8:90:aa:af:7a:4b:fd:e1:ab: 04:19:cd:60:cc:c3:ee:b7:e4:1c:5b:1d:3b:d7:8f: e8:e5:d5:ad:04:4e:93:e9:bb:a3:a0:a0:27:a0:f6: bb:54:8b:5e:17:52:92:67:46:11:c2:45:0c:95:e8: 83:be:fc:83:e4:7d:23:b7:4b:df:77:86:48:77:de: a0:9a:86:8e:70:c9:ae:10:03:15:a8:f8:44:f5:8b: 2a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:52:F0:8B:1F:02:2D:C2:B2:A7:4F:7D:FC:B0:A9:06:BF:92:57:84 X509v3 Authority Key Identifier: keyid:1C:06:86:63:13:D6:68:AF:E8:79:86:FA:E5:FF:79:41:F9:28:06:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaGYxPWaK_oeYb65f95QfkoBps.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1ceddd-98d1-47fd-b30c-6ab98d36dac6/1/HAaGYxPWaK_oeYb65f95QfkoBps.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:34:8e:c7:0c:ba:46:17:5c:4f:15:11:7b:07:ed:34:02:3f: fe:0a:38:a7:e7:bc:43:f2:ec:02:56:11:66:ad:e3:aa:3f:16: ea:2c:15:02:58:2f:24:f3:a4:bb:c1:dc:fe:27:92:c9:f1:4a: ca:cc:44:11:f6:46:9b:80:49:79:0b:22:ec:b8:35:c2:1c:7b: 2c:e4:0f:88:65:61:34:f1:48:e1:21:3c:a6:2e:98:dc:71:c9: 4f:91:ce:e7:7e:dd:50:57:60:f1:40:a9:a4:d5:92:8c:1e:f1: 36:73:30:bc:7b:97:41:f8:a3:9e:e1:21:ef:02:55:36:e1:b1: 8e:12:3b:9e:b0:e9:a5:31:d9:bb:72:22:ad:79:fb:33:dc:ea: 91:d9:3e:81:ad:cb:1d:1a:db:b1:5e:9d:4b:d3:b0:16:6c:95: 92:14:82:92:ec:91:29:fb:e8:5f:ec:da:fb:63:bf:41:e5:9f: f2:3f:93:9e:9e:cc:82:12:b0:40:9e:b6:82:58:15:4d:88:af: e4:7d:ea:a6:fa:27:df:9f:3a:65:76:04:8a:f3:5d:13:13:5d: a0:85:12:3e:55:f9:ff:e6:0f:7c:b9:86:3e:82:41:97:d4:c2: 7a:cf:7d:14:d9:62:bb:a9:d6:1f:14:19:51:50:44:9e:75:8e: 6d:f6:80:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmtj1IOVV93k4fyOQWm2GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMDY4NjYzMTNkNjY4YWZlODc5ODZmYWU1ZmY3OTQxZjky ODA2OWIwHhcNMjUxMjA2MDMwMDQ4WhcNMjUxMjA3MDMwMDQ4WjAzMTEwLwYDVQQD Eyg4YTUyZjA4YjFmMDIyZGMyYjJhNzRmN2RmY2IwYTkwNmJmOTI1Nzg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtTF3oYGZT0RqaJRyCzNFHd54C5j 5S3HXYQQ9vCpYDL4q+z1DXTs8R35/vpepmmq5NS66vW67AbMVAbCQDC0JBm5B+hO b14/UHg8l3Di9Jg85OObjAonIeaa8FUy97+AbQEKzwcTTPsEdAxIpWaIA8HrAOTx 824XVyLRnJG1cD4IMA84y48BXG8Y0aMt/ze6mF3Smzthrgcroh8X/GX3HGwbtKGQ ac2hkM/okKqvekv94asEGc1gzMPut+QcWx0714/o5dWtBE6T6bujoKAnoPa7VIte F1KSZ0YRwkUMleiDvvyD5H0jt0vfd4ZId96gmoaOcMmuEAMVqPhE9Ysq7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIpS8IsfAi3CsqdPffywqQa/kleEMB8GA1UdIwQY MBaAFBwGhmMT1miv6HmG+uX/eUH5KAabMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMt NmFiOThkMzZkYWM2LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi8xY2VkZGQtOThkMS00N2ZkLWIzMGMtNmFiOThkMzZkYWM2 LzEvSEFhR1l4UFdhS19vZVliNjVmOTVRZmtvQnBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTSOxwy6 RhdcTxURewftNAI//go4p+e8Q/LsAlYRZq3jqj8W6iwVAlgvJPOku8Hc/ieSyfFK ysxEEfZGm4BJeQsi7Lg1whx7LOQPiGVhNPFI4SE8pi6Y3HHJT5HO537dUFdg8UCp pNWSjB7xNnMwvHuXQfijnuEh7wJVNuGxjhI7nrDppTHZu3IirXn7M9zqkdk+ga3L HRrbsV6dS9OwFmyVkhSCkuyRKfvoX+za+2O/QeWf8j+Tnp7MghKwQJ62glgVTYiv 5H3qpvon3586ZXYEivNdExNdoIUSPlX5/+YPfLmGPoJBl9TCes99FNliu6nWHxQZ UVBEnnWObfaADQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:56:18 2025 by rpki-client