This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft File: hlsHwonfa8nHYttDKboM48Up_ss.mft (raw, json) Hash identifier: 9+sqYmdBhyT/2HzuhPQe4LD4GIVL4eb03VeWgme3Uac= Subject key identifier: 2B:D1:BA:CE:38:B4:9E:46:CB:3D:84:36:1E:28:A2:A5:B4:98:86:C8 Authority key identifier: 86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB Certificate issuer: /CN=865b07c289df6bc9c762db4329ba0ce3c529fecb Certificate serial: 019AF0F5D5CEE21D17BEEB9E37D3A7E00EB2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft Manifest number: 0153 Signing time: Sat 06 Dec 2025 00:00:34 +0000 Manifest this update: Sat 06 Dec 2025 00:00:34 +0000 Manifest next update: Sun 07 Dec 2025 00:00:34 +0000 Files and hashes: 1: EyJIl9GgE7NEizESEZnZ9ODAHzw.roa (hash: TDhr2Br5ELeOUc6goo8nbxisdzgPRnJxdfCh2qX9VlY=) 2: hlsHwonfa8nHYttDKboM48Up_ss.crl (hash: PQFHpOLoQ726F9KytfQQNM9FS3zzE18aKOBvfLs1yLE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:d5:ce:e2:1d:17:be:eb:9e:37:d3:a7:e0:0e:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=865b07c289df6bc9c762db4329ba0ce3c529fecb Validity Not Before: Dec 6 00:00:34 2025 GMT Not After : Dec 7 00:00:34 2025 GMT Subject: CN=2bd1bace38b49e46cb3d84361e28a2a5b49886c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:13:5b:89:58:6c:77:71:38:04:f4:0c:e0:05: 5c:6e:e8:1b:3b:ec:6e:af:5b:f2:fc:c2:ff:1b:19: 7e:39:64:2d:18:08:e8:2a:a3:86:dc:88:2e:d9:34: e1:52:8d:5c:68:7c:1f:f9:02:49:66:97:87:91:ba: e0:8e:5e:f2:00:7a:14:cd:71:37:9f:2a:1b:47:88: 2b:73:78:7a:d5:50:b3:2b:cb:6e:90:22:24:3f:24: b8:f3:4f:0c:70:c8:d1:55:37:09:95:0e:91:d4:8c: 1b:cf:5b:c7:33:5d:26:1e:28:5b:b7:8b:8a:38:d9: 5b:34:ca:55:14:b3:ba:f3:2d:e9:20:e9:14:da:ff: 54:ca:4d:7f:52:eb:78:8f:b5:54:d4:8a:54:09:d0: 0d:9d:b7:62:b0:24:57:b8:3d:fa:84:4b:ea:36:cd: ec:ea:23:13:9d:4e:6a:0d:8f:68:9e:60:8d:45:e4: 21:6d:1b:07:c3:b0:4a:dd:0a:c9:54:90:cb:a3:5d: 0f:3c:cf:39:42:ea:c3:74:b0:0f:b4:67:71:ac:76: f9:52:29:30:d3:48:fa:96:aa:a6:01:54:4d:1a:f6: a5:04:2c:60:f3:f8:41:64:37:69:86:ab:aa:9b:5e: 01:74:17:47:b8:80:51:d5:6a:c2:95:cc:00:4d:56: 98:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D1:BA:CE:38:B4:9E:46:CB:3D:84:36:1E:28:A2:A5:B4:98:86:C8 X509v3 Authority Key Identifier: keyid:86:5B:07:C2:89:DF:6B:C9:C7:62:DB:43:29:BA:0C:E3:C5:29:FE:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlsHwonfa8nHYttDKboM48Up_ss.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4d1ab6-465b-4276-bc4a-2afa303e495d/1/hlsHwonfa8nHYttDKboM48Up_ss.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:aa:21:a6:ad:43:6f:f3:7c:30:f1:57:59:56:a0:1c:46:f8: 61:0e:37:6c:b6:22:f3:1e:5b:98:46:49:51:59:22:ad:34:a5: 81:26:ae:7f:29:f7:97:d2:b5:a6:c5:8f:47:76:a5:4c:c2:32: b8:91:42:3d:d4:de:5b:74:ae:a9:5a:a1:e0:75:52:c7:f6:60: 7d:ae:38:a3:e8:8a:e3:14:c9:25:73:e7:77:ba:c8:60:e6:ea: 44:1b:f4:91:65:a0:d0:74:91:9c:a8:0b:dc:a9:07:ca:c4:f3: 07:73:d8:3b:77:47:55:a7:97:1f:9d:31:6d:31:88:ec:4f:fe: 58:a3:64:4e:40:8a:96:7f:55:8e:4b:77:71:81:cc:89:3d:90: 16:81:b3:8b:98:7f:6c:6d:fd:f1:99:4e:00:7f:42:e2:40:ac: 62:01:35:37:95:bc:81:84:96:b4:4b:0d:1a:1f:d6:b3:b4:1b: 7e:b8:d0:a3:06:4c:fc:29:34:c5:fa:c3:f0:df:c3:fa:ea:08: 22:24:6b:56:92:7d:d5:62:53:b9:04:de:08:44:fb:6f:8f:1c: a1:d7:07:1c:b3:18:76:bc:10:bf:dc:56:be:c0:a8:2a:aa:7e: 1b:6c:ad:6e:08:88:80:51:8a:0e:9f:85:97:7c:c2:a1:5a:b8: 15:df:1a:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9dXO4h0XvuueN9On4A6yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NWIwN2MyODlkZjZiYzljNzYyZGI0MzI5YmEwY2UzYzUy OWZlY2IwHhcNMjUxMjA2MDAwMDM0WhcNMjUxMjA3MDAwMDM0WjAzMTEwLwYDVQQD EygyYmQxYmFjZTM4YjQ5ZTQ2Y2IzZDg0MzYxZTI4YTJhNWI0OTg4NmM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxNbiVhsd3E4BPQM4AVcbugbO+xu r1vy/ML/Gxl+OWQtGAjoKqOG3Igu2TThUo1caHwf+QJJZpeHkbrgjl7yAHoUzXE3 nyobR4grc3h61VCzK8tukCIkPyS4808McMjRVTcJlQ6R1Iwbz1vHM10mHihbt4uK ONlbNMpVFLO68y3pIOkU2v9Uyk1/Uut4j7VU1IpUCdANnbdisCRXuD36hEvqNs3s 6iMTnU5qDY9onmCNReQhbRsHw7BK3QrJVJDLo10PPM85QurDdLAPtGdxrHb5Uikw 00j6lqqmAVRNGvalBCxg8/hBZDdphquqm14BdBdHuIBR1WrClcwATVaYYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCvRus44tJ5Gyz2ENh4ooqW0mIbIMB8GA1UdIwQY MBaAFIZbB8KJ32vJx2LbQym6DOPFKf7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEt MmFmYTMwM2U0OTVkLzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi80ZDFhYjYtNDY1Yi00Mjc2LWJjNGEtMmFmYTMwM2U0OTVk LzEvaGxzSHdvbmZhOG5IWXR0REtib000OFVwX3NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApKohpq1D b/N8MPFXWVagHEb4YQ43bLYi8x5bmEZJUVkirTSlgSaufyn3l9K1psWPR3alTMIy uJFCPdTeW3SuqVqh4HVSx/Zgfa44o+iK4xTJJXPnd7rIYObqRBv0kWWg0HSRnKgL 3KkHysTzB3PYO3dHVaeXH50xbTGI7E/+WKNkTkCKln9Vjkt3cYHMiT2QFoGzi5h/ bG398ZlOAH9C4kCsYgE1N5W8gYSWtEsNGh/Ws7QbfrjQowZM/Ck0xfrD8N/D+uoI IiRrVpJ91WJTuQTeCET7b48codcHHLMYdrwQv9xWvsCoKqp+G2ytbgiIgFGKDp+F l3zCoVq4Fd8acQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:12:14 2025 by rpki-client