This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.mft File: HgClX517dTlrS_oT54lgpaEvTvU.mft (raw, json) Hash identifier: NUqUSfXwImLExLrINrqOzC+Yt0gIiLolu5Mkt5M6Qhk= Subject key identifier: AD:4B:42:8E:23:F3:59:35:13:F8:40:56:F6:34:18:18:5C:2E:C9:8E Authority key identifier: 1E:00:A5:5F:9D:7B:75:39:6B:4B:FA:13:E7:89:60:A5:A1:2F:4E:F5 Certificate issuer: /CN=1e00a55f9d7b75396b4bfa13e78960a5a12f4ef5 Certificate serial: 019AF49C0917B5227AE8CB8EEDE22900A568 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgClX517dTlrS_oT54lgpaEvTvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.mft Manifest number: 0F19 Signing time: Sat 06 Dec 2025 17:00:57 +0000 Manifest this update: Sat 06 Dec 2025 17:00:57 +0000 Manifest next update: Sun 07 Dec 2025 17:00:57 +0000 Files and hashes: 1: HgClX517dTlrS_oT54lgpaEvTvU.crl (hash: 4la6VWBobHzB4gEJL6Y4iJIcjLU3DH1pJhcwVJOnXiw=) 2: Z9H2rikLSuyuU-ikn9teDCmjdUc.roa (hash: cRtnYLPeRJbchnmn6bYlPaowZvCX5uRJgotf5z/cank=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.crl rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.mft rsync://rpki.ripe.net/repository/DEFAULT/HgClX517dTlrS_oT54lgpaEvTvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:09:17:b5:22:7a:e8:cb:8e:ed:e2:29:00:a5:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e00a55f9d7b75396b4bfa13e78960a5a12f4ef5 Validity Not Before: Dec 6 17:00:57 2025 GMT Not After : Dec 7 17:00:57 2025 GMT Subject: CN=ad4b428e23f3593513f84056f63418185c2ec98e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:0e:66:5f:97:7b:bf:64:de:06:55:8e:41:10: 42:4b:61:07:bc:b7:e8:c4:5c:f5:63:7c:75:4b:81: 66:3e:39:2b:32:00:9c:d8:b6:3e:c8:c8:59:96:a1: a0:21:c2:46:83:16:94:82:79:a5:ca:46:54:cf:9b: cd:fd:7f:0f:b5:36:f7:67:14:42:0c:6b:12:43:b5: 21:a2:20:45:aa:26:58:f9:bd:ba:3b:f8:d5:db:d0: 3b:a5:ab:51:d5:5d:eb:cb:01:8c:cd:d9:7d:d6:a3: 78:35:83:d6:dc:f6:b6:e6:25:f9:32:57:1a:b8:36: 06:38:3f:db:70:42:5d:a3:d6:a9:a9:1c:22:86:51: 65:ab:af:20:64:cc:f7:94:17:20:48:db:52:17:db: 5a:16:25:8c:b5:0a:ad:95:d3:66:f6:27:be:fe:53: 52:1c:df:ee:88:2e:a7:e5:2f:b0:52:2f:06:e5:d1: 6f:82:cb:99:dc:1b:41:82:c0:a4:62:9e:d8:36:62: 89:1a:f2:09:3d:46:54:7b:51:6f:94:1a:c5:99:0a: d3:da:94:a5:c7:60:a6:7f:ef:37:f5:7b:c5:39:b7: 43:40:c9:00:e2:dc:16:1f:87:a4:f6:f3:69:d8:13: 18:59:8d:0e:ab:09:14:c7:d4:15:c2:19:27:62:34: 47:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:4B:42:8E:23:F3:59:35:13:F8:40:56:F6:34:18:18:5C:2E:C9:8E X509v3 Authority Key Identifier: keyid:1E:00:A5:5F:9D:7B:75:39:6B:4B:FA:13:E7:89:60:A5:A1:2F:4E:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgClX517dTlrS_oT54lgpaEvTvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:c8:af:95:17:5b:bc:45:89:79:61:5f:64:d1:06:62:22:e2: e9:81:61:8e:2f:d6:c0:dc:0f:b3:f7:21:19:58:60:06:68:ad: 94:6c:18:e1:91:fc:31:44:d4:a8:bc:5f:2c:90:1f:c7:3e:dd: 9c:19:d7:7a:a2:d4:d6:52:63:e0:10:d3:72:d9:0a:5f:a0:c2: 6a:18:20:01:e1:dd:ec:3f:8d:00:99:73:1c:1f:d2:4c:d7:c8: 2b:23:96:65:0c:35:4c:cc:f9:f1:e3:28:4c:a7:92:00:b5:87: aa:ff:8e:73:57:f4:45:05:66:2d:ed:8b:73:6d:58:78:a3:16: 0e:61:0b:3d:a3:1c:87:0a:08:83:22:02:46:a3:c3:46:59:4d: 4a:55:ed:72:ad:fd:61:1f:06:c9:48:90:d9:ab:59:5f:1b:53: 83:7a:9f:d1:a4:81:85:8c:95:3a:76:67:52:25:fc:59:40:29: 6c:be:c8:1a:83:ea:fd:0b:ed:5d:d8:9b:2f:aa:d4:a8:b7:3a: 52:e4:d4:28:89:aa:e1:9c:bd:d9:8b:3f:fd:da:9d:d9:9e:8a: 57:8e:c6:2a:bc:e3:76:52:a5:7f:58:33:f5:07:98:fb:10:0e: e3:aa:e0:14:7f:8b:51:35:13:df:ba:9c:d1:1e:f2:2c:bc:ff: 7c:3f:e5:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nAkXtSJ66MuO7eIpAKVoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMDBhNTVmOWQ3Yjc1Mzk2YjRiZmExM2U3ODk2MGE1YTEy ZjRlZjUwHhcNMjUxMjA2MTcwMDU3WhcNMjUxMjA3MTcwMDU3WjAzMTEwLwYDVQQD EyhhZDRiNDI4ZTIzZjM1OTM1MTNmODQwNTZmNjM0MTgxODVjMmVjOThlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A5mX5d7v2TeBlWOQRBCS2EHvLfo xFz1Y3x1S4FmPjkrMgCc2LY+yMhZlqGgIcJGgxaUgnmlykZUz5vN/X8PtTb3ZxRC DGsSQ7UhoiBFqiZY+b26O/jV29A7patR1V3rywGMzdl91qN4NYPW3Pa25iX5Mlca uDYGOD/bcEJdo9apqRwihlFlq68gZMz3lBcgSNtSF9taFiWMtQqtldNm9ie+/lNS HN/uiC6n5S+wUi8G5dFvgsuZ3BtBgsCkYp7YNmKJGvIJPUZUe1FvlBrFmQrT2pSl x2Cmf+839XvFObdDQMkA4twWH4ek9vNp2BMYWY0OqwkUx9QVwhknYjRHvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK1LQo4j81k1E/hAVvY0GBhcLsmOMB8GA1UdIwQY MBaAFB4ApV+de3U5a0v6E+eJYKWhL071MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGdDbFg1MTdkVGxyU19vVDU0bGdwYUV2VHZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82ODE1MjYtODYzZC00Njk4LWIxMjUt Y2Y3ZWRmM2Y1ZWFjLzEvSGdDbFg1MTdkVGxyU19vVDU0bGdwYUV2VHZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS82ODE1MjYtODYzZC00Njk4LWIxMjUtY2Y3ZWRmM2Y1ZWFj LzEvSGdDbFg1MTdkVGxyU19vVDU0bGdwYUV2VHZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANMivlRdb vEWJeWFfZNEGYiLi6YFhji/WwNwPs/chGVhgBmitlGwY4ZH8MUTUqLxfLJAfxz7d nBnXeqLU1lJj4BDTctkKX6DCahggAeHd7D+NAJlzHB/STNfIKyOWZQw1TMz58eMo TKeSALWHqv+Oc1f0RQVmLe2Lc21YeKMWDmELPaMchwoIgyICRqPDRllNSlXtcq39 YR8GyUiQ2atZXxtTg3qf0aSBhYyVOnZnUiX8WUApbL7IGoPq/QvtXdibL6rUqLc6 UuTUKImq4Zy92Ys//dqd2Z6KV47GKrzjdlKlf1gz9QeY+xAO46rgFH+LUTUT37qc 0R7yLLz/fD/lUA== -----END CERTIFICATE-----Generated at Sat Dec 6 22:28:03 2025 by rpki-client