This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft File: Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft (raw, json) Hash identifier: BAsqrN5tlDCESIA5LHbkf9fuPcOKJoduHSt6s5KThm8= Subject key identifier: 1F:33:4F:49:0E:27:57:0D:4B:A7:B6:14:36:D9:0A:1D:81:22:AB:1C Authority key identifier: 1E:98:BB:48:B5:93:06:A7:30:C9:B9:BD:8D:77:34:67:CF:1C:54:E0 Certificate issuer: /CN=1e98bb48b59306a730c9b9bd8d773467cf1c54e0 Certificate serial: 019B34C50823BDA54CD71031A99EF90DCB7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hpi7SLWTBqcwybm9jXc0Z88cVOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft Manifest number: 0D89 Signing time: Fri 19 Dec 2025 04:01:26 +0000 Manifest this update: Fri 19 Dec 2025 04:01:26 +0000 Manifest next update: Sat 20 Dec 2025 04:01:26 +0000 Files and hashes: 1: Hpi7SLWTBqcwybm9jXc0Z88cVOA.crl (hash: hwdQeaFXNjWoGISujarZgyuDDXqFNzjf+LjYREcZJw4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.crl rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft rsync://rpki.ripe.net/repository/DEFAULT/Hpi7SLWTBqcwybm9jXc0Z88cVOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:08:23:bd:a5:4c:d7:10:31:a9:9e:f9:0d:cb:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e98bb48b59306a730c9b9bd8d773467cf1c54e0 Validity Not Before: Dec 19 04:01:26 2025 GMT Not After : Dec 20 04:01:26 2025 GMT Subject: CN=1f334f490e27570d4ba7b61436d90a1d8122ab1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:10:99:82:34:95:c6:c9:f4:71:ad:35:15:90: 68:06:da:aa:5d:13:03:6f:a9:3a:a5:07:94:76:c2: 4b:47:c7:a7:b9:b4:fc:e2:d2:68:07:f0:17:70:cd: bf:26:96:f2:db:4f:97:09:1e:35:64:a6:2f:8a:b8: ab:b1:0b:82:8f:e5:a7:d4:5b:51:ba:1f:46:39:f2: 32:ff:8a:20:0a:b7:96:56:a7:c3:cc:48:02:f0:27: d6:79:54:ab:71:9a:90:1d:6b:bf:17:4e:3d:0a:72: 9c:40:b6:6e:41:d0:de:58:75:03:fb:3e:7e:95:0f: f0:be:86:5c:a2:c8:3d:e6:f9:bb:ac:9d:2a:00:f0: 56:81:04:65:c7:ae:55:62:f3:08:b2:8f:0d:e7:21: ee:47:f7:ec:10:51:41:1a:9a:82:06:56:d1:9b:43: 5e:fb:26:fd:b5:50:8a:82:c8:54:94:06:f8:39:46: 6c:08:44:98:5a:93:46:f1:36:8f:e1:50:2d:96:94: 09:ae:c1:13:09:7c:e3:a0:c1:75:41:43:c8:b0:bb: 1c:21:1b:24:5f:b4:f5:81:9b:25:ed:17:ae:a4:f3: 2e:98:84:ae:4a:1f:53:29:db:f6:a2:30:9e:7a:b3: 5b:1e:29:f3:c2:04:cb:04:01:6b:a9:dc:03:c3:25: 85:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:33:4F:49:0E:27:57:0D:4B:A7:B6:14:36:D9:0A:1D:81:22:AB:1C X509v3 Authority Key Identifier: keyid:1E:98:BB:48:B5:93:06:A7:30:C9:B9:BD:8D:77:34:67:CF:1C:54:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hpi7SLWTBqcwybm9jXc0Z88cVOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5161cb-bcdd-4096-88f7-5aed8d6a33b7/1/Hpi7SLWTBqcwybm9jXc0Z88cVOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:a0:5e:fb:84:df:36:7c:7f:49:ce:8d:b0:d2:06:f5:80:57: 39:36:9f:c6:0b:bc:18:6b:d1:12:dc:c4:37:d4:3e:75:5d:ef: ad:59:e4:29:ba:0d:4b:ae:ea:72:48:94:43:6a:c6:ba:5b:99: b7:9c:c1:58:6c:01:8e:fa:d1:a3:c7:eb:0e:6a:dd:74:cd:72: af:21:32:0a:5f:b2:19:a1:36:ab:1b:1c:1c:6e:7b:d9:1c:70: a2:52:6d:2e:e6:90:b5:9e:53:01:62:8d:ef:56:2a:47:53:a5: 96:43:91:0a:68:01:2d:aa:cb:ba:41:28:d6:a2:93:dc:82:16: 83:e9:ce:da:0b:d0:95:a8:71:3f:71:06:52:8d:97:3c:f1:50: 62:9a:54:47:c5:f4:23:c0:1d:41:54:bb:15:f8:bf:48:52:8c: cd:35:56:53:a7:15:bc:8a:a2:9c:c9:4f:0b:85:10:28:18:f5: ab:c9:55:7d:7c:3f:11:28:e9:e8:a3:70:39:1a:ca:0f:28:7f: 24:ed:26:67:18:1d:f3:9e:c1:a2:df:80:cc:f6:65:26:48:4f: 28:f9:5d:7b:33:a2:ef:88:a9:0d:51:cd:9f:98:a8:35:b4:1d: ea:3e:ec:24:c7:4b:75:30:35:9b:a8:80:5f:6d:21:90:a2:1b: d0:83:f9:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xQgjvaVM1xAxqZ75Dct9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlOThiYjQ4YjU5MzA2YTczMGM5YjliZDhkNzczNDY3Y2Yx YzU0ZTAwHhcNMjUxMjE5MDQwMTI2WhcNMjUxMjIwMDQwMTI2WjAzMTEwLwYDVQQD EygxZjMzNGY0OTBlMjc1NzBkNGJhN2I2MTQzNmQ5MGExZDgxMjJhYjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBCZgjSVxsn0ca01FZBoBtqqXRMD b6k6pQeUdsJLR8enubT84tJoB/AXcM2/Jpby20+XCR41ZKYvirirsQuCj+Wn1FtR uh9GOfIy/4ogCreWVqfDzEgC8CfWeVSrcZqQHWu/F049CnKcQLZuQdDeWHUD+z5+ lQ/wvoZcosg95vm7rJ0qAPBWgQRlx65VYvMIso8N5yHuR/fsEFFBGpqCBlbRm0Ne +yb9tVCKgshUlAb4OUZsCESYWpNG8TaP4VAtlpQJrsETCXzjoMF1QUPIsLscIRsk X7T1gZsl7ReupPMumISuSh9TKdv2ojCeerNbHinzwgTLBAFrqdwDwyWF4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB8zT0kOJ1cNS6e2FDbZCh2BIqscMB8GA1UdIwQY MBaAFB6Yu0i1kwanMMm5vY13NGfPHFTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHBpN1NMV1RCcWN3eWJtOWpYYzBaODhjVk9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81MTYxY2ItYmNkZC00MDk2LTg4Zjct NWFlZDhkNmEzM2I3LzEvSHBpN1NMV1RCcWN3eWJtOWpYYzBaODhjVk9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC81MTYxY2ItYmNkZC00MDk2LTg4ZjctNWFlZDhkNmEzM2I3 LzEvSHBpN1NMV1RCcWN3eWJtOWpYYzBaODhjVk9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS6Be+4Tf Nnx/Sc6NsNIG9YBXOTafxgu8GGvREtzEN9Q+dV3vrVnkKboNS67qckiUQ2rGuluZ t5zBWGwBjvrRo8frDmrddM1yryEyCl+yGaE2qxscHG572RxwolJtLuaQtZ5TAWKN 71YqR1OllkORCmgBLarLukEo1qKT3IIWg+nO2gvQlahxP3EGUo2XPPFQYppUR8X0 I8AdQVS7Ffi/SFKMzTVWU6cVvIqinMlPC4UQKBj1q8lVfXw/ESjp6KNwORrKDyh/ JO0mZxgd857Bot+AzPZlJkhPKPldezOi74ipDVHNn5ioNbQd6j7sJMdLdTA1m6iA X20hkKIb0IP59A== -----END CERTIFICATE-----Generated at Fri Dec 19 13:32:07 2025 by rpki-client