This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft File: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft (raw, json) Hash identifier: dOmxMGaZPpveHw6FPtYyCs5dUR9oIxeyIbBEppD5jY0= Subject key identifier: DF:F5:31:15:8B:4A:40:34:CF:EC:37:DD:E0:76:65:BA:C2:98:F7:54 Authority key identifier: 1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70 Certificate issuer: /CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270 Certificate serial: 019AF276D5BE88F6F99822B08B89B5AEE737 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 07:01:05 +0000 Manifest this update: Sat 06 Dec 2025 07:01:05 +0000 Manifest next update: Sun 07 Dec 2025 07:01:05 +0000 Files and hashes: 1: HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl (hash: SAAE/ikqPx273x6107VWAzkRaPpYD0krEjHohIWt8m8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:d5:be:88:f6:f9:98:22:b0:8b:89:b5:ae:e7:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1dc5d3bcc91e4a31a208361af0a93a62f62d8270 Validity Not Before: Dec 6 07:01:05 2025 GMT Not After : Dec 7 07:01:05 2025 GMT Subject: CN=dff531158b4a4034cfec37dde07665bac298f754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b9:1c:58:fc:a9:12:51:49:40:77:b3:77:13: 5c:b2:9d:d3:1c:56:12:df:61:0f:ae:34:34:66:8b: fb:5e:0b:10:f8:16:ee:08:e3:21:43:d4:32:45:12: 51:d0:a1:1e:68:fc:b0:46:b6:5e:c3:ad:b3:59:24: 40:0e:46:73:dd:9b:8e:c9:07:bb:ab:00:94:0a:ed: 3b:af:69:06:84:20:6a:64:dc:a2:50:cf:5a:7b:8e: 05:7e:71:86:c5:f3:a9:a8:0d:af:f4:c8:0c:6e:e2: 7a:b5:8b:d6:0c:ec:0e:80:ca:1e:fc:ac:d4:eb:7b: 19:f4:6b:38:2e:24:5e:58:5f:65:83:87:02:3d:6e: 8d:8f:ac:97:eb:91:5f:a8:c7:ea:28:4d:50:36:73: 4d:30:62:5f:c0:e9:3d:1d:7a:c9:ee:b5:02:19:0f: 81:92:dc:76:61:1b:37:ec:e1:d2:aa:8c:7c:15:f7: 8c:86:8a:96:6a:b8:58:83:28:8e:74:bd:fa:83:d6: 8c:46:68:08:34:65:e0:5e:46:89:37:3d:1c:dd:81: 8d:c7:9c:39:6c:bd:41:1a:de:15:6f:c5:0a:3c:fd: 13:6a:b6:05:c4:bd:e0:95:29:45:a6:cd:19:21:21: 34:3c:dd:fe:7c:2d:5c:63:1c:59:27:7f:79:f0:8b: 7c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:F5:31:15:8B:4A:40:34:CF:EC:37:DD:E0:76:65:BA:C2:98:F7:54 X509v3 Authority Key Identifier: keyid:1D:C5:D3:BC:C9:1E:4A:31:A2:08:36:1A:F0:A9:3A:62:F6:2D:82:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/494bc5-1aeb-4565-aad7-f69b7e266233/1/HcXTvMkeSjGiCDYa8Kk6YvYtgnA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:02:54:24:80:98:e1:0a:b7:d2:cc:59:2a:0b:a4:9b:6b:f4: 3b:7c:99:43:c5:b2:63:f9:8a:3c:31:d5:32:61:27:20:3d:38: 61:60:14:91:18:0a:90:3c:18:d0:1c:d0:4c:fc:43:2b:9c:e0: ca:2a:e1:a1:16:a1:e8:eb:01:1a:be:4c:b3:c0:18:4f:81:b6: 00:27:35:87:a8:08:92:60:d9:a7:e3:0f:51:18:9e:99:2e:41: 29:ac:b8:55:42:d6:a5:00:8b:1b:98:cf:51:47:a2:76:0a:a8: 16:c2:d5:d3:9e:20:ae:25:d5:23:62:f6:38:34:b6:16:3c:32: 72:69:9b:ce:97:26:c7:db:ec:8d:ec:b6:9e:14:2e:3e:e0:57: 1b:64:72:5f:18:87:f7:9f:6f:e8:ba:4d:8d:31:a4:89:46:c7: c0:5b:51:88:b1:ad:29:c5:b6:85:42:54:47:a2:08:c6:79:4b: 7e:49:9c:7e:55:26:79:7e:ea:21:81:be:e7:26:95:b0:68:ff: 1a:5a:54:ab:16:ca:ee:fa:bb:42:5c:0f:d1:21:e9:c7:26:3c: 85:ca:84:98:cb:7f:cb:49:41:82:63:c5:88:66:14:9b:66:e4: 7d:36:df:59:75:18:5c:82:31:cf:57:27:25:bb:f9:44:c9:a3: b6:3e:41:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydtW+iPb5mCKwi4m1ruc3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYzVkM2JjYzkxZTRhMzFhMjA4MzYxYWYwYTkzYTYyZjYy ZDgyNzAwHhcNMjUxMjA2MDcwMTA1WhcNMjUxMjA3MDcwMTA1WjAzMTEwLwYDVQQD EyhkZmY1MzExNThiNGE0MDM0Y2ZlYzM3ZGRlMDc2NjViYWMyOThmNzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLkcWPypElFJQHezdxNcsp3THFYS 32EPrjQ0Zov7XgsQ+BbuCOMhQ9QyRRJR0KEeaPywRrZew62zWSRADkZz3ZuOyQe7 qwCUCu07r2kGhCBqZNyiUM9ae44FfnGGxfOpqA2v9MgMbuJ6tYvWDOwOgMoe/KzU 63sZ9Gs4LiReWF9lg4cCPW6Nj6yX65FfqMfqKE1QNnNNMGJfwOk9HXrJ7rUCGQ+B ktx2YRs37OHSqox8FfeMhoqWarhYgyiOdL36g9aMRmgINGXgXkaJNz0c3YGNx5w5 bL1BGt4Vb8UKPP0TarYFxL3glSlFps0ZISE0PN3+fC1cYxxZJ3958It8SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN/1MRWLSkA0z+w33eB2ZbrCmPdUMB8GA1UdIwQY MBaAFB3F07zJHkoxogg2GvCpOmL2LYJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDct ZjY5YjdlMjY2MjMzLzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy80OTRiYzUtMWFlYi00NTY1LWFhZDctZjY5YjdlMjY2MjMz LzEvSGNYVHZNa2VTakdpQ0RZYThLazZZdll0Z25BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwJUJICY 4Qq30sxZKgukm2v0O3yZQ8WyY/mKPDHVMmEnID04YWAUkRgKkDwY0BzQTPxDK5zg yirhoRah6OsBGr5Ms8AYT4G2ACc1h6gIkmDZp+MPURiemS5BKay4VULWpQCLG5jP UUeidgqoFsLV054griXVI2L2ODS2Fjwycmmbzpcmx9vsjey2nhQuPuBXG2RyXxiH 959v6LpNjTGkiUbHwFtRiLGtKcW2hUJUR6IIxnlLfkmcflUmeX7qIYG+5yaVsGj/ GlpUqxbK7vq7QlwP0SHpxyY8hcqEmMt/y0lBgmPFiGYUm2bkfTbfWXUYXIIxz1cn Jbv5RMmjtj5Bng== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:25 2025 by rpki-client