This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft File: HCTxyq-zII64J6B4JkF7y5STQS8.mft (raw, json) Hash identifier: EQsBogzJ46X4CtXGC+rVF6x8qhbX9MThLOqEFLVicsk= Subject key identifier: 8D:C3:A1:AA:66:5D:1B:CC:C3:20:3D:77:55:E4:43:B1:63:6E:B9:37 Authority key identifier: 1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F Certificate issuer: /CN=1c24f1caafb3208eb827a07826417bcb9493412f Certificate serial: 019AF3529B1CC00D0C2245EB0B943A7DD1B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft Manifest number: 06D8 Signing time: Sat 06 Dec 2025 11:01:08 +0000 Manifest this update: Sat 06 Dec 2025 11:01:08 +0000 Manifest next update: Sun 07 Dec 2025 11:01:08 +0000 Files and hashes: 1: HCTxyq-zII64J6B4JkF7y5STQS8.crl (hash: oJLSZNb4uhh9Cg9QoX2vYYYW+42gHh9f4OC1qu1M59o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:9b:1c:c0:0d:0c:22:45:eb:0b:94:3a:7d:d1:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c24f1caafb3208eb827a07826417bcb9493412f Validity Not Before: Dec 6 11:01:08 2025 GMT Not After : Dec 7 11:01:08 2025 GMT Subject: CN=8dc3a1aa665d1bccc3203d7755e443b1636eb937 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e7:9d:a0:6f:c1:9c:10:53:52:7e:a0:5a:04: 2f:27:61:26:dc:b3:d5:25:76:dd:dc:3d:c8:bb:29: 41:d6:54:1d:b6:35:ad:13:4a:62:d6:95:40:eb:a1: 39:8f:c5:78:87:c6:12:d0:f4:d1:5a:c1:77:66:46: 0c:95:13:f3:c9:5e:62:3e:91:12:26:a6:94:51:63: 43:47:81:00:cb:d0:d4:8a:8f:76:a3:73:b0:63:fd: 54:c8:85:d0:58:8d:fc:21:67:13:64:84:c9:39:e8: b0:60:b2:bd:b0:4f:e5:e7:53:4e:1c:51:64:5c:ca: b9:58:dd:81:44:55:8d:4a:bb:f2:b2:66:c6:15:2c: f2:c7:4b:eb:e0:94:79:78:0a:37:e9:7a:c6:ca:79: da:24:3a:6c:dd:cb:2d:b7:01:15:23:12:66:fc:53: 50:39:01:ca:3e:53:d7:a3:ed:09:a7:2b:4c:e4:56: 14:08:ba:32:dc:ec:5e:d6:a6:f9:79:86:8c:53:70: 8d:6d:8f:be:7c:12:df:32:14:f9:d9:4c:10:88:8b: 69:9b:5a:18:f3:d8:bc:ef:12:41:3f:f3:98:60:b6: 1a:d0:f9:0e:01:56:ac:7e:af:21:4f:9f:9b:f8:0d: 1c:d1:4f:35:7f:1b:5e:ea:1f:95:ac:d1:2f:0e:a8: 39:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:C3:A1:AA:66:5D:1B:CC:C3:20:3D:77:55:E4:43:B1:63:6E:B9:37 X509v3 Authority Key Identifier: keyid:1C:24:F1:CA:AF:B3:20:8E:B8:27:A0:78:26:41:7B:CB:94:93:41:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCTxyq-zII64J6B4JkF7y5STQS8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b55fde-2b55-47be-8d64-7dcfffae278c/1/HCTxyq-zII64J6B4JkF7y5STQS8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:42:68:94:3a:a5:f1:bc:0f:bc:c6:5a:ec:7c:89:c6:bc:f8: 3a:c1:4b:82:4c:66:37:2f:de:9d:e2:08:82:4e:32:21:1b:84: 32:6f:de:e9:07:88:35:55:c4:a4:b8:ba:eb:fd:ad:d8:be:75: 08:5a:94:0f:5b:88:b9:6e:62:11:4a:52:18:25:56:f3:02:7e: cf:47:57:7c:82:3d:b3:8d:99:c1:be:3a:f5:6b:9d:38:30:14: 0d:da:a4:c2:d3:93:33:8a:87:50:89:68:0f:52:9c:6a:40:d4: 0e:f2:4e:b6:f8:61:e5:f0:29:bb:61:76:63:83:94:b4:79:5c: dc:2f:51:2a:ed:89:7d:58:41:a8:25:23:c2:5a:ff:8c:f2:7a: db:80:ed:ee:4c:59:12:a4:0c:1b:e9:02:45:ca:1e:78:cd:8f: 4d:5f:cc:95:0f:95:ea:5b:3b:11:3e:39:57:da:16:6c:97:7a: 4e:fe:fb:91:0e:0a:39:63:bd:cd:43:58:1d:99:83:ea:25:61: 10:31:19:fd:9b:1e:e9:67:2a:de:2a:c6:c0:95:fc:f8:29:a1: 1c:c8:e6:5e:e8:78:82:10:4b:25:f3:e3:58:de:b0:17:ec:52: 4c:26:7b:29:ed:2b:75:5d:33:09:2a:73:9d:ef:d9:5e:34:54: 0d:7b:f6:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUpscwA0MIkXrC5Q6fdGxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMjRmMWNhYWZiMzIwOGViODI3YTA3ODI2NDE3YmNiOTQ5 MzQxMmYwHhcNMjUxMjA2MTEwMTA4WhcNMjUxMjA3MTEwMTA4WjAzMTEwLwYDVQQD Eyg4ZGMzYTFhYTY2NWQxYmNjYzMyMDNkNzc1NWU0NDNiMTYzNmViOTM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOedoG/BnBBTUn6gWgQvJ2Em3LPV JXbd3D3IuylB1lQdtjWtE0pi1pVA66E5j8V4h8YS0PTRWsF3ZkYMlRPzyV5iPpES JqaUUWNDR4EAy9DUio92o3OwY/1UyIXQWI38IWcTZITJOeiwYLK9sE/l51NOHFFk XMq5WN2BRFWNSrvysmbGFSzyx0vr4JR5eAo36XrGynnaJDps3csttwEVIxJm/FNQ OQHKPlPXo+0JpytM5FYUCLoy3Oxe1qb5eYaMU3CNbY++fBLfMhT52UwQiItpm1oY 89i87xJBP/OYYLYa0PkOAVasfq8hT5+b+A0c0U81fxte6h+VrNEvDqg5NwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI3DoapmXRvMwyA9d1XkQ7Fjbrk3MB8GA1UdIwQY MBaAFBwk8cqvsyCOuCegeCZBe8uUk0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQt N2RjZmZmYWUyNzhjLzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS9iNTVmZGUtMmI1NS00N2JlLThkNjQtN2RjZmZmYWUyNzhj LzEvSENUeHlxLXpJSTY0SjZCNEprRjd5NVNUUVM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKUJolDql 8bwPvMZa7HyJxrz4OsFLgkxmNy/eneIIgk4yIRuEMm/e6QeINVXEpLi66/2t2L51 CFqUD1uIuW5iEUpSGCVW8wJ+z0dXfII9s42Zwb469WudODAUDdqkwtOTM4qHUIlo D1KcakDUDvJOtvhh5fApu2F2Y4OUtHlc3C9RKu2JfVhBqCUjwlr/jPJ624Dt7kxZ EqQMG+kCRcoeeM2PTV/MlQ+V6ls7ET45V9oWbJd6Tv77kQ4KOWO9zUNYHZmD6iVh EDEZ/Zse6Wcq3irGwJX8+CmhHMjmXuh4ghBLJfPjWN6wF+xSTCZ7Ke0rdV0zCSpz ne/ZXjRUDXv2kg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:53:34 2025 by rpki-client