This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft File: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json) Hash identifier: Aml7V9GskYSJt8CHMBgOy8DOlFjdHsEqXtBs5ueiz6w= Subject key identifier: CD:CA:66:83:7F:72:03:D7:6C:D2:EC:C3:28:2F:DD:9F:6C:94:92:ED Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66 Certificate issuer: /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266 Certificate serial: 019AF31BC292D6E6F66341CFBF737A0C0DFD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft Manifest number: 115C Signing time: Sat 06 Dec 2025 10:01:13 +0000 Manifest this update: Sat 06 Dec 2025 10:01:13 +0000 Manifest next update: Sun 07 Dec 2025 10:01:13 +0000 Files and hashes: 1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: 2uEEQRyXSgg492J9nXsqxrnhm19yglRbhOR9sqFU2hM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:c2:92:d6:e6:f6:63:41:cf:bf:73:7a:0c:0d:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266 Validity Not Before: Dec 6 10:01:13 2025 GMT Not After : Dec 7 10:01:13 2025 GMT Subject: CN=cdca66837f7203d76cd2ecc3282fdd9f6c9492ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:6e:24:ea:a9:cd:c2:46:9c:66:58:87:bb:d3: fc:a7:a2:b1:f0:90:f1:64:fb:9f:0a:9b:f5:ed:32: 66:2c:28:3f:80:b8:7b:08:3b:de:9b:9d:ff:4a:9a: a3:6d:d3:5a:12:76:f8:21:4b:66:93:60:aa:42:76: 52:25:0d:da:09:8d:25:77:32:eb:1d:e6:9c:87:71: 9b:2e:06:ad:fc:1e:f6:e8:3c:88:2c:0e:97:64:21: e0:cf:f8:79:7a:da:08:7c:5e:b7:bd:1d:2d:bf:a5: 84:2b:70:a7:6d:3f:5e:c3:89:c8:20:cd:0d:73:78: 6d:29:5b:b9:d2:6d:e0:7c:66:b8:26:6c:3e:88:ed: aa:39:68:b6:3d:9e:96:86:a7:55:0a:75:d6:d0:7c: 14:34:c8:60:29:f8:63:e3:a1:42:5d:3b:7a:44:67: 6e:f3:a4:83:f0:40:e7:d6:cb:d3:ea:ba:36:63:a4: b8:43:56:bc:b6:a9:1d:72:ce:2a:86:48:be:53:39: d8:39:da:6b:80:bc:df:c6:9e:7c:0a:29:0d:a1:b5: 49:95:00:fe:27:04:9e:f6:b0:19:f3:2e:52:e8:51: 47:0b:af:7d:d2:3a:e9:4e:d8:c7:15:80:67:aa:d5: 6c:25:29:2c:ae:4c:54:07:8f:1a:00:d6:8a:7b:19: a7:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:CA:66:83:7F:72:03:D7:6C:D2:EC:C3:28:2F:DD:9F:6C:94:92:ED X509v3 Authority Key Identifier: keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:53:02:2e:37:e5:eb:08:51:84:4f:4e:9d:ea:a8:51:16:38: bb:36:28:dc:93:1b:5c:c0:b3:40:c5:9d:35:67:d6:b9:78:61: 44:56:90:50:c2:d1:62:d5:de:1e:f3:42:ee:ef:93:28:8e:43: dd:09:86:ee:24:da:57:3e:40:c2:24:72:a4:54:4c:d8:ca:9a: 80:4b:95:99:84:b3:81:ce:bd:fb:be:37:c3:c2:36:39:b4:2a: 40:02:fd:12:9d:da:b4:d1:3c:c2:d3:cb:2b:e0:d4:5c:50:b8: 41:2e:13:19:05:44:49:4b:f4:ba:e3:f5:3b:a8:ef:eb:1f:27: 32:53:5a:bd:24:29:5c:92:de:95:fb:b0:ed:d4:fb:a6:55:63: ae:46:94:48:62:de:3d:31:74:94:73:87:c9:21:19:14:4e:36: 25:9b:ec:a4:8c:64:47:24:3a:4e:75:07:52:49:b6:2d:ad:8b: 34:c7:69:77:26:2e:bb:a2:be:b4:45:17:22:39:70:a1:a5:bc: 39:a8:09:49:95:8d:fe:e0:6e:48:ba:a3:50:44:ac:78:a4:49: 91:ba:5c:01:ec:66:af:8d:0b:ab:2e:6b:57:0b:8c:9b:88:aa: 60:5b:8e:e3:62:9c:c8:0b:69:7b:50:06:cb:57:58:83:f7:da: 6d:85:17:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG8KS1ub2Y0HPv3N6DA39MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3 MGIyNjYwHhcNMjUxMjA2MTAwMTEzWhcNMjUxMjA3MTAwMTEzWjAzMTEwLwYDVQQD EyhjZGNhNjY4MzdmNzIwM2Q3NmNkMmVjYzMyODJmZGQ5ZjZjOTQ5MmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW4k6qnNwkacZliHu9P8p6Kx8JDx ZPufCpv17TJmLCg/gLh7CDvem53/SpqjbdNaEnb4IUtmk2CqQnZSJQ3aCY0ldzLr Heach3GbLgat/B726DyILA6XZCHgz/h5etoIfF63vR0tv6WEK3CnbT9ew4nIIM0N c3htKVu50m3gfGa4Jmw+iO2qOWi2PZ6WhqdVCnXW0HwUNMhgKfhj46FCXTt6RGdu 86SD8EDn1svT6ro2Y6S4Q1a8tqkdcs4qhki+UznYOdprgLzfxp58CikNobVJlQD+ JwSe9rAZ8y5S6FFHC6990jrpTtjHFYBnqtVsJSksrkxUB48aANaKexmnqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM3KZoN/cgPXbNLswygv3Z9slJLtMB8GA1UdIwQY MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3 LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAolMCLjfl 6whRhE9OneqoURY4uzYo3JMbXMCzQMWdNWfWuXhhRFaQUMLRYtXeHvNC7u+TKI5D 3QmG7iTaVz5AwiRypFRM2MqagEuVmYSzgc69+743w8I2ObQqQAL9Ep3atNE8wtPL K+DUXFC4QS4TGQVESUv0uuP1O6jv6x8nMlNavSQpXJLelfuw7dT7plVjrkaUSGLe PTF0lHOHySEZFE42JZvspIxkRyQ6TnUHUkm2La2LNMdpdyYuu6K+tEUXIjlwoaW8 OagJSZWN/uBuSLqjUESseKRJkbpcAexmr40Lqy5rVwuMm4iqYFuO42KcyAtpe1AG y1dYg/fabYUX2A== -----END CERTIFICATE-----Generated at Sat Dec 6 14:48:25 2025 by rpki-client