This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft File: Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json) Hash identifier: 4ANtADgwm+dLTDer+7zryoBZJB7Yt3WwSvQ/Shh6Em4= Subject key identifier: 0F:BA:4B:8F:B2:2D:DB:EA:89:A8:AA:2A:4E:46:58:AD:96:9B:BD:DD Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48 Certificate issuer: /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48 Certificate serial: 019BADCA9A77519E7C458CBB5A1F1B870A12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft Manifest number: 17C0 Signing time: Sun 11 Jan 2026 16:01:34 +0000 Manifest this update: Sun 11 Jan 2026 16:01:34 +0000 Manifest next update: Mon 12 Jan 2026 16:01:34 +0000 Files and hashes: 1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 8/q1wr8hsdKexlTm7ctXVec0/ONpS7Wtqmt9/mmobAw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ad:ca:9a:77:51:9e:7c:45:8c:bb:5a:1f:1b:87:0a:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48 Validity Not Before: Jan 11 16:01:34 2026 GMT Not After : Jan 12 16:01:34 2026 GMT Subject: CN=0fba4b8fb22ddbea89a8aa2a4e4658ad969bbddd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c8:02:61:f9:93:50:58:74:a9:a7:20:86:f8: 59:40:2e:ca:87:5a:81:c9:b4:4b:60:e6:8b:cf:f9: b6:50:d3:79:bd:e2:0b:9a:f2:db:17:04:65:00:ac: e4:93:bb:84:2c:f1:55:b4:07:d7:40:f8:c3:2d:1f: 91:91:98:ec:7e:82:3b:d1:64:cb:66:28:c3:32:a1: 37:25:7f:67:cb:d8:be:8b:b3:f1:69:2d:7c:15:b2: e3:0c:ca:bd:a5:fa:80:24:87:6f:6d:5b:7a:2a:73: 02:40:0c:e7:91:02:b4:46:01:c9:15:f1:93:e8:55: 23:11:72:11:4b:f9:05:c4:7d:37:61:60:d3:10:31: bb:78:d8:24:21:12:67:f6:90:92:7e:39:84:30:1e: 60:2b:cc:bf:86:31:c8:ab:f0:3c:8c:38:06:bd:a1: 9e:2d:e6:f7:66:60:67:e1:46:20:91:df:99:29:5a: 2c:ed:39:b7:3a:90:86:38:ed:44:8d:cf:87:39:f4: 8c:d0:a5:7a:c2:d2:40:9a:b7:8c:a6:c9:90:c9:1d: db:26:bb:a9:6f:4c:ee:c4:b5:85:8d:78:dd:cb:2b: 86:6a:a5:2b:58:1d:0f:ac:e7:d7:2d:f9:ea:af:4d: 49:66:ff:8d:c7:43:4d:d2:18:30:62:40:0e:8e:24: 09:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:BA:4B:8F:B2:2D:DB:EA:89:A8:AA:2A:4E:46:58:AD:96:9B:BD:DD X509v3 Authority Key Identifier: keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:07:27:0e:46:be:2c:19:7d:6f:02:68:22:3f:33:36:ed:7e: c0:1c:41:66:8a:47:85:03:bc:f3:0f:44:b6:a4:4a:f4:3e:4a: 05:0a:44:23:5a:bb:74:14:56:d5:17:e5:d8:f6:d9:c1:fa:e8: 6e:6b:2b:7f:ec:41:75:94:d6:29:8f:24:b9:c3:8a:ab:5b:27: 4f:b1:79:d5:71:7c:e2:23:4b:10:e2:00:59:ba:14:ec:d6:6a: 45:3f:9d:52:9c:44:ad:0d:b0:78:59:b2:be:e2:5b:43:48:14: ca:31:05:27:3b:7d:7f:b6:8e:30:db:a8:9b:1a:ca:31:e5:01: ba:45:1f:76:9e:81:d2:a2:0b:19:bf:e4:a3:3d:5b:48:21:5d: 8b:5d:d2:56:38:6c:27:ff:84:58:99:6a:14:78:31:e4:db:8b: 06:d9:87:ae:50:bc:e7:35:fa:17:a8:ad:34:57:24:45:d0:00: f5:50:a9:d6:10:ca:ec:6f:12:7a:d8:db:a8:86:a5:69:a5:fb: 18:38:26:bf:15:71:99:02:13:4e:cc:fc:aa:a8:f1:32:1f:58: ce:13:c8:48:da:d7:ea:90:e4:e6:69:0b:71:b0:27:7b:97:74: a6:93:59:2a:9e:97:82:d8:4e:94:bf:2c:83:5e:dc:d4:00:60: 0a:e9:1b:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZutypp3UZ58RYy7Wh8bhwoSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2 NGRmNDgwHhcNMjYwMTExMTYwMTM0WhcNMjYwMTEyMTYwMTM0WjAzMTEwLwYDVQQD EygwZmJhNGI4ZmIyMmRkYmVhODlhOGFhMmE0ZTQ2NThhZDk2OWJiZGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMgCYfmTUFh0qacghvhZQC7Kh1qB ybRLYOaLz/m2UNN5veILmvLbFwRlAKzkk7uELPFVtAfXQPjDLR+RkZjsfoI70WTL ZijDMqE3JX9ny9i+i7PxaS18FbLjDMq9pfqAJIdvbVt6KnMCQAznkQK0RgHJFfGT 6FUjEXIRS/kFxH03YWDTEDG7eNgkIRJn9pCSfjmEMB5gK8y/hjHIq/A8jDgGvaGe Leb3ZmBn4UYgkd+ZKVos7Tm3OpCGOO1Ejc+HOfSM0KV6wtJAmreMpsmQyR3bJrup b0zuxLWFjXjdyyuGaqUrWB0PrOfXLfnqr01JZv+Nx0NN0hgwYkAOjiQJiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA+6S4+yLdvqiaiqKk5GWK2Wm73dMB8GA1UdIwQY MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZQcnDka+ LBl9bwJoIj8zNu1+wBxBZopHhQO88w9EtqRK9D5KBQpEI1q7dBRW1Rfl2PbZwfro bmsrf+xBdZTWKY8kucOKq1snT7F51XF84iNLEOIAWboU7NZqRT+dUpxErQ2weFmy vuJbQ0gUyjEFJzt9f7aOMNuomxrKMeUBukUfdp6B0qILGb/koz1bSCFdi13SVjhs J/+EWJlqFHgx5NuLBtmHrlC85zX6F6itNFckRdAA9VCp1hDK7G8SetjbqIalaaX7 GDgmvxVxmQITTsz8qqjxMh9YzhPISNrX6pDk5mkLcbAne5d0ppNZKp6XgthOlL8s g17c1ABgCukbnQ== -----END CERTIFICATE-----Generated at Sun Jan 11 19:55:41 2026 by rpki-client