This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft File: HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft (raw, json) Hash identifier: xP/JEQCFsldDZqSn0abAgOqfrai/RDDibn/81G927qA= Subject key identifier: 84:3A:74:12:F0:9A:16:B5:F0:FA:DC:5F:C3:A5:4E:90:FE:AE:2C:BA Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34 Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34 Certificate serial: 019B3F486D6AA9A7A70F8F0FA447EEC57A77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft Manifest number: 1792 Signing time: Sun 21 Dec 2025 05:01:09 +0000 Manifest this update: Sun 21 Dec 2025 05:01:09 +0000 Manifest next update: Mon 22 Dec 2025 05:01:09 +0000 Files and hashes: 1: HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl (hash: LTLcUwd22TaJlQ/59BSTSK0GuJeN8pD5lUfC1CSHe1M=) 2: HKyKcuG2QNZXVCZbzlsSYd8S3kw.roa (hash: WsComY/xpr7CRKjl1OS19nvkdUYgY57xLKmt+FoyLxs=) 3: NMYTYXjVSSW_zjS5UcL1_MJYMhw.roa (hash: sb8TB9OQXYjgHET+s0jEt1SW4MRtm0F3nj4wUyz73j8=) 4: OL6AoyvltIWrfared4b30q9zkxI.roa (hash: BCZJFaW2H8wcaghHXjKzyZLLD5xoj/h4op/UrSZpM4s=) 5: cdvkytGTuhzfI_n3jlQrgir1LVg.roa (hash: bDSSCJ1WplO8Ib0UIaI2qA5CZAt1v6VMlLCWW3FIaSk=) 6: jLAxUa8xvZ_xtGFLN3MZzH02ngY.roa (hash: 2KcY9b/rNpgICtwXDDn50o8m8wTGL/9zVFvIOuzYcZI=) 7: jwz6PrQFhFvB8Ouuwat3y2nONuA.roa (hash: TxTry85XsPky+PSHHeTZJCkAX90hbYBwkf2e2x38QSo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:6d:6a:a9:a7:a7:0f:8f:0f:a4:47:ee:c5:7a:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34 Validity Not Before: Dec 21 05:01:09 2025 GMT Not After : Dec 22 05:01:09 2025 GMT Subject: CN=843a7412f09a16b5f0fadc5fc3a54e90feae2cba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:aa:bb:1f:bd:ed:55:50:95:2d:3e:67:75:e2: 95:f4:56:34:1d:36:c4:34:89:b7:5f:aa:1f:61:3b: f4:c6:27:39:01:5d:3f:89:ee:37:b6:a9:fa:17:7b: c9:c1:8b:fa:e1:78:c5:45:6a:1f:84:ca:94:ad:2d: 65:48:2c:ad:d3:b4:86:0c:df:4e:2c:00:af:f0:ed: 6f:d5:02:2f:a8:e1:f4:60:11:28:5a:09:ca:c0:99: 99:c0:3e:c0:88:97:f9:f6:96:71:c5:29:76:c7:1f: 66:3d:eb:40:8b:ef:89:50:aa:bb:54:72:b8:6c:09: 87:f0:89:58:b7:d6:70:8c:ec:88:9e:9b:19:e4:62: c9:28:19:17:93:64:e4:5e:46:67:42:ee:9b:d2:b7: 9b:2a:cb:00:bb:23:92:2d:85:fb:d5:72:33:8e:67: 9f:76:ce:c1:38:51:d6:d4:b9:dc:a6:f0:f1:f5:6a: 3a:14:0c:6c:22:e3:2f:c6:54:4b:71:6f:72:f2:06: 9c:c0:c2:c3:05:30:72:6d:60:e9:7b:30:33:7e:5d: 62:59:54:5a:fa:22:b9:1a:bc:8f:08:a4:de:da:1d: 1a:1f:71:b1:9e:07:6c:f0:66:91:4c:f2:4a:05:e6: f3:b3:89:2b:88:5e:c9:5b:c7:b1:cb:13:08:af:37: 0a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:3A:74:12:F0:9A:16:B5:F0:FA:DC:5F:C3:A5:4E:90:FE:AE:2C:BA X509v3 Authority Key Identifier: keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:b7:82:26:2a:9c:e0:db:95:48:2e:d8:86:e8:f9:f2:89:13: 1d:33:11:fd:d1:2c:ed:2b:13:6d:7b:a2:5d:c3:7a:b2:a0:07: 0d:d9:4d:ef:db:0a:10:c9:8e:33:6c:19:ce:34:9d:0a:77:48: a3:c1:cc:b6:37:21:69:f3:f8:59:4b:e4:4d:de:10:fb:04:19: 7f:c2:79:b1:2e:fe:0b:1f:43:ca:ac:35:99:df:3d:be:41:ed: e7:30:31:4e:05:6d:9b:8e:6b:a9:43:cb:96:9d:8e:de:81:45: ff:9b:56:b3:1c:23:b9:dc:b7:c4:92:ce:dd:30:dc:90:b6:9f: 26:37:1a:fa:4b:97:35:20:1d:b5:c5:90:29:fb:32:12:e6:97: 19:f7:89:dc:02:44:85:22:72:42:5e:9e:7d:31:91:3b:b8:b0: 41:55:e9:fe:6c:a8:b3:be:07:0b:65:ee:fc:43:b1:55:83:a5: aa:b7:4c:9f:4f:0a:ef:e9:e0:20:79:78:4e:39:0a:ec:07:53: 1b:89:93:81:89:29:8c:01:79:1f:a2:61:eb:8e:3c:de:f5:a9: 64:e3:4b:3a:a1:43:95:46:86:2f:2a:4f:cf:a5:1e:8f:69:4b: 7e:8d:9b:05:00:0e:d7:da:6a:de:ba:14:ce:1e:03:fd:86:35: 8d:1f:5b:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SG1qqaenD48PpEfuxXp3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2 ZWFjMzQwHhcNMjUxMjIxMDUwMTA5WhcNMjUxMjIyMDUwMTA5WjAzMTEwLwYDVQQD Eyg4NDNhNzQxMmYwOWExNmI1ZjBmYWRjNWZjM2E1NGU5MGZlYWUyY2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6q7H73tVVCVLT5ndeKV9FY0HTbE NIm3X6ofYTv0xic5AV0/ie43tqn6F3vJwYv64XjFRWofhMqUrS1lSCyt07SGDN9O LACv8O1v1QIvqOH0YBEoWgnKwJmZwD7AiJf59pZxxSl2xx9mPetAi++JUKq7VHK4 bAmH8IlYt9ZwjOyInpsZ5GLJKBkXk2TkXkZnQu6b0rebKssAuyOSLYX71XIzjmef ds7BOFHW1LncpvDx9Wo6FAxsIuMvxlRLcW9y8gacwMLDBTBybWDpezAzfl1iWVRa +iK5GryPCKTe2h0aH3Gxngds8GaRTPJKBebzs4kriF7JW8exyxMIrzcKPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIQ6dBLwmha18PrcX8OlTpD+riy6MB8GA1UdIwQY MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt YTk3NjVlZGM3OTVjLzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLeCJiqc 4NuVSC7Yhuj58okTHTMR/dEs7SsTbXuiXcN6sqAHDdlN79sKEMmOM2wZzjSdCndI o8HMtjchafP4WUvkTd4Q+wQZf8J5sS7+Cx9Dyqw1md89vkHt5zAxTgVtm45rqUPL lp2O3oFF/5tWsxwjudy3xJLO3TDckLafJjca+kuXNSAdtcWQKfsyEuaXGfeJ3AJE hSJyQl6efTGRO7iwQVXp/myos74HC2Xu/EOxVYOlqrdMn08K7+ngIHl4TjkK7AdT G4mTgYkpjAF5H6Jh64483vWpZONLOqFDlUaGLypPz6Uej2lLfo2bBQAO19pq3roU zh4D/YY1jR9bVQ== -----END CERTIFICATE-----Generated at Sun Dec 21 11:30:07 2025 by rpki-client