This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json) Hash identifier: hXetAwLu4ueBH/NGJVpLzyfK7bm6/m9Bjeh/i4EF7nw= Subject key identifier: AC:F8:5D:68:EE:59:1F:50:15:E7:6C:89:02:46:29:50:17:B7:47:CC Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0 Certificate serial: 019B51F2F1DA7D3EDFD4ED5ACFE0178061A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft Manifest number: 1795 Signing time: Wed 24 Dec 2025 20:00:34 +0000 Manifest this update: Wed 24 Dec 2025 20:00:34 +0000 Manifest next update: Thu 25 Dec 2025 20:00:34 +0000 Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: L77s8LL3TXMNmw+/cti3q4Qvh5QQCPP3nQt70QAp6Uc=) 2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:f2:f1:da:7d:3e:df:d4:ed:5a:cf:e0:17:80:61:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0 Validity Not Before: Dec 24 20:00:34 2025 GMT Not After : Dec 25 20:00:34 2025 GMT Subject: CN=acf85d68ee591f5015e76c890246295017b747cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:49:e6:f8:ae:65:60:46:5a:8b:16:3c:87:aa: e3:83:dc:58:ca:8d:c9:1d:00:1c:57:8d:4e:f6:0f: 10:a7:64:e4:2c:84:e5:20:64:79:91:04:9e:1a:c7: e3:f5:01:b4:49:c6:9b:5e:f0:d8:26:bf:40:bf:64: f5:e4:1f:42:eb:2b:ab:e2:f4:25:55:70:8a:c4:fc: 3f:38:63:9b:1b:ca:bb:c4:ac:86:43:bd:a6:28:00: 61:cc:8a:40:80:5a:f6:ae:7e:06:09:1c:36:18:80: 8b:43:5c:77:41:86:ec:b3:e1:e7:04:f6:a7:01:68: a1:da:73:5c:20:e7:7a:31:e8:69:7c:f5:db:0f:cf: 7b:2a:e9:a6:4f:15:af:09:06:c6:1b:cb:5c:6e:ad: 3c:ec:03:9a:91:84:8e:8c:55:98:7d:a5:30:54:1b: a8:eb:91:d6:6e:0d:87:c6:e9:5b:b6:c8:95:34:66: 57:cc:2d:4f:fb:06:60:87:57:8f:97:e1:32:eb:b9: 7b:68:83:50:73:84:b8:e3:bc:e2:1a:8f:bd:23:17: 0c:fe:c1:69:47:48:0c:27:f6:67:f4:ae:27:23:39: a5:c2:a0:58:a2:62:74:2f:c6:8a:93:be:13:ca:15: d4:d7:bf:1a:b3:37:d9:ad:4c:5d:17:e5:8c:53:32: f9:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:F8:5D:68:EE:59:1F:50:15:E7:6C:89:02:46:29:50:17:B7:47:CC X509v3 Authority Key Identifier: keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:0e:26:b2:c0:25:09:6f:b5:f5:5a:aa:59:8f:d7:71:ca:8a: 84:cb:3d:b5:87:d6:93:b7:e0:a9:bb:32:f0:f4:c4:90:ce:a0: 3c:17:78:ae:c8:97:f3:d0:5f:c6:6d:6b:46:b8:9e:42:02:4e: 3c:1b:bf:f1:aa:3e:f3:cf:c5:ec:d5:c4:5a:3a:22:1f:59:9a: d3:1b:ba:83:4d:bb:98:18:68:b4:5e:4d:53:f7:9f:15:84:4f: 1e:be:e8:a1:c6:71:35:88:8c:40:f2:55:22:b3:02:3b:d9:0b: f7:49:44:1b:12:09:4e:d7:c0:52:05:a3:49:65:81:90:0c:64: ba:cb:75:74:b2:4e:ef:82:c2:c4:d4:71:4a:c1:d3:d8:c3:ad: 3c:b9:27:6b:55:06:f3:05:9a:3a:06:a5:b4:5c:e4:3a:3a:8c: 44:ec:1d:1d:30:d0:36:2d:c2:bb:07:64:40:90:c9:7d:b9:45: 52:a4:64:62:ad:42:fe:a4:77:fa:33:a6:c9:76:f3:42:7d:b2: 18:3a:3b:90:76:20:b7:ba:4f:0c:36:9e:b3:cd:94:6b:0e:18: 1d:73:a3:b0:b9:c7:5d:bc:b8:cf:2c:af:a7:89:f9:ae:c1:c6: 16:c0:b1:46:dc:3c:82:da:8d:c4:24:96:2c:48:af:f1:65:04: 41:15:05:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtR8vHafT7f1O1az+AXgGGpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1 NWRlZTAwHhcNMjUxMjI0MjAwMDM0WhcNMjUxMjI1MjAwMDM0WjAzMTEwLwYDVQQD EyhhY2Y4NWQ2OGVlNTkxZjUwMTVlNzZjODkwMjQ2Mjk1MDE3Yjc0N2NjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUnm+K5lYEZaixY8h6rjg9xYyo3J HQAcV41O9g8Qp2TkLITlIGR5kQSeGsfj9QG0ScabXvDYJr9Av2T15B9C6yur4vQl VXCKxPw/OGObG8q7xKyGQ72mKABhzIpAgFr2rn4GCRw2GICLQ1x3QYbss+HnBPan AWih2nNcIOd6MehpfPXbD897KummTxWvCQbGG8tcbq087AOakYSOjFWYfaUwVBuo 65HWbg2HxulbtsiVNGZXzC1P+wZgh1ePl+Ey67l7aINQc4S447ziGo+9IxcM/sFp R0gMJ/Zn9K4nIzmlwqBYomJ0L8aKk74TyhXU178aszfZrUxdF+WMUzL5TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKz4XWjuWR9QFedsiQJGKVAXt0fMMB8GA1UdIwQY MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJg4mssAl CW+19VqqWY/XccqKhMs9tYfWk7fgqbsy8PTEkM6gPBd4rsiX89Bfxm1rRrieQgJO PBu/8ao+88/F7NXEWjoiH1ma0xu6g027mBhotF5NU/efFYRPHr7oocZxNYiMQPJV IrMCO9kL90lEGxIJTtfAUgWjSWWBkAxkust1dLJO74LCxNRxSsHT2MOtPLkna1UG 8wWaOgaltFzkOjqMROwdHTDQNi3CuwdkQJDJfblFUqRkYq1C/qR3+jOmyXbzQn2y GDo7kHYgt7pPDDaes82Uaw4YHXOjsLnHXby4zyyvp4n5rsHGFsCxRtw8gtqNxCSW LEiv8WUEQRUFxg== -----END CERTIFICATE-----Generated at Thu Dec 25 01:23:32 2025 by rpki-client