This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft File: hGzXvBkUIFasr5VzyqGvjehxgVY.mft (raw, json) Hash identifier: u1D/t37sqGj2LYSqlf5DJ371TRa1xNf2qpEM8SPKU7Q= Subject key identifier: 2D:FC:6E:D5:08:89:D1:D2:BD:72:5E:0C:0E:BC:D2:92:4E:14:37:01 Authority key identifier: 84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56 Certificate issuer: /CN=846cd7bc19142056acaf9573caa1af8de8718156 Certificate serial: 019B3F11E0BDDA7735D40B2B78752CB3CEA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft Manifest number: 02D5 Signing time: Sun 21 Dec 2025 04:01:34 +0000 Manifest this update: Sun 21 Dec 2025 04:01:34 +0000 Manifest next update: Mon 22 Dec 2025 04:01:34 +0000 Files and hashes: 1: O5dJ1P8qPLvqN1TFZCJv-BCHVwE.roa (hash: 3xRQqmBaiPMEC6+BvwWE12p1a9per8d/4WLoxHZdLwY=) 2: hGzXvBkUIFasr5VzyqGvjehxgVY.crl (hash: DOB/MiEi7ZrczQLXo1fg9+otQUyZNzb27A8URL/KMac=) 3: hs1Ttmuuy8oKm2rJqVYgyDXaPIw.roa (hash: Byo6rO4TnKOVrKw6LlKH8flPLRHULJLiFuZMsf82Wv4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:11:e0:bd:da:77:35:d4:0b:2b:78:75:2c:b3:ce:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=846cd7bc19142056acaf9573caa1af8de8718156 Validity Not Before: Dec 21 04:01:34 2025 GMT Not After : Dec 22 04:01:34 2025 GMT Subject: CN=2dfc6ed50889d1d2bd725e0c0ebcd2924e143701 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:8e:27:ff:c6:fc:a6:ca:db:bb:b3:74:ea:78: 69:58:2a:9c:86:6e:c5:0c:a6:83:1a:db:49:af:da: e7:64:fe:9b:91:2b:a7:5b:a4:a2:98:23:da:68:64: 4d:88:53:af:f0:fd:80:79:ca:84:c5:fb:71:fd:2a: c0:5d:84:85:7d:43:2b:28:91:d8:fe:90:0a:bc:31: 3e:36:68:6a:5c:c7:c9:46:a0:85:50:2d:1f:5a:20: f2:c8:a6:52:d9:90:e4:d3:7e:8d:eb:9a:a0:17:bf: eb:0c:06:c6:4d:6d:2f:d8:eb:ac:b6:18:a3:19:92: b3:1a:3d:25:6f:81:40:83:8d:c3:14:23:5c:33:e3: 58:3a:93:6d:73:cf:6b:9f:25:fc:a0:6d:0a:a0:c9: ee:55:7e:52:21:ba:0f:3f:e1:76:8e:c4:3e:44:7b: 70:37:1d:ad:71:8a:1e:d7:ff:bc:b9:52:75:76:05: 63:df:56:98:16:57:18:d2:52:4b:ad:ce:66:f3:12: 02:27:a6:53:2b:53:06:d7:81:37:e5:62:ef:29:5c: 36:32:7c:02:37:9c:58:67:8b:2a:15:75:96:d4:0a: 2c:6e:01:ab:1e:a9:5c:a8:41:d3:63:66:db:1b:e8: a7:85:e0:43:f8:cb:5a:72:c3:17:10:b9:8b:59:54: c3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:FC:6E:D5:08:89:D1:D2:BD:72:5E:0C:0E:BC:D2:92:4E:14:37:01 X509v3 Authority Key Identifier: keyid:84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:47:75:ac:e5:e9:0d:05:92:d5:48:27:33:f9:6d:ce:11:d6: 9c:06:15:af:93:65:e7:31:dc:b2:84:62:11:af:91:37:5e:07: 12:12:b5:e4:09:02:f3:ec:75:f3:73:8c:77:93:09:9d:03:fd: 14:6d:29:4b:36:8a:35:bb:e4:c5:d9:8e:9e:13:88:d0:58:40: 19:32:19:2b:34:eb:ec:01:f7:f9:f7:4e:16:d2:95:88:d6:7e: 20:0d:fc:fc:6a:99:9a:6a:14:71:b8:20:81:07:22:58:86:7b: ab:42:ea:a7:f2:7e:6f:e5:a8:dc:ca:c1:8b:fa:78:11:53:c1: ef:d8:cc:ee:e9:3d:e0:9f:0b:be:b2:86:2e:55:15:c8:6c:83: 0c:88:2b:d5:58:6b:f4:8d:57:45:b0:f8:01:15:47:71:4f:9f: dd:99:b7:d6:60:85:81:27:2f:8d:76:32:16:b1:15:02:18:aa: dd:74:5f:a7:0c:07:94:fb:cb:da:9a:02:2c:7e:06:44:66:fa: 98:7d:e9:71:db:82:02:04:79:f1:96:80:e3:cc:25:db:f9:9f: 43:cb:2b:2e:0b:25:c9:38:89:9f:3a:19:98:67:ed:16:40:96: 53:3f:55:b2:aa:8b:6f:7b:52:06:25:5e:96:a8:8c:0f:b2:23: e3:4c:c1:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/EeC92nc11AsreHUss86mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NmNkN2JjMTkxNDIwNTZhY2FmOTU3M2NhYTFhZjhkZTg3 MTgxNTYwHhcNMjUxMjIxMDQwMTM0WhcNMjUxMjIyMDQwMTM0WjAzMTEwLwYDVQQD EygyZGZjNmVkNTA4ODlkMWQyYmQ3MjVlMGMwZWJjZDI5MjRlMTQzNzAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm44n/8b8psrbu7N06nhpWCqchm7F DKaDGttJr9rnZP6bkSunW6SimCPaaGRNiFOv8P2AecqExftx/SrAXYSFfUMrKJHY /pAKvDE+NmhqXMfJRqCFUC0fWiDyyKZS2ZDk036N65qgF7/rDAbGTW0v2Ousthij GZKzGj0lb4FAg43DFCNcM+NYOpNtc89rnyX8oG0KoMnuVX5SIboPP+F2jsQ+RHtw Nx2tcYoe1/+8uVJ1dgVj31aYFlcY0lJLrc5m8xICJ6ZTK1MG14E35WLvKVw2MnwC N5xYZ4sqFXWW1AosbgGrHqlcqEHTY2bbG+inheBD+MtacsMXELmLWVTD6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC38btUIidHSvXJeDA680pJOFDcBMB8GA1UdIwQY MBaAFIRs17wZFCBWrK+Vc8qhr43ocYFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMt ZDE5NTlmM2UyZjc2LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMtZDE5NTlmM2UyZjc2 LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0d1rOXp DQWS1UgnM/ltzhHWnAYVr5Nl5zHcsoRiEa+RN14HEhK15AkC8+x183OMd5MJnQP9 FG0pSzaKNbvkxdmOnhOI0FhAGTIZKzTr7AH3+fdOFtKViNZ+IA38/GqZmmoUcbgg gQciWIZ7q0Lqp/J+b+Wo3MrBi/p4EVPB79jM7uk94J8LvrKGLlUVyGyDDIgr1Vhr 9I1XRbD4ARVHcU+f3Zm31mCFgScvjXYyFrEVAhiq3XRfpwwHlPvL2poCLH4GRGb6 mH3pcduCAgR58ZaA48wl2/mfQ8srLgslyTiJnzoZmGftFkCWUz9VsqqLb3tSBiVe lqiMD7Ij40zBUQ== -----END CERTIFICATE-----Generated at Sun Dec 21 13:41:34 2025 by rpki-client