This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft File: HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json) Hash identifier: BJWcrhPlpvoTb8z92Ws2mPAsYv1aY0VGNUlGCj5LKbY= Subject key identifier: C6:E8:55:63:F3:54:F3:6E:AA:4D:00:2A:F1:94:23:73:FB:07:E4:AA Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D Certificate issuer: /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d Certificate serial: 019B627905C0229881E58CF31C45F8E26E3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft Manifest number: 0C67 Signing time: Sun 28 Dec 2025 01:00:57 +0000 Manifest this update: Sun 28 Dec 2025 01:00:57 +0000 Manifest next update: Mon 29 Dec 2025 01:00:57 +0000 Files and hashes: 1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: IYb0ZDgdxpq6XnHP5gRzsyTrPxu3x0WhyPWxq49uymU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:62:79:05:c0:22:98:81:e5:8c:f3:1c:45:f8:e2:6e:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d Validity Not Before: Dec 28 01:00:57 2025 GMT Not After : Dec 29 01:00:57 2025 GMT Subject: CN=c6e85563f354f36eaa4d002af1942373fb07e4aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:00:07:b8:0d:29:f7:1c:51:82:83:9b:76:6c: b6:0c:fb:62:6d:7a:30:1a:51:15:96:f1:32:7d:0e: 24:93:40:e5:a5:51:40:ca:7f:35:e6:f4:79:a3:2f: 1b:8f:7f:ea:6f:9c:d4:b8:a2:49:39:90:64:41:23: 08:79:68:c5:08:44:b2:c3:28:10:2f:87:e0:02:58: a9:97:a2:d8:07:cd:6c:32:d7:0e:49:c3:0f:31:b0: 32:ea:f5:8f:20:18:6a:4b:c6:10:e7:2c:0c:47:51: a9:db:18:50:b4:45:20:f1:ff:f6:ff:8e:df:a1:11: 21:95:d6:03:c8:26:35:da:ad:1f:3d:01:c4:13:a0: fe:8b:53:61:61:a8:c4:6b:dd:d8:13:e7:b6:70:88: c4:0f:b3:5f:29:63:52:3c:30:e7:ea:65:14:5c:15: 5d:05:fa:00:e4:b9:d5:d3:66:f0:14:3a:2c:4f:74: d1:4b:80:27:3f:00:d4:76:12:37:72:3e:e5:f4:ce: bf:cc:12:6f:eb:af:f2:a6:4b:40:1d:2e:b3:d8:1d: 3c:72:b3:d2:7b:92:90:0b:24:1e:a6:9b:8b:e3:01: b1:e9:d3:84:b7:ee:3d:f5:de:65:37:63:cf:25:0f: 23:43:79:8c:bc:bf:5d:6a:16:51:99:48:f1:1f:07: 54:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:E8:55:63:F3:54:F3:6E:AA:4D:00:2A:F1:94:23:73:FB:07:E4:AA X509v3 Authority Key Identifier: keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:dc:ae:8a:3b:30:20:a4:42:11:96:c6:6d:6d:24:2b:17:b0: cf:c6:be:38:d3:2e:d3:f8:5d:b3:73:85:7a:2b:31:32:c6:6f: a2:27:30:ff:57:69:d6:35:67:99:db:7f:d9:62:75:b7:80:7d: 28:74:59:71:2e:ef:e6:19:e3:f7:2f:f7:2c:48:6a:6a:d5:66: f7:2c:4b:02:16:ad:0b:3c:13:6b:cc:1b:35:9c:55:72:52:98: a5:e5:95:46:ab:90:0e:d1:87:3e:a4:42:bb:08:5d:63:fc:07: fa:da:1a:64:12:a3:c6:dd:66:d8:c8:e2:97:2b:d5:83:59:44: 04:70:f1:ef:79:3d:ed:65:b0:55:45:df:5b:cb:a6:fc:ec:e8: 5f:f0:bd:7f:26:58:9d:a7:ee:29:0c:2f:63:6c:65:f9:5c:06: 76:1b:b3:47:d0:a4:67:8f:78:ff:73:a7:78:b9:84:25:02:4b: a9:70:7c:3c:1c:85:69:11:9e:d5:a6:cd:86:ae:31:21:c6:8f: f8:f1:24:7a:01:4c:61:28:ac:44:54:f3:d0:8e:e3:f2:7c:a4: 73:40:f3:07:38:46:ef:b7:3a:1b:e2:70:b0:31:38:14:e6:28: 55:54:b3:58:a5:41:50:4f:c7:94:6d:34:66:7a:34:66:70:2a: e8:c8:32:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtieQXAIpiB5YzzHEX44m48MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0 MzgzNWQwHhcNMjUxMjI4MDEwMDU3WhcNMjUxMjI5MDEwMDU3WjAzMTEwLwYDVQQD EyhjNmU4NTU2M2YzNTRmMzZlYWE0ZDAwMmFmMTk0MjM3M2ZiMDdlNGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wAHuA0p9xxRgoObdmy2DPtibXow GlEVlvEyfQ4kk0DlpVFAyn815vR5oy8bj3/qb5zUuKJJOZBkQSMIeWjFCESywygQ L4fgAlipl6LYB81sMtcOScMPMbAy6vWPIBhqS8YQ5ywMR1Gp2xhQtEUg8f/2/47f oREhldYDyCY12q0fPQHEE6D+i1NhYajEa93YE+e2cIjED7NfKWNSPDDn6mUUXBVd BfoA5LnV02bwFDosT3TRS4AnPwDUdhI3cj7l9M6/zBJv66/ypktAHS6z2B08crPS e5KQCyQeppuL4wGx6dOEt+499d5lN2PPJQ8jQ3mMvL9dahZRmUjxHwdUawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMboVWPzVPNuqk0AKvGUI3P7B+SqMB8GA1UdIwQY MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0 LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdNyuijsw IKRCEZbGbW0kKxewz8a+ONMu0/hds3OFeisxMsZvoicw/1dp1jVnmdt/2WJ1t4B9 KHRZcS7v5hnj9y/3LEhqatVm9yxLAhatCzwTa8wbNZxVclKYpeWVRquQDtGHPqRC uwhdY/wH+toaZBKjxt1m2MjilyvVg1lEBHDx73k97WWwVUXfW8um/OzoX/C9fyZY nafuKQwvY2xl+VwGdhuzR9CkZ494/3OneLmEJQJLqXB8PByFaRGe1abNhq4xIcaP +PEkegFMYSisRFTz0I7j8nykc0DzBzhG77c6G+JwsDE4FOYoVVSzWKVBUE/HlG00 Zno0ZnAq6Mgyrg== -----END CERTIFICATE-----Generated at Sun Dec 28 07:31:03 2025 by rpki-client