This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json) Hash identifier: 9+UEW1nG3VJ00FOpDDjMH0izCYjgyEhvP0oLHsSPzEg= Subject key identifier: 25:77:90:9A:67:D9:4B:CD:A4:27:FA:06:04:D9:EB:F1:76:8A:06:A7 Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a Certificate serial: 019B766DA12A96DB74FA0C57D0ACDAFD03D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft Manifest number: 12A5 Signing time: Wed 31 Dec 2025 22:00:54 +0000 Manifest this update: Wed 31 Dec 2025 22:00:54 +0000 Manifest next update: Thu 01 Jan 2026 22:00:54 +0000 Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: FbpXqykA1moJpIrw4I3UtsdBNeOyuv2PSaX5zXSCpdU=) 2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:6d:a1:2a:96:db:74:fa:0c:57:d0:ac:da:fd:03:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a Validity Not Before: Dec 31 22:00:54 2025 GMT Not After : Jan 1 22:00:54 2026 GMT Subject: CN=2577909a67d94bcda427fa0604d9ebf1768a06a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:41:db:ac:6a:39:77:d7:b1:bd:5b:ce:a2:21: 39:9f:e0:5f:5e:8f:ee:af:65:b3:f5:53:6e:f6:2f: 9c:38:2d:d9:b2:75:23:84:c0:7c:54:c1:90:7c:6c: e0:87:fe:b3:d9:00:4b:3e:2d:1a:ae:2e:5b:47:b9: 5a:f0:5e:a5:f4:aa:df:12:2c:5e:36:b2:6f:fd:c7: ff:c8:b1:d7:f5:70:a3:7c:7d:01:e3:32:18:a2:ee: 55:62:c5:b8:1e:90:65:53:35:ef:b0:87:82:0b:ca: bf:e7:81:2c:22:34:4b:03:5e:21:04:a2:82:7f:71: 8a:7d:e9:22:c8:2d:b6:07:8a:0d:89:66:ee:df:c1: 87:91:61:eb:7d:cc:fd:4a:07:c8:8a:db:7a:ac:45: 04:64:a4:08:7c:11:d6:0b:01:44:0f:dd:69:87:f2: 09:71:a1:12:86:75:0e:23:88:51:77:8b:20:87:e8: 74:40:2d:25:97:05:29:c0:e2:c0:cc:30:09:35:ba: cb:bc:ba:44:87:16:50:76:7d:7d:3e:22:37:39:c6: 17:27:8a:1a:64:51:c0:d6:84:18:a4:36:d3:db:50: 5b:ba:2b:fd:27:10:a6:f6:d6:d2:99:2d:7a:17:fe: 70:47:5b:d6:18:d3:8a:79:8b:c2:ed:51:19:73:40: 3e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:77:90:9A:67:D9:4B:CD:A4:27:FA:06:04:D9:EB:F1:76:8A:06:A7 X509v3 Authority Key Identifier: keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:78:a5:bb:66:3d:da:1d:1b:a3:8e:78:a9:ef:82:4f:ae:26: c6:6e:ae:02:f5:d2:d2:f4:c7:bd:8a:33:cd:25:bd:34:06:a0: 46:2a:8f:4e:c9:05:df:8b:5b:5f:32:29:08:a3:38:8e:0b:33: 72:9e:c8:b4:22:e6:f5:aa:5a:46:8b:93:77:49:ff:56:da:cc: 86:51:d4:26:94:1d:8c:5a:56:1f:f7:7e:c9:b4:e0:d5:33:c6: ce:b4:66:1f:4e:13:6e:e7:11:28:2f:4f:81:0b:4e:4e:68:dc: 6e:14:11:73:43:6a:09:82:10:14:ea:bd:89:b6:19:1f:d1:b8: 17:7a:f5:80:4d:89:7f:c5:b7:18:95:34:5a:8a:16:6b:90:2b: 40:63:e7:18:4f:86:af:05:ad:d1:4e:0f:fd:ad:52:6c:e3:dc: da:4e:3f:d4:ab:80:67:05:27:12:35:22:3a:d9:9d:c5:50:a6: 4d:44:06:c1:a1:38:33:03:83:a2:db:b3:d5:4b:cf:ab:2a:15: 71:3b:ed:29:93:a9:b2:84:c5:43:54:b4:2b:48:7f:46:0e:f7: f9:c1:c6:99:8f:e6:85:28:46:4c:1d:f2:47:aa:4b:22:48:eb: 19:52:1c:16:e6:b9:a6:3c:eb:74:f0:0f:9c:5e:45:e8:de:ba: c0:d5:a9:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt2baEqltt0+gxX0Kza/QPZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0 MTJmMmEwHhcNMjUxMjMxMjIwMDU0WhcNMjYwMTAxMjIwMDU0WjAzMTEwLwYDVQQD EygyNTc3OTA5YTY3ZDk0YmNkYTQyN2ZhMDYwNGQ5ZWJmMTc2OGEwNmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0HbrGo5d9exvVvOoiE5n+BfXo/u r2Wz9VNu9i+cOC3ZsnUjhMB8VMGQfGzgh/6z2QBLPi0ari5bR7la8F6l9KrfEixe NrJv/cf/yLHX9XCjfH0B4zIYou5VYsW4HpBlUzXvsIeCC8q/54EsIjRLA14hBKKC f3GKfekiyC22B4oNiWbu38GHkWHrfcz9SgfIitt6rEUEZKQIfBHWCwFED91ph/IJ caEShnUOI4hRd4sgh+h0QC0llwUpwOLAzDAJNbrLvLpEhxZQdn19PiI3OcYXJ4oa ZFHA1oQYpDbT21Bbuiv9JxCm9tbSmS16F/5wR1vWGNOKeYvC7VEZc0A+1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCV3kJpn2UvNpCf6BgTZ6/F2iganMB8GA1UdIwQY MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhHilu2Y9 2h0bo454qe+CT64mxm6uAvXS0vTHvYozzSW9NAagRiqPTskF34tbXzIpCKM4jgsz cp7ItCLm9apaRouTd0n/VtrMhlHUJpQdjFpWH/d+ybTg1TPGzrRmH04TbucRKC9P gQtOTmjcbhQRc0NqCYIQFOq9ibYZH9G4F3r1gE2Jf8W3GJU0WooWa5ArQGPnGE+G rwWt0U4P/a1SbOPc2k4/1KuAZwUnEjUiOtmdxVCmTUQGwaE4MwODotuz1UvPqyoV cTvtKZOpsoTFQ1S0K0h/Rg73+cHGmY/mhShGTB3yR6pLIkjrGVIcFua5pjzrdPAP nF5F6N66wNWpag== -----END CERTIFICATE-----Generated at Wed Dec 31 23:30:08 2025 by rpki-client