This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft File: hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json) Hash identifier: cR8OIYvYd2EipySryGzjv2nTJJm2+XSFnWmapNhawy4= Subject key identifier: 4D:F2:7A:78:68:F7:C3:8C:10:62:51:EB:A6:19:E0:E2:65:1F:70:C6 Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F Certificate issuer: /CN=8738bf1cc1381678038ef5da67642398e3d9819f Certificate serial: 019B6D6A8DB6CF31F8F3F1B805223E94837C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft Manifest number: 02ED Signing time: Tue 30 Dec 2025 04:00:58 +0000 Manifest this update: Tue 30 Dec 2025 04:00:58 +0000 Manifest next update: Wed 31 Dec 2025 04:00:58 +0000 Files and hashes: 1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: 0jJcgDFdaS7+20bw/uOfmplhOIVyv9eUm5RpvZ9k/KY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:6a:8d:b6:cf:31:f8:f3:f1:b8:05:22:3e:94:83:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f Validity Not Before: Dec 30 04:00:58 2025 GMT Not After : Dec 31 04:00:58 2025 GMT Subject: CN=4df27a7868f7c38c106251eba619e0e2651f70c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f8:42:26:a9:eb:e2:7c:3b:49:1c:25:6e:1c: 5b:7c:75:e9:bd:63:39:6c:8f:af:a6:11:5b:51:61: cd:95:bb:63:0a:bc:84:59:c2:47:a2:c0:63:21:77: a8:5f:6b:cc:b0:34:d4:18:f0:63:26:98:d0:45:14: 3e:b6:88:a2:ee:55:04:75:25:d3:53:af:bd:4c:e9: 25:63:4f:19:fa:9c:1c:7c:45:4d:1a:c4:fd:8a:17: 64:00:e3:ed:49:47:d4:f5:cf:43:2d:27:c5:80:36: 0d:f8:fc:b1:f6:96:54:63:3e:4d:bd:60:82:cf:fb: 38:ec:75:d0:06:89:d6:55:74:e2:d4:64:0c:de:90: 6a:5a:44:24:0c:9b:e5:d8:a3:a5:19:fe:96:25:4a: 0f:cc:32:d0:8e:36:66:37:56:0c:a8:73:da:2a:8e: eb:28:74:73:d8:3e:bc:3e:b5:71:27:85:b7:44:b6: 71:a6:0d:20:df:c7:57:7c:b7:aa:b1:5d:5c:2a:70: 01:f4:f2:cb:ef:af:df:fd:13:b9:d5:25:cd:1b:33: 0a:30:ec:f5:31:ec:d8:b5:7f:92:fd:04:4f:ca:6e: a8:2b:8f:06:9c:02:3b:57:a5:a7:37:df:37:90:ac: 6f:dd:e4:51:5c:89:24:50:10:bd:76:8b:96:ca:78: 19:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:F2:7A:78:68:F7:C3:8C:10:62:51:EB:A6:19:E0:E2:65:1F:70:C6 X509v3 Authority Key Identifier: keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:8c:05:9c:af:31:77:0a:97:d7:b3:a6:f9:5f:a3:5a:70:97: b0:82:9f:cc:b9:55:ab:c2:a4:f9:ee:e5:34:cb:01:f5:c2:5c: 79:6f:ae:13:40:b3:c5:a5:6b:af:e5:00:a0:9f:39:ac:03:56: b4:79:6f:4c:8e:1b:5a:83:d4:ad:90:d6:14:10:2a:5d:65:d2: 83:3c:9b:dc:85:d6:6f:04:ab:3e:f3:f6:5d:93:6e:a2:21:29: ca:2a:26:c6:af:87:16:89:56:6f:3a:4d:39:9f:06:3b:f9:79: 6b:4f:d7:9f:e4:37:11:0b:35:9d:3e:96:75:f0:1c:d4:74:32: ea:33:e4:1a:e5:23:2c:e0:94:2a:13:c8:42:f8:19:2f:db:77: 9b:c6:e6:ea:99:ed:31:35:1f:07:60:67:d2:28:67:d2:90:68: be:7b:83:bf:72:93:e4:a6:52:9a:66:da:1a:22:66:a3:ba:83: 60:3d:d6:70:1d:a6:01:53:38:b3:74:e5:b6:ca:3b:7a:54:4d: f2:a7:87:5b:99:01:f8:cc:f7:bf:c3:e9:2d:3a:44:74:43:1e: 1c:74:27:18:c4:0e:de:0d:58:9d:39:57:81:73:f3:d4:87:a2: 5f:ed:26:b1:d5:b6:47:96:43:b7:76:02:f7:cf:78:d1:6b:2b: a0:54:e1:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttao22zzH48/G4BSI+lIN8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk OTgxOWYwHhcNMjUxMjMwMDQwMDU4WhcNMjUxMjMxMDQwMDU4WjAzMTEwLwYDVQQD Eyg0ZGYyN2E3ODY4ZjdjMzhjMTA2MjUxZWJhNjE5ZTBlMjY1MWY3MGM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/hCJqnr4nw7SRwlbhxbfHXpvWM5 bI+vphFbUWHNlbtjCryEWcJHosBjIXeoX2vMsDTUGPBjJpjQRRQ+toii7lUEdSXT U6+9TOklY08Z+pwcfEVNGsT9ihdkAOPtSUfU9c9DLSfFgDYN+Pyx9pZUYz5NvWCC z/s47HXQBonWVXTi1GQM3pBqWkQkDJvl2KOlGf6WJUoPzDLQjjZmN1YMqHPaKo7r KHRz2D68PrVxJ4W3RLZxpg0g38dXfLeqsV1cKnAB9PLL76/f/RO51SXNGzMKMOz1 MezYtX+S/QRPym6oK48GnAI7V6WnN983kKxv3eRRXIkkUBC9douWyngZ1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE3yenho98OMEGJR66YZ4OJlH3DGMB8GA1UdIwQY MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs4wFnK8x dwqX17Om+V+jWnCXsIKfzLlVq8Kk+e7lNMsB9cJceW+uE0CzxaVrr+UAoJ85rANW tHlvTI4bWoPUrZDWFBAqXWXSgzyb3IXWbwSrPvP2XZNuoiEpyiomxq+HFolWbzpN OZ8GO/l5a0/Xn+Q3EQs1nT6WdfAc1HQy6jPkGuUjLOCUKhPIQvgZL9t3m8bm6pnt MTUfB2Bn0ihn0pBovnuDv3KT5KZSmmbaGiJmo7qDYD3WcB2mAVM4s3Tltso7elRN 8qeHW5kB+Mz3v8PpLTpEdEMeHHQnGMQO3g1YnTlXgXPz1IeiX+0msdW2R5ZDt3YC 98940WsroFThhQ== -----END CERTIFICATE-----Generated at Tue Dec 30 06:20:52 2025 by rpki-client