This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft File: HkXMabTR7hUbUCdEL7upRMJ035c.mft (raw, json) Hash identifier: m+8m4dgzDT/aR+vMnfOdyNT/S9BkFscI8sh7+BC1qF8= Subject key identifier: FC:1A:70:3D:BC:2A:68:82:26:6D:08:66:3B:BE:A1:27:1C:11:B7:C0 Authority key identifier: 1E:45:CC:69:B4:D1:EE:15:1B:50:27:44:2F:BB:A9:44:C2:74:DF:97 Certificate issuer: /CN=1e45cc69b4d1ee151b5027442fbba944c274df97 Certificate serial: 019B44A53A0FC5E8447E4DEEA22E8E99B99A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkXMabTR7hUbUCdEL7upRMJ035c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft Manifest number: 1706 Signing time: Mon 22 Dec 2025 06:00:37 +0000 Manifest this update: Mon 22 Dec 2025 06:00:37 +0000 Manifest next update: Tue 23 Dec 2025 06:00:37 +0000 Files and hashes: 1: HkXMabTR7hUbUCdEL7upRMJ035c.crl (hash: nCiqgZIPwyR8PKbKGCS57qPrsTBTBPPF/D7T2mr57yY=) 2: gzmNz0PYWdcLgL6_SHiIcrAToJE.roa (hash: Guzyh0bDeJqFnbpc68wrDXyHWPH3X5psfEh7CAeI44k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft rsync://rpki.ripe.net/repository/DEFAULT/HkXMabTR7hUbUCdEL7upRMJ035c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:3a:0f:c5:e8:44:7e:4d:ee:a2:2e:8e:99:b9:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e45cc69b4d1ee151b5027442fbba944c274df97 Validity Not Before: Dec 22 06:00:37 2025 GMT Not After : Dec 23 06:00:37 2025 GMT Subject: CN=fc1a703dbc2a6882266d08663bbea1271c11b7c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d8:24:a9:48:00:c9:62:31:69:5a:05:cc:61: 76:3a:bc:c0:4c:ca:8e:03:86:04:d2:c2:d6:ca:c5: 17:65:1e:78:c3:58:b6:ff:70:a8:13:d6:76:e2:f4: 80:52:de:92:88:72:43:d3:5a:68:b1:7e:52:ba:e2: 85:c6:90:70:0c:d1:f3:e9:ac:db:d9:de:95:1d:da: 48:37:86:8f:3d:48:a6:7e:5c:66:bb:b7:14:ec:e3: 85:ea:d9:3f:a8:14:c2:e3:50:64:7a:9c:44:ee:1a: 40:be:44:2e:8f:9b:d8:51:4f:23:9f:e5:92:e3:df: 81:7b:0f:f1:57:76:e2:eb:d8:bb:3b:be:28:aa:d4: 3e:b2:49:f6:9c:6b:a9:cd:d8:8f:2f:79:0c:27:a6: 98:05:69:3e:e7:17:0f:23:38:15:dc:f9:86:ea:da: 57:9a:12:4a:a4:2a:52:b3:ad:df:f6:67:51:ab:19: 0a:d2:d7:c0:6e:a6:01:b7:9f:ed:3a:18:4f:be:d5: ae:4b:8b:80:77:ea:5d:8c:05:60:6f:5f:5e:a4:50: e0:04:9c:8d:86:39:1d:c7:5f:fa:ab:95:63:20:e4: ce:b5:9e:2d:56:ac:89:75:58:ae:48:f7:34:2c:ca: 2c:46:d8:8b:ec:1e:7a:87:51:00:97:64:ae:b9:c8: a7:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:1A:70:3D:BC:2A:68:82:26:6D:08:66:3B:BE:A1:27:1C:11:B7:C0 X509v3 Authority Key Identifier: keyid:1E:45:CC:69:B4:D1:EE:15:1B:50:27:44:2F:BB:A9:44:C2:74:DF:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkXMabTR7hUbUCdEL7upRMJ035c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:8a:39:5a:08:b5:61:cc:8a:f9:fa:96:4a:91:56:79:6d:23: b9:28:f1:61:73:4f:b8:14:93:08:67:c5:b9:cc:13:e9:c8:6c: d8:59:6f:52:54:be:5b:43:d3:01:ac:4b:b8:99:3b:71:72:dd: f1:cc:3b:b1:f1:99:1c:6b:f6:91:ab:c2:53:20:4e:5f:46:47: 0c:e5:7c:03:c9:db:ad:92:f7:9e:a3:24:40:86:d0:8a:c8:3c: 76:81:7e:1f:73:68:d7:61:fc:8e:19:29:13:3f:db:69:c5:49: 63:14:e5:54:dc:66:9a:77:c7:16:8a:33:68:3f:2b:c9:2d:19: 05:f6:06:10:68:02:94:69:00:a3:b6:77:3b:28:2e:20:79:2e: bf:55:aa:dc:99:82:e7:0a:cd:a6:fb:3b:b7:5d:13:0c:dd:da: d7:62:3c:f4:dc:5a:b8:fc:26:7c:f6:f5:8d:8b:ca:24:5b:d2: 1c:16:60:83:39:33:20:de:0e:43:e5:43:c0:87:5a:b2:97:61: e3:b2:39:31:5b:33:8e:97:53:71:de:f7:97:dc:81:58:e7:30: 34:58:3a:5a:a8:2a:24:44:79:83:a1:d1:1b:12:af:34:5c:54: de:55:c6:2c:f3:1c:db:25:fc:87:32:5a:6e:65:3d:57:2f:89: 67:04:7b:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpToPxehEfk3uoi6OmbmaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlNDVjYzY5YjRkMWVlMTUxYjUwMjc0NDJmYmJhOTQ0YzI3 NGRmOTcwHhcNMjUxMjIyMDYwMDM3WhcNMjUxMjIzMDYwMDM3WjAzMTEwLwYDVQQD EyhmYzFhNzAzZGJjMmE2ODgyMjY2ZDA4NjYzYmJlYTEyNzFjMTFiN2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNgkqUgAyWIxaVoFzGF2OrzATMqO A4YE0sLWysUXZR54w1i2/3CoE9Z24vSAUt6SiHJD01posX5SuuKFxpBwDNHz6azb 2d6VHdpIN4aPPUimflxmu7cU7OOF6tk/qBTC41BkepxE7hpAvkQuj5vYUU8jn+WS 49+Bew/xV3bi69i7O74oqtQ+skn2nGupzdiPL3kMJ6aYBWk+5xcPIzgV3PmG6tpX mhJKpCpSs63f9mdRqxkK0tfAbqYBt5/tOhhPvtWuS4uAd+pdjAVgb19epFDgBJyN hjkdx1/6q5VjIOTOtZ4tVqyJdViuSPc0LMosRtiL7B56h1EAl2Suucin8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPwacD28KmiCJm0IZju+oSccEbfAMB8GA1UdIwQY MBaAFB5FzGm00e4VG1AnRC+7qUTCdN+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGtYTWFiVFI3aFViVUNkRUw3dXBSTUowMzVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kNDk1MjgtMmFhNC00YTdkLTk4NDUt YzI0NDNhYTU0N2UyLzEvSGtYTWFiVFI3aFViVUNkRUw3dXBSTUowMzVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9kNDk1MjgtMmFhNC00YTdkLTk4NDUtYzI0NDNhYTU0N2Uy LzEvSGtYTWFiVFI3aFViVUNkRUw3dXBSTUowMzVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIo5Wgi1 YcyK+fqWSpFWeW0juSjxYXNPuBSTCGfFucwT6chs2FlvUlS+W0PTAaxLuJk7cXLd 8cw7sfGZHGv2kavCUyBOX0ZHDOV8A8nbrZL3nqMkQIbQisg8doF+H3No12H8jhkp Ez/bacVJYxTlVNxmmnfHFoozaD8ryS0ZBfYGEGgClGkAo7Z3OyguIHkuv1Wq3JmC 5wrNpvs7t10TDN3a12I89NxauPwmfPb1jYvKJFvSHBZggzkzIN4OQ+VDwIdaspdh 47I5MVszjpdTcd73l9yBWOcwNFg6WqgqJER5g6HRGxKvNFxU3lXGLPMc2yX8hzJa bmU9Vy+JZwR7xA== -----END CERTIFICATE-----Generated at Mon Dec 22 10:03:07 2025 by rpki-client