This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft File: hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json) Hash identifier: ZyNof3loSRNs895uEfx6SeuK1p/T/KEtHnOTFOWICbw= Subject key identifier: B8:82:66:6E:B7:9A:C8:22:94:7D:B8:1A:38:15:B3:48:A7:43:41:13 Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 Certificate issuer: /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Certificate serial: 019B42B7BE7155B923C53440A71F8404D24F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft Manifest number: 0B32 Signing time: Sun 21 Dec 2025 21:01:36 +0000 Manifest this update: Sun 21 Dec 2025 21:01:36 +0000 Manifest next update: Mon 22 Dec 2025 21:01:36 +0000 Files and hashes: 1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: O3NrKU0Y1QRf8rG1fZgAGf6kqVTui47hjDnJ6cHa7IE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:be:71:55:b9:23:c5:34:40:a7:1f:84:04:d2:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Validity Not Before: Dec 21 21:01:36 2025 GMT Not After : Dec 22 21:01:36 2025 GMT Subject: CN=b882666eb79ac822947db81a3815b348a7434113 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:af:fb:f0:24:2b:c0:a1:72:c8:28:94:f0:aa: 76:56:9d:cb:b7:e9:37:6e:81:f4:93:3a:c6:ee:a8: 2c:2f:e4:5e:b8:7e:ae:07:cf:d5:4c:d1:96:98:24: f6:41:da:4d:55:ea:42:07:e1:b8:96:ce:d6:4e:fc: ff:7a:d9:83:b9:69:65:5f:08:c4:ec:20:e1:cc:6b: 34:3d:1b:ac:d8:a1:75:70:a4:44:16:5e:5f:45:c3: cd:4d:96:23:7a:1c:12:6a:8f:c2:49:2c:52:b1:98: e2:b2:21:4b:d4:c5:9e:d7:58:df:17:f1:88:33:3d: 5f:90:64:2a:a0:ae:c4:34:88:7d:c3:79:08:89:5b: 6b:e0:67:5f:da:46:76:b3:84:df:70:b5:9e:b9:ec: a5:dd:21:68:a4:87:75:8f:9e:56:d4:4a:c0:e6:9b: a2:8e:2e:9d:68:2f:fd:85:91:11:43:d5:56:16:b4: b1:fc:3f:17:e7:a0:e0:d6:42:c0:ef:9f:92:7c:c0: c6:b6:62:9d:e1:b4:c2:7f:82:35:81:1e:41:e0:08: b8:20:4a:e2:e1:df:04:6a:a7:25:18:e3:6c:65:ac: 19:c5:62:1d:6a:48:ba:1e:5a:8b:bf:42:f4:f3:67: a5:21:79:a1:82:53:4c:3d:c1:74:a1:06:b8:ae:f0: 85:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:82:66:6E:B7:9A:C8:22:94:7D:B8:1A:38:15:B3:48:A7:43:41:13 X509v3 Authority Key Identifier: keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:47:28:0e:7b:9f:15:0b:7d:9b:de:95:1a:ef:fe:62:07:31: ff:6e:bf:18:b1:cb:02:6d:61:03:78:9e:44:96:02:0f:07:73: 87:1e:6a:ca:bb:a4:d7:b4:9c:cf:6f:fe:26:48:d1:a3:90:a1: 57:c8:46:3b:2c:ac:0c:ff:e4:56:35:b4:c5:42:85:4c:54:ec: f5:e2:55:cb:a9:fd:b4:80:9e:75:91:7e:0f:3f:fe:61:65:c0: 5d:1e:80:ab:50:3e:4d:ba:ac:5e:91:21:e3:7c:77:86:c2:73: 62:0c:fb:f5:9d:d5:c6:be:b0:40:94:b9:82:58:5d:53:3e:80: 75:76:02:55:97:7d:bd:38:a6:8f:62:fd:3e:7e:29:8b:cf:45: 4c:c6:a0:4b:74:dc:9d:f0:97:69:95:60:cd:58:37:93:f2:a7: 8c:ac:2a:e1:9c:3a:b1:15:3e:0c:7b:3a:14:b1:42:fe:3a:56: 8b:bd:56:07:0b:d8:a3:ea:29:4e:ce:70:78:cf:af:5e:05:80: e6:93:07:f4:79:7c:49:6e:d5:e9:c7:7b:9b:19:55:b9:90:c5: 71:b2:fb:2b:0d:1c:29:08:1d:a3:da:e9:c1:5b:2d:d1:c2:96: 68:56:23:13:ca:0b:a7:0b:54:10:05:ba:0e:54:8c:16:59:ad: 20:93:6c:77 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCt75xVbkjxTRApx+EBNJPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx YmZlMzMwHhcNMjUxMjIxMjEwMTM2WhcNMjUxMjIyMjEwMTM2WjAzMTEwLwYDVQQD EyhiODgyNjY2ZWI3OWFjODIyOTQ3ZGI4MWEzODE1YjM0OGE3NDM0MTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6/78CQrwKFyyCiU8Kp2Vp3Lt+k3 boH0kzrG7qgsL+ReuH6uB8/VTNGWmCT2QdpNVepCB+G4ls7WTvz/etmDuWllXwjE 7CDhzGs0PRus2KF1cKREFl5fRcPNTZYjehwSao/CSSxSsZjisiFL1MWe11jfF/GI Mz1fkGQqoK7ENIh9w3kIiVtr4Gdf2kZ2s4TfcLWeueyl3SFopId1j55W1ErA5pui ji6daC/9hZERQ9VWFrSx/D8X56Dg1kLA75+SfMDGtmKd4bTCf4I1gR5B4Ai4IEri 4d8EaqclGONsZawZxWIdaki6HlqLv0L082elIXmhglNMPcF0oQa4rvCFGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLiCZm63msgilH24GjgVs0inQ0ETMB8GA1UdIwQY MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwEcoDnuf FQt9m96VGu/+Ygcx/26/GLHLAm1hA3ieRJYCDwdzhx5qyruk17Scz2/+JkjRo5Ch V8hGOyysDP/kVjW0xUKFTFTs9eJVy6n9tICedZF+Dz/+YWXAXR6Aq1A+TbqsXpEh 43x3hsJzYgz79Z3Vxr6wQJS5glhdUz6AdXYCVZd9vTimj2L9Pn4pi89FTMagS3Tc nfCXaZVgzVg3k/KnjKwq4Zw6sRU+DHs6FLFC/jpWi71WBwvYo+opTs5weM+vXgWA 5pMH9Hl8SW7V6cd7mxlVuZDFcbL7Kw0cKQgdo9rpwVst0cKWaFYjE8oLpwtUEAW6 DlSMFlmtIJNsdw== -----END CERTIFICATE-----Generated at Mon Dec 22 00:00:17 2025 by rpki-client