This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft File: HKrZOQiq2NJG62n35mqnDeW9Whc.mft (raw, json) Hash identifier: upr33Tp9UdPwEQ3Wu+xM5UGX+uSy6OhxBukvxTjeEZ0= Subject key identifier: C2:3B:0C:09:62:67:F0:71:D4:72:22:BB:EB:1C:10:0E:06:CE:9F:91 Authority key identifier: 1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17 Certificate issuer: /CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17 Certificate serial: 019B3EA30FF1A32833F826EA64BB4CD43E64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft Manifest number: 0E6E Signing time: Sun 21 Dec 2025 02:00:32 +0000 Manifest this update: Sun 21 Dec 2025 02:00:32 +0000 Manifest next update: Mon 22 Dec 2025 02:00:32 +0000 Files and hashes: 1: HKrZOQiq2NJG62n35mqnDeW9Whc.crl (hash: K/9UcBQq6KbuXpkCKUXRlp5NH8c5hYKHxU0luovTiZI=) 2: ackszuiJCTUVf3NL6BGlMWZR6mU.roa (hash: eS/ev9znkjBG3HaRk+tKGqjX3/CUPsNsHqj4Rs2K9+I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:0f:f1:a3:28:33:f8:26:ea:64:bb:4c:d4:3e:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17 Validity Not Before: Dec 21 02:00:32 2025 GMT Not After : Dec 22 02:00:32 2025 GMT Subject: CN=c23b0c096267f071d47222bbeb1c100e06ce9f91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7c:10:fa:66:19:b1:53:b5:8e:e6:fb:56:14: 40:e5:4f:d8:cd:46:22:83:94:48:93:78:4f:ff:fe: 12:84:ef:b7:ab:3b:b3:4c:a9:77:cc:7e:bc:1a:a8: c3:f6:cb:53:b1:c8:69:db:f4:7e:87:6f:10:8e:16: 31:71:59:7d:21:e7:55:97:de:c7:cf:33:c0:d2:04: d4:e8:6f:b0:21:71:89:b4:b4:c6:a8:c4:7a:56:48: c5:8f:9a:b4:bf:e7:ce:b5:be:63:14:1e:db:dd:db: a5:fd:7a:fb:0d:46:ae:40:d7:89:be:43:70:34:0f: 08:22:d6:25:5b:45:cc:0e:b7:36:ad:34:6c:94:fd: c1:c6:3f:8f:89:88:3d:42:45:9b:d5:ae:6f:3c:fb: 95:e9:b5:63:b8:30:e5:cc:2d:0e:47:a1:e0:4b:f7: 34:2a:4b:02:b4:71:18:45:a5:6e:28:7d:a9:6a:53: 9f:be:84:d1:4e:85:ea:27:ca:62:2c:13:aa:93:88: 27:7f:b8:6d:20:2e:42:b5:a6:bf:0e:3a:99:2c:57: f8:24:58:6c:c0:39:0d:ed:0f:8c:4f:6e:d6:c3:ac: 9a:a4:7d:db:67:74:1b:fe:30:ed:db:ba:5a:ec:2c: 97:8c:a5:92:77:0d:73:76:a2:38:f1:3d:82:3e:cd: b3:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:3B:0C:09:62:67:F0:71:D4:72:22:BB:EB:1C:10:0E:06:CE:9F:91 X509v3 Authority Key Identifier: keyid:1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:cf:ed:d0:0a:6b:43:fb:06:b3:d6:3f:0f:d6:7b:8f:f8:cc: 91:42:85:a4:83:29:81:4e:f3:7d:5e:d9:60:55:15:26:70:34: 71:b8:61:b7:d7:51:c9:81:81:7e:11:ca:46:2e:c4:5a:74:62: 47:75:81:18:04:a6:a3:d8:1e:1f:35:d8:e7:39:52:cf:cc:dc: f7:d7:b2:6b:74:c7:bb:99:5e:8e:c5:39:98:f5:0f:1d:63:af: e1:99:c6:2f:b9:44:a6:26:ef:51:f8:1b:37:d9:57:86:00:ed: 73:2d:a7:c0:c7:a8:b7:29:d1:00:76:e5:97:8c:c1:c7:88:eb: fe:17:a1:cc:56:21:bd:44:9f:5a:30:13:7d:69:9a:23:55:bd: cc:1f:ae:8e:7b:82:47:8d:91:c3:5e:83:37:d5:a7:d2:7a:e8: a0:ce:f5:80:25:0b:52:28:07:46:c0:84:f3:93:6d:ee:73:af: c8:cc:b8:86:3e:fa:a4:95:f8:bd:e5:22:00:7f:f4:28:01:83: 69:dc:57:26:55:43:d7:6b:6b:04:3d:f0:6c:e3:e8:c4:5b:07: 3e:09:1b:fa:5f:c0:38:b1:12:f4:bb:ea:6f:52:06:ad:11:f0: 92:6a:02:76:05:24:b3:a1:22:b5:cc:47:82:88:16:d3:57:b5: a0:9b:ee:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+ow/xoygz+CbqZLtM1D5kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWFkOTM5MDhhYWQ4ZDI0NmViNjlmN2U2NmFhNzBkZTVi ZDVhMTcwHhcNMjUxMjIxMDIwMDMyWhcNMjUxMjIyMDIwMDMyWjAzMTEwLwYDVQQD EyhjMjNiMGMwOTYyNjdmMDcxZDQ3MjIyYmJlYjFjMTAwZTA2Y2U5ZjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3wQ+mYZsVO1jub7VhRA5U/YzUYi g5RIk3hP//4ShO+3qzuzTKl3zH68GqjD9stTschp2/R+h28QjhYxcVl9IedVl97H zzPA0gTU6G+wIXGJtLTGqMR6VkjFj5q0v+fOtb5jFB7b3dul/Xr7DUauQNeJvkNw NA8IItYlW0XMDrc2rTRslP3Bxj+PiYg9QkWb1a5vPPuV6bVjuDDlzC0OR6HgS/c0 KksCtHEYRaVuKH2palOfvoTRToXqJ8piLBOqk4gnf7htIC5Ctaa/DjqZLFf4JFhs wDkN7Q+MT27Ww6yapH3bZ3Qb/jDt27pa7CyXjKWSdw1zdqI48T2CPs2zmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMI7DAliZ/Bx1HIiu+scEA4Gzp+RMB8GA1UdIwQY MBaAFByq2TkIqtjSRutp9+Zqpw3lvVoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMt YTc5OGJkYzczMTFmLzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFm LzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOc/t0Apr Q/sGs9Y/D9Z7j/jMkUKFpIMpgU7zfV7ZYFUVJnA0cbhht9dRyYGBfhHKRi7EWnRi R3WBGASmo9geHzXY5zlSz8zc99eya3THu5lejsU5mPUPHWOv4ZnGL7lEpibvUfgb N9lXhgDtcy2nwMeotynRAHbll4zBx4jr/hehzFYhvUSfWjATfWmaI1W9zB+ujnuC R42Rw16DN9Wn0nrooM71gCULUigHRsCE85Nt7nOvyMy4hj76pJX4veUiAH/0KAGD adxXJlVD12trBD3wbOPoxFsHPgkb+l/AOLES9Lvqb1IGrRHwkmoCdgUks6EitcxH gogW01e1oJvu7Q== -----END CERTIFICATE-----Generated at Sun Dec 21 06:54:39 2025 by rpki-client