This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft File: HKrZOQiq2NJG62n35mqnDeW9Whc.mft (raw, json) Hash identifier: 2Y9aWMiSVmQhaCSPLYSlBPjvpfWvasz8BQeW8fbKiPc= Subject key identifier: D6:88:88:42:45:24:F5:4F:F2:6C:3B:39:22:56:7F:90:E6:37:40:33 Authority key identifier: 1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17 Certificate issuer: /CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17 Certificate serial: 019B4A397FE8279E324773EA25EDB1945C02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft Manifest number: 0E74 Signing time: Tue 23 Dec 2025 08:00:40 +0000 Manifest this update: Tue 23 Dec 2025 08:00:40 +0000 Manifest next update: Wed 24 Dec 2025 08:00:40 +0000 Files and hashes: 1: HKrZOQiq2NJG62n35mqnDeW9Whc.crl (hash: c9+Yjyr0lPz/uSST+4cVA9YrJlWHjmV5RevQX40vzbg=) 2: ackszuiJCTUVf3NL6BGlMWZR6mU.roa (hash: eS/ev9znkjBG3HaRk+tKGqjX3/CUPsNsHqj4Rs2K9+I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:39:7f:e8:27:9e:32:47:73:ea:25:ed:b1:94:5c:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17 Validity Not Before: Dec 23 08:00:40 2025 GMT Not After : Dec 24 08:00:40 2025 GMT Subject: CN=d68888424524f54ff26c3b3922567f90e6374033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3c:10:05:9d:03:b8:c3:7d:e3:65:64:fb:c7: 83:49:23:47:d5:7d:ea:64:82:3c:90:00:e0:78:ac: 60:17:17:a9:9b:ba:93:37:58:53:77:0b:fa:67:44: 8e:2e:cc:92:92:1d:ab:b2:8a:12:21:78:11:11:3f: 5c:b2:3f:a6:bf:85:5e:69:ef:69:c0:17:36:af:89: 6b:d2:00:2b:1f:a9:e0:c2:e3:7a:11:2f:18:55:16: c9:e4:9c:36:5a:6f:57:9b:e3:39:df:11:93:b5:7d: dc:5c:a9:f3:c7:03:86:1d:13:15:1b:d0:a6:34:bd: d3:d2:5c:0b:7a:3d:6b:82:5a:50:92:45:09:a5:66: 4c:62:fa:fa:af:df:84:ee:2a:e3:4f:21:21:55:cb: 63:09:42:ff:0f:04:ec:be:64:ee:17:4f:d3:26:dd: 94:79:77:c4:10:76:25:0a:46:9f:85:fa:13:53:cf: 7f:93:d5:0a:c3:a8:92:66:12:05:47:e0:f8:8c:6b: 11:de:4c:a4:c3:62:5d:97:8f:0f:d5:93:94:5f:27: c8:56:ff:34:1e:89:a5:76:6f:a2:1c:22:7d:5a:a6: 9b:9e:ab:13:38:ef:9e:ad:4e:57:16:03:ae:c3:c6: 8d:7c:f2:83:90:b4:1c:85:2c:05:5a:2f:88:8b:35: 57:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:88:88:42:45:24:F5:4F:F2:6C:3B:39:22:56:7F:90:E6:37:40:33 X509v3 Authority Key Identifier: keyid:1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:7d:87:e9:7b:f9:45:e0:0d:22:33:a2:56:80:fd:24:00:50: f8:3a:e5:aa:d7:4b:6a:6a:f1:cf:eb:01:ad:20:c8:66:33:5e: fc:2a:9d:58:cd:10:f2:87:b4:f1:b4:ec:e0:b3:98:98:15:24: 0a:2f:3f:1d:03:1c:a3:50:59:dd:39:60:e3:1a:dd:22:b8:89: 5c:7f:b1:b5:a8:c3:ed:0f:7c:e2:9c:2b:6c:e4:d8:fe:32:13: e9:9d:66:1d:de:4b:c6:9d:86:aa:b1:f4:6b:5a:6d:27:2f:fa: 9e:15:51:54:01:b8:e1:e3:d8:85:52:93:91:eb:7a:63:b8:61: d4:35:ff:ad:80:6f:4e:68:b7:84:2d:8f:91:e9:d9:71:41:07: 07:50:0e:bc:7c:7b:79:99:52:ca:a6:bf:ba:7c:bc:41:95:92: de:2f:fc:fe:8a:28:d3:bc:e1:25:4d:e6:41:cd:31:72:79:59: 3d:95:f1:96:88:0c:09:d5:b2:3e:4e:31:40:a6:00:8d:83:ad: c6:19:a8:4d:4d:fd:34:73:96:0e:17:fd:1d:7e:5e:3e:a0:15: 8c:0a:65:63:6f:0b:84:6a:50:1a:1e:8e:82:7e:e6:85:d0:b6: 2a:cf:de:8e:11:96:87:e3:e1:56:98:ed:15:c0:24:b8:57:42: 9e:19:1a:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKOX/oJ54yR3PqJe2xlFwCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWFkOTM5MDhhYWQ4ZDI0NmViNjlmN2U2NmFhNzBkZTVi ZDVhMTcwHhcNMjUxMjIzMDgwMDQwWhcNMjUxMjI0MDgwMDQwWjAzMTEwLwYDVQQD EyhkNjg4ODg0MjQ1MjRmNTRmZjI2YzNiMzkyMjU2N2Y5MGU2Mzc0MDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTwQBZ0DuMN942Vk+8eDSSNH1X3q ZII8kADgeKxgFxepm7qTN1hTdwv6Z0SOLsySkh2rsooSIXgRET9csj+mv4Veae9p wBc2r4lr0gArH6ngwuN6ES8YVRbJ5Jw2Wm9Xm+M53xGTtX3cXKnzxwOGHRMVG9Cm NL3T0lwLej1rglpQkkUJpWZMYvr6r9+E7irjTyEhVctjCUL/DwTsvmTuF0/TJt2U eXfEEHYlCkafhfoTU89/k9UKw6iSZhIFR+D4jGsR3kykw2Jdl48P1ZOUXyfIVv80 Homldm+iHCJ9WqabnqsTOO+erU5XFgOuw8aNfPKDkLQchSwFWi+IizVXdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNaIiEJFJPVP8mw7OSJWf5DmN0AzMB8GA1UdIwQY MBaAFByq2TkIqtjSRutp9+Zqpw3lvVoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMt YTc5OGJkYzczMTFmLzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFm LzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbX2H6Xv5 ReANIjOiVoD9JABQ+DrlqtdLamrxz+sBrSDIZjNe/CqdWM0Q8oe08bTs4LOYmBUk Ci8/HQMco1BZ3Tlg4xrdIriJXH+xtajD7Q984pwrbOTY/jIT6Z1mHd5Lxp2GqrH0 a1ptJy/6nhVRVAG44ePYhVKTket6Y7hh1DX/rYBvTmi3hC2PkenZcUEHB1AOvHx7 eZlSyqa/uny8QZWS3i/8/ooo07zhJU3mQc0xcnlZPZXxlogMCdWyPk4xQKYAjYOt xhmoTU39NHOWDhf9HX5ePqAVjAplY28LhGpQGh6Ogn7mhdC2Ks/ejhGWh+PhVpjt FcAkuFdCnhkaaQ== -----END CERTIFICATE-----Generated at Tue Dec 23 09:20:17 2025 by rpki-client