This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft File: HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json) Hash identifier: xPSofMZRJYTk2HOsHbe/zkQqJRhPUSgCvSllI57a1UU= Subject key identifier: 94:94:68:B1:7D:BD:2E:CB:D7:C2:9A:9D:87:9B:B2:2A:77:DB:D8:D5 Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6 Certificate issuer: /CN=1f390af833d7d4269042c249bcf49648572095b6 Certificate serial: 019B5B641D882D6484117ED50DFAB1D1D984 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft Manifest number: 1237 Signing time: Fri 26 Dec 2025 16:00:46 +0000 Manifest this update: Fri 26 Dec 2025 16:00:46 +0000 Manifest next update: Sat 27 Dec 2025 16:00:46 +0000 Files and hashes: 1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: hw6G1R1OZsa31mcovSKC/4dhZg/G3pJvhdHmnTGf8wQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:64:1d:88:2d:64:84:11:7e:d5:0d:fa:b1:d1:d9:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6 Validity Not Before: Dec 26 16:00:46 2025 GMT Not After : Dec 27 16:00:46 2025 GMT Subject: CN=949468b17dbd2ecbd7c29a9d879bb22a77dbd8d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:df:af:ff:58:81:00:ea:e8:73:51:13:c2:1e: ec:71:71:20:97:1d:e7:40:69:ed:a3:0b:91:0e:61: d7:fc:ab:a1:49:de:00:5a:ac:84:19:b4:80:1f:7d: 66:0c:45:81:40:9e:c8:60:ab:1a:7e:cc:2c:98:3f: 07:49:a7:a5:54:b2:d4:e6:b3:e3:54:7b:6b:ec:48: 68:77:93:8f:08:ed:a4:dc:aa:13:e4:df:6e:cb:24: 10:8d:06:65:79:5d:23:22:d9:6a:9a:79:2a:90:9d: 50:6a:03:fd:32:49:c0:22:1f:a6:38:74:60:f2:a7: ff:a0:c3:94:3c:62:e3:8a:e8:12:a4:70:40:d0:fb: a9:df:bf:79:b8:cc:0c:15:20:b3:60:1d:2d:99:74: 48:e5:bf:5a:57:ef:6e:af:be:5f:71:e3:79:7f:40: fb:bb:bb:9b:78:b4:cf:9b:3c:d0:95:d6:f8:8d:4a: f4:02:c0:ea:50:87:42:dc:20:22:f9:2e:85:9e:34: bc:fc:38:44:19:31:44:63:8b:93:e5:a4:96:a8:32: 2d:3e:db:95:8e:aa:d7:c6:02:58:4c:1b:ff:84:2c: 23:8f:81:01:61:85:80:84:d8:c0:0d:b2:22:81:8b: 2c:2f:e3:83:2c:04:28:17:c8:db:34:b9:94:85:49: 69:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:94:68:B1:7D:BD:2E:CB:D7:C2:9A:9D:87:9B:B2:2A:77:DB:D8:D5 X509v3 Authority Key Identifier: keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:f3:44:ad:21:57:97:1e:60:92:ed:49:7b:5a:44:fb:c5:83: f2:7b:d4:0b:62:02:5b:b6:7c:61:05:e6:68:82:e9:d7:04:c0: 77:7a:8d:a1:cd:ca:92:aa:d1:e7:26:fd:14:36:ce:c2:0f:53: 9b:3f:08:b8:78:02:07:7f:2b:ec:16:7c:27:d0:25:c7:b0:b0: 58:f7:74:b0:bd:ba:ec:54:16:d7:bc:05:9c:68:68:2a:3a:a1: a1:fa:08:0b:dd:a5:cb:a5:69:91:44:e2:5d:38:28:42:c8:b5: 14:d6:b2:5c:09:b6:a8:5c:fa:14:6c:a9:8e:df:19:37:b2:dd: 6a:d0:9e:33:b2:b9:78:18:60:b0:24:ae:2d:20:ac:a7:2c:f9: da:ca:4f:33:2b:cb:5c:30:81:62:6a:3b:6c:6f:1c:8c:10:75: 15:98:4e:b9:97:5c:08:56:21:d5:6a:6d:97:b6:10:2f:c1:a7: 36:9d:56:c0:b3:d6:ac:b8:fb:57:0b:19:1f:57:a4:a1:83:d7: 0b:66:0f:40:24:cc:f7:23:ff:34:16:cd:33:b2:f7:91:2f:af: ea:ea:5b:45:5a:f6:6d:a5:ea:ed:28:b0:32:db:e8:4c:f0:5b: 64:5d:e4:a1:ad:c3:4d:25:ca:fa:42:5f:90:3c:a5:17:5a:06: 1a:b1:7e:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbZB2ILWSEEX7VDfqx0dmEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy MDk1YjYwHhcNMjUxMjI2MTYwMDQ2WhcNMjUxMjI3MTYwMDQ2WjAzMTEwLwYDVQQD Eyg5NDk0NjhiMTdkYmQyZWNiZDdjMjlhOWQ4NzliYjIyYTc3ZGJkOGQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt+v/1iBAOroc1ETwh7scXEglx3n QGntowuRDmHX/KuhSd4AWqyEGbSAH31mDEWBQJ7IYKsafswsmD8HSaelVLLU5rPj VHtr7Ehod5OPCO2k3KoT5N9uyyQQjQZleV0jItlqmnkqkJ1QagP9MknAIh+mOHRg 8qf/oMOUPGLjiugSpHBA0Pup3795uMwMFSCzYB0tmXRI5b9aV+9ur75fceN5f0D7 u7ubeLTPmzzQldb4jUr0AsDqUIdC3CAi+S6FnjS8/DhEGTFEY4uT5aSWqDItPtuV jqrXxgJYTBv/hCwjj4EBYYWAhNjADbIigYssL+ODLAQoF8jbNLmUhUlp8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJSUaLF9vS7L18KanYebsip329jVMB8GA1UdIwQY MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAffNErSFX lx5gku1Je1pE+8WD8nvUC2ICW7Z8YQXmaILp1wTAd3qNoc3KkqrR5yb9FDbOwg9T mz8IuHgCB38r7BZ8J9Alx7CwWPd0sL267FQW17wFnGhoKjqhofoIC92ly6VpkUTi XTgoQsi1FNayXAm2qFz6FGypjt8ZN7LdatCeM7K5eBhgsCSuLSCspyz52spPMyvL XDCBYmo7bG8cjBB1FZhOuZdcCFYh1Wptl7YQL8GnNp1WwLPWrLj7VwsZH1ekoYPX C2YPQCTM9yP/NBbNM7L3kS+v6upbRVr2baXq7SiwMtvoTPBbZF3koa3DTSXK+kJf kDylF1oGGrF+wA== -----END CERTIFICATE-----Generated at Sat Dec 27 00:59:46 2025 by rpki-client