This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json) Hash identifier: fzPURS9R1SVgtpN2IyoUQhTjyppZubMO7GwEJreScS8= Subject key identifier: 35:40:81:2A:33:73:BD:2C:E3:FD:BF:AD:FC:7B:B1:34:1B:31:D0:0E Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60 Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060 Certificate serial: 019B42498F435D7D656477FE05CE4E8A4136 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft Manifest number: 1538 Signing time: Sun 21 Dec 2025 19:01:15 +0000 Manifest this update: Sun 21 Dec 2025 19:01:15 +0000 Manifest next update: Mon 22 Dec 2025 19:01:15 +0000 Files and hashes: 1: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: qJtPHHee06l/Z08UGZTuprpKAqyNsGsIaIIjem/VnLU=) 2: jHj1kA03qC8i8hguuEC8ASnj4XQ.roa (hash: 6J5ezyoc/LI46xWXhW/cUUltYyOZg4CBJG0jaVAl1nQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:8f:43:5d:7d:65:64:77:fe:05:ce:4e:8a:41:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060 Validity Not Before: Dec 21 19:01:15 2025 GMT Not After : Dec 22 19:01:15 2025 GMT Subject: CN=3540812a3373bd2ce3fdbfadfc7bb1341b31d00e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e4:1a:ea:aa:14:f5:41:15:d3:95:7d:70:01: be:42:96:24:0b:65:98:3e:ac:af:84:4c:2e:4d:a7: 65:06:f8:91:17:7c:58:50:9c:2d:2e:06:3f:d8:0a: 1b:10:0f:de:7f:4d:a5:73:1b:e7:88:8c:92:38:5d: db:92:a1:19:e1:61:b8:14:61:48:54:3f:55:53:ce: 82:8d:d1:4e:93:b9:ed:d5:b1:eb:44:81:12:fe:d8: 4d:07:b1:a8:c7:1a:3f:c6:c8:f2:fc:19:93:ea:89: 62:de:83:b5:a6:f0:ed:a3:a9:78:20:bd:46:fc:4e: 55:5a:4b:0c:05:d8:d7:bf:e2:61:0b:33:02:bf:91: 6c:97:01:17:82:08:1c:51:e3:ca:e9:9e:6c:dc:63: 28:e1:d3:35:02:27:23:24:8a:27:db:e1:ed:8f:8e: 4f:da:53:a9:c0:fc:65:b0:2e:dd:81:26:dd:d6:59: ce:78:18:e8:8f:50:55:20:57:12:1f:37:51:b0:39: 9e:f6:d1:53:bb:0d:3d:b7:0f:55:64:67:30:ef:5b: 5d:89:df:35:d5:74:54:3f:59:c5:2a:e9:e9:85:14: c8:d0:dc:72:31:f7:b4:0a:c3:a1:62:29:b3:94:81: ba:65:5d:46:38:2e:1a:16:ac:71:47:43:45:5a:15: 25:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:40:81:2A:33:73:BD:2C:E3:FD:BF:AD:FC:7B:B1:34:1B:31:D0:0E X509v3 Authority Key Identifier: keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:00:4e:9b:21:e5:39:b3:40:5f:9f:c4:d1:35:85:0d:d9:2f: 18:a8:ac:69:28:a1:cc:47:85:06:66:eb:6f:d6:46:c9:17:0e: d7:bd:04:56:3c:bb:71:b1:82:67:c8:e7:2c:30:51:12:b6:f5: 93:94:77:28:98:73:51:12:fb:c7:4d:a9:95:69:e2:5a:ec:36: 95:e4:ff:f7:37:37:15:30:a0:da:c4:61:c5:de:38:28:db:4e: d9:70:37:fa:a1:72:2c:83:d5:1f:4c:99:d2:11:cc:ec:6b:57: 60:0c:f6:1d:2c:58:54:81:31:da:86:eb:cb:11:9e:11:79:63: 77:f4:f4:08:25:20:9a:c8:c7:18:84:75:80:89:38:d0:72:f1: c7:20:7f:71:25:24:78:e6:c7:bf:63:77:04:4d:77:98:24:7c: cb:26:ec:e5:c5:23:c1:ba:cf:18:8b:2a:da:6a:8a:6e:a9:d2: 3a:0d:c2:64:58:dc:0f:c7:be:42:96:25:36:63:9a:04:48:e0: 70:12:10:69:50:35:5e:57:99:ee:5a:ee:61:f7:ea:dd:56:13: c8:d8:7f:c7:07:a1:5c:62:87:d8:13:4a:33:71:92:92:ce:d8: c6:4d:60:40:4f:e0:44:b3:d4:32:8a:af:9c:59:fa:7a:d5:52: 84:68:d0:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSY9DXX1lZHf+Bc5OikE2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1 YWQwNjAwHhcNMjUxMjIxMTkwMTE1WhcNMjUxMjIyMTkwMTE1WjAzMTEwLwYDVQQD EygzNTQwODEyYTMzNzNiZDJjZTNmZGJmYWRmYzdiYjEzNDFiMzFkMDBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuQa6qoU9UEV05V9cAG+QpYkC2WY PqyvhEwuTadlBviRF3xYUJwtLgY/2AobEA/ef02lcxvniIySOF3bkqEZ4WG4FGFI VD9VU86CjdFOk7nt1bHrRIES/thNB7Goxxo/xsjy/BmT6oli3oO1pvDto6l4IL1G /E5VWksMBdjXv+JhCzMCv5FslwEXgggcUePK6Z5s3GMo4dM1AicjJIon2+Htj45P 2lOpwPxlsC7dgSbd1lnOeBjoj1BVIFcSHzdRsDme9tFTuw09tw9VZGcw71tdid81 1XRUP1nFKunphRTI0NxyMfe0CsOhYimzlIG6ZV1GOC4aFqxxR0NFWhUl5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDVAgSozc70s4/2/rfx7sTQbMdAOMB8GA1UdIwQY MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANwBOmyHl ObNAX5/E0TWFDdkvGKisaSihzEeFBmbrb9ZGyRcO170EVjy7cbGCZ8jnLDBRErb1 k5R3KJhzURL7x02plWniWuw2leT/9zc3FTCg2sRhxd44KNtO2XA3+qFyLIPVH0yZ 0hHM7GtXYAz2HSxYVIEx2obryxGeEXljd/T0CCUgmsjHGIR1gIk40HLxxyB/cSUk eObHv2N3BE13mCR8yybs5cUjwbrPGIsq2mqKbqnSOg3CZFjcD8e+QpYlNmOaBEjg cBIQaVA1XleZ7lruYffq3VYTyNh/xwehXGKH2BNKM3GSks7Yxk1gQE/gRLPUMoqv nFn6etVShGjQyg== -----END CERTIFICATE-----Generated at Sun Dec 21 21:11:27 2025 by rpki-client