This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft File: Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json) Hash identifier: hebsj2mogkmOAs28Jr0kl3nCONYGXP218totPt5c9Kw= Subject key identifier: D6:72:11:2F:DB:69:CC:37:2F:2B:A1:12:3F:7C:4C:B6:44:94:93:6D Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48 Certificate issuer: /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48 Certificate serial: 019B476FA92EA6C26D663597F2B36FDB7BB5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft Manifest number: 178B Signing time: Mon 22 Dec 2025 19:00:58 +0000 Manifest this update: Mon 22 Dec 2025 19:00:58 +0000 Manifest next update: Tue 23 Dec 2025 19:00:58 +0000 Files and hashes: 1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: o8Sky+LwKY7o2IYMiccKvRknpohfdvIQ7QFP4C6sCmc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:6f:a9:2e:a6:c2:6d:66:35:97:f2:b3:6f:db:7b:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48 Validity Not Before: Dec 22 19:00:58 2025 GMT Not After : Dec 23 19:00:58 2025 GMT Subject: CN=d672112fdb69cc372f2ba1123f7c4cb64494936d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:42:f4:d3:c0:ad:5a:a4:ef:8e:c2:4e:94:00: 09:7f:c3:db:16:10:61:b0:71:6a:a0:0c:8f:9f:21: fe:12:74:fe:32:33:ff:2d:3a:cc:40:ab:d8:21:f8: 96:3c:b2:82:cf:1b:ab:91:be:58:ea:16:a3:bc:dd: 27:a9:58:f2:7f:15:78:06:24:7d:c6:6b:8d:b4:91: a5:8b:fb:ce:62:cc:e6:8d:99:78:f0:5a:8b:be:58: af:47:0f:70:f2:a3:ef:01:86:2d:06:40:e7:ba:be: 5b:e0:29:56:d9:18:77:27:c0:f7:27:37:2f:c6:4b: 08:a6:59:3e:3d:cd:cc:38:71:ed:6f:be:54:ff:58: 0f:f3:0e:bb:03:71:0e:24:b3:82:c9:72:3e:06:1e: 14:4a:21:01:0e:f8:14:da:9d:c2:e6:8a:68:3e:4c: 8f:20:21:99:22:12:dd:8e:d9:69:9d:8d:36:0f:8b: d8:aa:36:ee:b4:d2:21:f3:31:80:4f:ef:e9:55:1e: f4:e2:6f:7b:cb:90:36:f4:37:07:80:ab:26:6f:b9: 5d:da:7f:82:4b:f6:18:98:eb:0a:db:12:b3:a6:99: 4d:a9:bd:6d:a7:52:e2:14:0b:75:a7:de:40:dd:25: d9:ef:ea:e2:3d:c4:5b:f6:e7:1f:54:5f:58:9a:92: 4c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:72:11:2F:DB:69:CC:37:2F:2B:A1:12:3F:7C:4C:B6:44:94:93:6D X509v3 Authority Key Identifier: keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:c1:ab:53:60:3c:61:1b:20:2b:dc:6d:f3:48:03:17:4f:a3: 7b:32:e9:cf:25:96:41:e6:da:3e:8d:b3:bf:0e:3c:b1:5a:f2: 5e:57:2a:aa:51:59:75:83:45:cf:c8:f1:af:0c:6a:0f:6a:38: d1:f9:b5:03:ab:0a:99:4e:0c:80:84:bf:11:5d:02:bd:2d:72: ca:83:53:8e:e1:b9:54:f1:99:68:ab:0c:59:3b:cf:21:06:ba: e6:da:b8:f2:14:7d:f2:cb:1e:43:9c:52:ca:5f:69:11:70:ef: 92:36:35:d2:5e:61:ba:86:0d:07:a5:b1:49:11:3d:97:5a:bd: c9:da:e3:82:b6:d2:61:60:56:0e:04:66:f2:bb:6f:29:34:c4: 43:f6:9b:e6:9b:1a:b3:75:ea:61:06:36:f2:80:c0:a6:4e:9b: 40:54:85:99:ca:3e:b9:88:f9:68:b9:1b:de:79:39:42:84:44: fd:38:0b:39:4a:6c:76:10:7d:ea:68:31:8b:99:be:87:11:8b: 34:1a:74:06:2d:de:5d:25:79:e2:42:a3:2b:52:76:29:fc:40: 06:a4:07:c7:0b:c6:56:f5:64:37:8e:77:25:5d:e2:03:26:29: 8f:dd:77:01:34:65:89:50:38:31:03:e2:7b:33:85:37:23:dc: 01:0e:7a:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHb6kupsJtZjWX8rNv23u1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2 NGRmNDgwHhcNMjUxMjIyMTkwMDU4WhcNMjUxMjIzMTkwMDU4WjAzMTEwLwYDVQQD EyhkNjcyMTEyZmRiNjljYzM3MmYyYmExMTIzZjdjNGNiNjQ0OTQ5MzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEL008CtWqTvjsJOlAAJf8PbFhBh sHFqoAyPnyH+EnT+MjP/LTrMQKvYIfiWPLKCzxurkb5Y6hajvN0nqVjyfxV4BiR9 xmuNtJGli/vOYszmjZl48FqLvlivRw9w8qPvAYYtBkDnur5b4ClW2Rh3J8D3Jzcv xksIplk+Pc3MOHHtb75U/1gP8w67A3EOJLOCyXI+Bh4USiEBDvgU2p3C5opoPkyP ICGZIhLdjtlpnY02D4vYqjbutNIh8zGAT+/pVR704m97y5A29DcHgKsmb7ld2n+C S/YYmOsK2xKzpplNqb1tp1LiFAt1p95A3SXZ7+riPcRb9ucfVF9YmpJMGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNZyES/bacw3LyuhEj98TLZElJNtMB8GA1UdIwQY MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABMGrU2A8 YRsgK9xt80gDF0+jezLpzyWWQebaPo2zvw48sVryXlcqqlFZdYNFz8jxrwxqD2o4 0fm1A6sKmU4MgIS/EV0CvS1yyoNTjuG5VPGZaKsMWTvPIQa65tq48hR98sseQ5xS yl9pEXDvkjY10l5huoYNB6WxSRE9l1q9ydrjgrbSYWBWDgRm8rtvKTTEQ/ab5psa s3XqYQY28oDApk6bQFSFmco+uYj5aLkb3nk5QoRE/TgLOUpsdhB96mgxi5m+hxGL NBp0Bi3eXSV54kKjK1J2KfxABqQHxwvGVvVkN453JV3iAyYpj913ATRliVA4MQPi ezOFNyPcAQ56RQ== -----END CERTIFICATE-----Generated at Mon Dec 22 20:48:53 2025 by rpki-client