This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json) Hash identifier: kx94gIzWvduEH25u/Na37/jrhw8dEIbzyULFrcERBic= Subject key identifier: 7F:92:7B:34:24:CC:83:C3:72:EA:3D:57:FB:75:78:EA:92:D5:84:08 Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1 Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1 Certificate serial: 019B5A51D5FF2638D7867A36E0534DE10396 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft Manifest number: 13BD Signing time: Fri 26 Dec 2025 11:01:11 +0000 Manifest this update: Fri 26 Dec 2025 11:01:11 +0000 Manifest next update: Sat 27 Dec 2025 11:01:11 +0000 Files and hashes: 1: CSj4rvQmRyDsyaDEw0jstidXLzo.roa (hash: 3pSnEcRnf/ULKrT/Poc1HoH7UgR2xUCZ7SNrN3hfNmI=) 2: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: iyRwf3AzfohisVe9r86EL07C7jSGmDEszGQUgJKZHl8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:d5:ff:26:38:d7:86:7a:36:e0:53:4d:e1:03:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1 Validity Not Before: Dec 26 11:01:11 2025 GMT Not After : Dec 27 11:01:11 2025 GMT Subject: CN=7f927b3424cc83c372ea3d57fb7578ea92d58408 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:11:76:47:17:8f:2a:7d:d7:80:4a:7c:32:e6: 5c:10:ab:73:d0:ce:23:b0:ee:82:ce:cd:50:f8:78: df:3b:cc:77:17:a9:24:58:2a:5b:86:f5:10:d6:d8: aa:d3:65:ca:71:cd:7f:9c:5e:68:7b:4e:c4:a0:7e: f3:7f:c9:7d:8b:31:95:b6:bd:bc:ed:c5:43:79:f4: a8:35:05:36:2f:85:ff:fb:e4:ea:46:50:e3:0d:b9: 51:18:2e:f1:33:bc:ad:85:c1:f8:f7:9d:27:83:7a: c0:2c:96:b7:a1:30:ca:87:24:24:89:b7:b2:95:86: 70:8e:0d:c3:82:34:93:88:29:cc:ea:f3:e9:4c:39: 7f:e6:13:f1:d0:ab:f6:1e:f7:b5:89:d0:53:dc:cd: e6:04:f9:20:b1:25:60:44:ce:ec:e5:da:4a:f0:c8: c5:b4:1f:93:8d:92:81:1e:f9:dd:35:21:2d:be:1a: e6:a7:98:d1:9e:5f:fa:52:ac:71:59:94:6b:e4:89: 79:76:dc:41:1c:ad:88:4f:30:a1:2f:c4:a9:fc:24: e3:c7:74:4c:da:a1:4c:f8:16:b8:1c:50:8e:64:50: aa:66:77:f6:2b:18:c3:27:cb:9b:60:ad:ac:49:89: 92:bf:08:48:10:3b:cc:20:74:31:14:b5:27:47:34: f5:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:92:7B:34:24:CC:83:C3:72:EA:3D:57:FB:75:78:EA:92:D5:84:08 X509v3 Authority Key Identifier: keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:50:95:47:c4:45:c5:15:b5:2e:1e:da:81:13:17:ad:44:2b: 76:11:5c:63:6e:87:34:0e:43:1d:1f:80:32:49:fb:6c:3c:61: 6e:51:a2:5a:3b:54:0f:46:32:e9:30:ad:b2:67:76:b4:f3:81: c3:81:60:47:ce:88:2b:b9:3a:44:43:6e:cc:ab:13:d0:a2:7f: 3c:90:29:97:1e:d7:77:44:dd:3e:0c:6a:71:d1:15:c6:5f:be: 25:f5:0b:4f:7e:3e:ec:c5:0c:4a:c2:59:9d:0e:5e:90:32:30: 7f:73:79:ed:39:15:ec:de:d8:60:65:3f:f4:fa:61:ef:f0:7d: fb:24:91:a1:e1:dd:90:51:f1:48:37:37:bc:40:b3:6a:2a:05: f5:dd:7d:89:08:75:3e:a0:79:64:d6:99:7a:85:8f:ca:26:f1: 23:1a:43:22:60:d7:49:63:ef:72:ec:06:b3:1c:96:8a:6e:b8: 12:bb:30:1b:86:ed:bb:a5:34:ae:63:cc:04:a6:6c:f5:ec:5c: 20:38:d7:4a:ea:47:07:e1:39:2b:1d:80:38:b7:81:bc:f2:78: 42:3c:eb:88:c2:ef:43:23:6b:98:e1:8b:a0:0c:09:f8:a8:83: af:d3:e1:ee:9f:6f:d7:ea:f4:56:29:17:01:95:45:da:39:6f: 50:b8:1a:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUdX/JjjXhno24FNN4QOWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy OTcwYjEwHhcNMjUxMjI2MTEwMTExWhcNMjUxMjI3MTEwMTExWjAzMTEwLwYDVQQD Eyg3ZjkyN2IzNDI0Y2M4M2MzNzJlYTNkNTdmYjc1NzhlYTkyZDU4NDA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xF2RxePKn3XgEp8MuZcEKtz0M4j sO6Czs1Q+HjfO8x3F6kkWCpbhvUQ1tiq02XKcc1/nF5oe07EoH7zf8l9izGVtr28 7cVDefSoNQU2L4X/++TqRlDjDblRGC7xM7ythcH4950ng3rALJa3oTDKhyQkibey lYZwjg3DgjSTiCnM6vPpTDl/5hPx0Kv2Hve1idBT3M3mBPkgsSVgRM7s5dpK8MjF tB+TjZKBHvndNSEtvhrmp5jRnl/6UqxxWZRr5Il5dtxBHK2ITzChL8Sp/CTjx3RM 2qFM+Ba4HFCOZFCqZnf2KxjDJ8ubYK2sSYmSvwhIEDvMIHQxFLUnRzT1iQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH+SezQkzIPDcuo9V/t1eOqS1YQIMB8GA1UdIwQY MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVCVR8RF xRW1Lh7agRMXrUQrdhFcY26HNA5DHR+AMkn7bDxhblGiWjtUD0Yy6TCtsmd2tPOB w4FgR86IK7k6RENuzKsT0KJ/PJAplx7Xd0TdPgxqcdEVxl++JfULT34+7MUMSsJZ nQ5ekDIwf3N57TkV7N7YYGU/9Pph7/B9+ySRoeHdkFHxSDc3vECzaioF9d19iQh1 PqB5ZNaZeoWPyibxIxpDImDXSWPvcuwGsxyWim64ErswG4btu6U0rmPMBKZs9exc IDjXSupHB+E5Kx2AOLeBvPJ4QjzriMLvQyNrmOGLoAwJ+KiDr9Ph7p9v1+r0VikX AZVF2jlvULgaqg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:41 2025 by rpki-client