This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json) Hash identifier: gCmUpR7L6fkKkbyeZWz/ygJXbpHq2vDLYSfHjl3qrnE= Subject key identifier: 20:68:AC:73:68:B3:DA:AA:7E:CA:95:24:5B:CC:5A:F1:13:9F:E7:B2 Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a Certificate serial: 019B4A04830B2DA28AC1B98841D95AB17934 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft Manifest number: 128E Signing time: Tue 23 Dec 2025 07:02:48 +0000 Manifest this update: Tue 23 Dec 2025 07:02:48 +0000 Manifest next update: Wed 24 Dec 2025 07:02:48 +0000 Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: mJrb6W3QV8Dl3Ou5M9lO3gBq0A8sTfsar/tf816lvDU=) 2: qlhTst1KI05-IXjT0Jjp1aMzFfc.roa (hash: AXRjUWRMdXCLNCZlSVsLAGGspUQ5o0C4cdNp8OmuROM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:04:83:0b:2d:a2:8a:c1:b9:88:41:d9:5a:b1:79:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a Validity Not Before: Dec 23 07:02:48 2025 GMT Not After : Dec 24 07:02:48 2025 GMT Subject: CN=2068ac7368b3daaa7eca95245bcc5af1139fe7b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:93:25:39:a2:7d:7a:35:67:df:7e:83:8a:77: d4:f8:af:c9:42:7c:6a:8e:78:8d:69:bf:a9:c1:00: 07:9e:45:67:dc:55:da:fa:1e:de:0f:a7:7b:ea:e7: a4:6e:5c:ba:70:d1:d7:71:a5:ee:4e:2c:f8:86:35: 73:5d:c4:08:6d:31:e4:30:83:05:81:ef:0a:78:4f: e7:4f:21:c8:cb:6d:40:f3:30:b3:18:63:b0:9a:dd: 92:8a:92:4b:92:85:b1:1c:2d:fd:99:51:3b:85:75: 97:b2:a2:11:eb:bb:51:c7:48:81:45:c3:e9:6a:30: fa:1d:b5:04:b7:65:78:72:b2:ef:ff:aa:2e:40:5d: 23:84:a0:18:54:fe:70:15:b5:3e:b5:33:a4:30:56: 47:72:08:a0:34:5b:e3:bc:9a:d3:43:94:57:5a:56: ba:4e:08:de:0c:e4:c0:2c:75:fc:f4:a9:89:4d:76: 72:77:67:0f:65:91:4c:28:15:3c:0a:97:db:8d:88: bc:20:16:91:d6:f7:98:05:3d:a2:4d:8a:61:1e:82: ab:d7:0b:bf:bc:95:4f:8e:f8:41:40:f7:fd:fe:e0: d5:ae:ee:2d:79:18:71:bb:a1:15:b0:99:19:17:ec: f5:8e:8d:48:97:6e:c7:29:bf:96:3f:38:0d:e0:db: a1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:68:AC:73:68:B3:DA:AA:7E:CA:95:24:5B:CC:5A:F1:13:9F:E7:B2 X509v3 Authority Key Identifier: keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:03:2a:15:0b:e8:04:b3:eb:99:54:71:11:2b:5d:14:f7:14: 7c:da:07:72:4a:e9:c7:10:eb:9e:86:a1:93:88:35:98:65:3f: 9c:f8:c4:c3:e3:25:83:73:9c:50:de:fc:a2:3b:80:2d:ed:95: 02:88:41:4f:27:7c:8b:70:2b:0f:db:04:e8:b8:8c:90:c4:71: 66:71:75:3c:db:6b:d9:0b:00:28:5c:ed:00:bc:be:eb:db:92: 95:1e:63:9a:ec:6d:24:bc:01:99:33:c1:bb:86:f9:fc:c6:cb: f3:a3:37:8c:0e:b7:3b:19:80:67:01:9c:61:2d:34:a0:22:cc: 02:83:72:21:93:47:2f:3b:8f:46:ac:c6:b2:1a:df:14:2b:29: 1d:9f:56:35:38:c4:74:06:99:00:11:bd:c4:ef:29:2b:9a:4d: 25:b4:f1:6a:d9:6c:e4:56:0d:f5:0b:8e:85:19:bd:c7:96:b2: 54:fc:54:4e:58:0d:62:77:29:c3:89:bf:4e:c8:52:ea:c4:fa: 26:89:01:27:77:b0:e0:c1:9f:02:43:d3:0b:73:c4:33:ec:e1: 7c:f5:90:2b:2a:66:ee:85:03:92:75:ed:15:7b:f5:5d:28:fb: 04:b5:61:24:fc:d5:55:67:8f:f7:1c:5a:00:c5:63:6e:da:87: d7:7a:95:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKBIMLLaKKwbmIQdlasXk0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0 MTJmMmEwHhcNMjUxMjIzMDcwMjQ4WhcNMjUxMjI0MDcwMjQ4WjAzMTEwLwYDVQQD EygyMDY4YWM3MzY4YjNkYWFhN2VjYTk1MjQ1YmNjNWFmMTEzOWZlN2IyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZMlOaJ9ejVn336DinfU+K/JQnxq jniNab+pwQAHnkVn3FXa+h7eD6d76uekbly6cNHXcaXuTiz4hjVzXcQIbTHkMIMF ge8KeE/nTyHIy21A8zCzGGOwmt2SipJLkoWxHC39mVE7hXWXsqIR67tRx0iBRcPp ajD6HbUEt2V4crLv/6ouQF0jhKAYVP5wFbU+tTOkMFZHcgigNFvjvJrTQ5RXWla6 TgjeDOTALHX89KmJTXZyd2cPZZFMKBU8CpfbjYi8IBaR1veYBT2iTYphHoKr1wu/ vJVPjvhBQPf9/uDVru4teRhxu6EVsJkZF+z1jo1Il27HKb+WPzgN4NuhbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCBorHNos9qqfsqVJFvMWvETn+eyMB8GA1UdIwQY MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiwMqFQvo BLPrmVRxEStdFPcUfNoHckrpxxDrnoahk4g1mGU/nPjEw+Mlg3OcUN78ojuALe2V AohBTyd8i3ArD9sE6LiMkMRxZnF1PNtr2QsAKFztALy+69uSlR5jmuxtJLwBmTPB u4b5/MbL86M3jA63OxmAZwGcYS00oCLMAoNyIZNHLzuPRqzGshrfFCspHZ9WNTjE dAaZABG9xO8pK5pNJbTxatls5FYN9QuOhRm9x5ayVPxUTlgNYncpw4m/TshS6sT6 JokBJ3ew4MGfAkPTC3PEM+zhfPWQKypm7oUDknXtFXv1XSj7BLVhJPzVVWeP9xxa AMVjbtqH13qVBw== -----END CERTIFICATE-----Generated at Tue Dec 23 16:45:48 2025 by rpki-client