This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft File: hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json) Hash identifier: 9co1MB/Y5W2vGM/wsYt20vxkzV5oTHoBYoUThbKPI34= Subject key identifier: 41:C7:8A:AD:37:59:C8:F5:13:62:36:A3:02:B1:9C:F4:F0:89:5F:C5 Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 Certificate issuer: /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Certificate serial: 019B1FF4002DF333F66F095711CBD47CFDD5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft Manifest number: 0B20 Signing time: Mon 15 Dec 2025 03:00:43 +0000 Manifest this update: Mon 15 Dec 2025 03:00:43 +0000 Manifest next update: Tue 16 Dec 2025 03:00:43 +0000 Files and hashes: 1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: JxuETGvnTvVYisPOZ0F71f70Fv81yU56w0MpsVpe6B0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 03:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:f4:00:2d:f3:33:f6:6f:09:57:11:cb:d4:7c:fd:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Validity Not Before: Dec 15 03:00:43 2025 GMT Not After : Dec 16 03:00:43 2025 GMT Subject: CN=41c78aad3759c8f5136236a302b19cf4f0895fc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:66:e1:0f:3b:52:d9:cc:4b:75:2d:a7:54:c1: 6d:33:ab:9a:ce:33:f5:6b:09:1e:c3:6b:32:9f:8b: 69:9a:54:05:41:85:57:34:59:a9:e2:4b:3d:8d:d5: 85:47:e3:8f:c3:f6:6f:a0:b0:bf:09:9e:ca:86:6f: b2:93:ae:d8:cc:fa:38:82:2a:28:8f:f7:cc:f0:c3: cc:7d:93:6b:d7:ad:a6:4e:6d:6c:44:a6:24:06:fc: 3a:fb:dc:43:cc:d1:95:30:6d:6a:d2:d1:90:70:18: 1b:aa:56:3f:a0:20:f2:2d:c8:cb:9d:94:10:a7:81: d9:93:d5:22:00:bc:91:63:cc:35:22:ec:85:1f:3e: 16:2f:8a:75:44:48:1d:12:41:93:c0:de:42:07:fb: 88:c6:57:20:4a:e8:e2:45:f3:fe:82:6c:69:e4:ec: d3:b9:f2:cc:3e:f3:1c:ea:75:8f:60:56:2f:e1:1f: d3:90:f7:9b:d5:33:58:65:7f:d9:da:26:72:db:a6: a1:13:19:bd:10:d2:c5:89:05:3e:86:61:5f:0b:0e: e0:bd:4c:9b:b8:2d:68:f3:1e:a4:fd:02:23:11:a8: 82:42:4f:38:4e:2a:b7:ea:af:80:f6:c7:c9:35:1c: 5a:05:71:ec:a5:b5:a9:d8:0a:e8:0f:56:66:bc:92: 9b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:C7:8A:AD:37:59:C8:F5:13:62:36:A3:02:B1:9C:F4:F0:89:5F:C5 X509v3 Authority Key Identifier: keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:c3:7a:df:cf:3c:1d:d3:09:23:01:f7:21:c5:ca:b6:93:bd: 37:ec:c2:82:ef:51:91:89:1b:2d:48:4a:0c:37:10:d1:b5:c1: a4:9e:b8:41:00:79:c8:e4:e8:79:5a:fa:b9:57:71:d3:f6:75: b2:ec:80:86:26:35:a7:27:f7:95:c0:04:de:fb:28:5b:be:35: 03:47:31:54:ca:c4:d9:4b:54:7a:9a:fd:64:a0:c4:4b:38:6f: 14:5e:a5:ae:59:9e:9d:c6:bf:fd:1a:76:af:b3:bb:31:83:8e: 0c:04:76:d0:78:d7:e9:99:49:7c:e9:a7:a9:3d:b6:8b:e7:de: e0:07:96:97:08:98:32:2c:97:a5:22:75:51:b9:94:a7:73:ae: 5e:03:db:6b:8e:39:18:28:44:a9:34:96:78:3b:51:6e:90:c0: a8:9e:05:73:aa:85:fc:4d:a7:12:48:06:74:f0:5c:9f:7e:a6: 24:ec:f3:e9:9d:63:83:50:3e:89:33:b3:f4:e0:8f:75:01:1b: 84:42:05:bc:8f:19:cd:27:fa:3a:a7:13:e3:5a:50:ef:b5:ae: 1b:36:a0:9c:69:a2:9b:ed:08:f7:fe:30:39:52:2f:5b:ba:4f: db:7e:a0:cd:52:21:91:c6:44:f5:0e:f2:3f:86:96:97:86:5c: 56:45:65:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsf9AAt8zP2bwlXEcvUfP3VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx YmZlMzMwHhcNMjUxMjE1MDMwMDQzWhcNMjUxMjE2MDMwMDQzWjAzMTEwLwYDVQQD Eyg0MWM3OGFhZDM3NTljOGY1MTM2MjM2YTMwMmIxOWNmNGYwODk1ZmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWbhDztS2cxLdS2nVMFtM6uazjP1 awkew2syn4tpmlQFQYVXNFmp4ks9jdWFR+OPw/ZvoLC/CZ7Khm+yk67YzPo4gioo j/fM8MPMfZNr162mTm1sRKYkBvw6+9xDzNGVMG1q0tGQcBgbqlY/oCDyLcjLnZQQ p4HZk9UiALyRY8w1IuyFHz4WL4p1REgdEkGTwN5CB/uIxlcgSujiRfP+gmxp5OzT ufLMPvMc6nWPYFYv4R/TkPeb1TNYZX/Z2iZy26ahExm9ENLFiQU+hmFfCw7gvUyb uC1o8x6k/QIjEaiCQk84Tiq36q+A9sfJNRxaBXHspbWp2AroD1ZmvJKbDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEHHiq03Wcj1E2I2owKxnPTwiV/FMB8GA1UdIwQY MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8N63888 HdMJIwH3IcXKtpO9N+zCgu9RkYkbLUhKDDcQ0bXBpJ64QQB5yOToeVr6uVdx0/Z1 suyAhiY1pyf3lcAE3vsoW741A0cxVMrE2UtUepr9ZKDESzhvFF6lrlmenca//Rp2 r7O7MYOODAR20HjX6ZlJfOmnqT22i+fe4AeWlwiYMiyXpSJ1UbmUp3OuXgPba445 GChEqTSWeDtRbpDAqJ4Fc6qF/E2nEkgGdPBcn36mJOzz6Z1jg1A+iTOz9OCPdQEb hEIFvI8ZzSf6OqcT41pQ77WuGzagnGmim+0I9/4wOVIvW7pP236gzVIhkcZE9Q7y P4aWl4ZcVkVlfA== -----END CERTIFICATE-----Generated at Mon Dec 15 13:13:20 2025 by rpki-client