This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft File: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json) Hash identifier: PfGQuQIilpJXjnSvBXTnlHTt2sBC7C+RmelHcdxQpn8= Subject key identifier: 5C:28:00:A0:80:03:E8:29:D7:2C:D3:C3:55:5E:B3:73:BD:7F:55:03 Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE Certificate issuer: /CN=8649aa4b328735536d27c168cdbf4ea177701dce Certificate serial: 019B4392A8F494E18686C535EC7C3D49529B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft Manifest number: 1789 Signing time: Mon 22 Dec 2025 01:00:43 +0000 Manifest this update: Mon 22 Dec 2025 01:00:43 +0000 Manifest next update: Tue 23 Dec 2025 01:00:43 +0000 Files and hashes: 1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: KEVpOZFJY4BgkcqagpvncB25bJby6Q2otqHfEFy6PFE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:a8:f4:94:e1:86:86:c5:35:ec:7c:3d:49:52:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce Validity Not Before: Dec 22 01:00:43 2025 GMT Not After : Dec 23 01:00:43 2025 GMT Subject: CN=5c2800a08003e829d72cd3c3555eb373bd7f5503 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:24:18:2f:d1:ec:9b:e2:a9:96:5e:8c:7f:ab: 36:74:bf:77:1a:c0:43:03:d2:db:95:1c:ae:63:24: 87:ef:e5:0a:ff:73:38:b9:96:9d:f9:15:3c:b2:93: b9:75:d0:8e:25:29:b7:2a:4e:f9:df:21:60:ae:95: 8b:0f:37:bd:6c:e3:1f:39:0e:5c:98:20:3a:ca:26: 76:9b:80:2e:a7:aa:8d:64:90:a5:98:52:c7:3d:20: ab:16:72:5f:34:02:34:83:00:c6:70:df:f1:b7:d8: 14:50:ec:1b:85:72:4e:68:ea:88:62:57:6a:a7:c8: 6a:7e:ab:f7:91:2f:27:04:21:99:76:e4:fd:ce:c0: 01:9b:78:ba:ea:b1:16:15:04:8c:0f:0b:66:b3:90: bb:ae:88:0f:75:22:ca:56:b4:ad:5d:2e:0c:6a:9e: 2d:83:e7:1c:dc:4a:e2:52:48:18:d7:57:7e:a2:1f: 34:dd:cd:c3:1a:99:2f:cf:3e:5e:93:6b:ff:b6:5d: 2f:92:33:d5:c4:7e:a2:aa:24:6b:ed:31:ad:ad:83: 03:cf:10:29:3a:83:82:f1:2e:70:b4:23:6c:be:65: 81:d7:ba:07:81:c4:32:35:b3:1f:58:16:c5:91:4d: 31:45:71:85:0f:b2:9a:45:2b:eb:45:00:fd:35:79: ab:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:28:00:A0:80:03:E8:29:D7:2C:D3:C3:55:5E:B3:73:BD:7F:55:03 X509v3 Authority Key Identifier: keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:98:84:26:23:a5:27:ec:50:c6:8c:71:c3:fe:c7:f8:8f:bf: 8d:46:52:8c:58:c8:19:c5:4b:82:e6:c2:22:9b:81:75:46:45: 33:31:c0:de:da:34:90:db:ec:96:01:67:04:bc:bb:68:2d:51: c9:e6:46:fe:98:a3:d8:61:dd:c2:9f:34:74:25:b5:1d:de:8e: 46:78:d0:42:08:7e:60:7e:c0:4d:4a:33:5f:e6:fe:91:7c:71: f2:83:f1:fa:17:dd:07:82:76:41:bc:4f:31:5d:ec:2f:26:b5: e3:66:24:43:22:6c:36:29:ad:36:e5:12:e7:0c:9a:93:78:37: 93:15:87:a4:75:56:38:9c:48:26:84:1a:7a:11:d5:a9:c2:a7: 5f:90:11:ac:8a:e7:be:5c:57:f4:df:31:2c:78:2b:1e:cd:7c: e2:32:03:22:2b:08:40:0f:85:f9:5d:b6:37:b7:26:3f:e0:8d: 8c:66:3e:52:6c:f2:ee:3b:7d:36:8b:bd:a8:94:15:0c:a9:26: c5:db:89:cb:cd:d7:c3:c1:22:94:71:aa:7c:b9:9f:0c:7a:5f: 55:05:89:3d:66:95:f2:a4:eb:7c:5b:54:a1:bc:8d:55:4d:ad: f1:2a:2a:0a:2d:c8:27:0b:14:d9:e4:49:c2:c7:12:51:67:db: cd:f1:54:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkqj0lOGGhsU17Hw9SVKbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3 MDFkY2UwHhcNMjUxMjIyMDEwMDQzWhcNMjUxMjIzMDEwMDQzWjAzMTEwLwYDVQQD Eyg1YzI4MDBhMDgwMDNlODI5ZDcyY2QzYzM1NTVlYjM3M2JkN2Y1NTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SQYL9Hsm+Kpll6Mf6s2dL93GsBD A9LblRyuYySH7+UK/3M4uZad+RU8spO5ddCOJSm3Kk753yFgrpWLDze9bOMfOQ5c mCA6yiZ2m4Aup6qNZJClmFLHPSCrFnJfNAI0gwDGcN/xt9gUUOwbhXJOaOqIYldq p8hqfqv3kS8nBCGZduT9zsABm3i66rEWFQSMDwtms5C7rogPdSLKVrStXS4Map4t g+cc3EriUkgY11d+oh803c3DGpkvzz5ek2v/tl0vkjPVxH6iqiRr7TGtrYMDzxAp OoOC8S5wtCNsvmWB17oHgcQyNbMfWBbFkU0xRXGFD7KaRSvrRQD9NXmrWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFwoAKCAA+gp1yzTw1Ves3O9f1UDMB8GA1UdIwQY MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0 LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZiEJiOl J+xQxoxxw/7H+I+/jUZSjFjIGcVLgubCIpuBdUZFMzHA3to0kNvslgFnBLy7aC1R yeZG/pij2GHdwp80dCW1Hd6ORnjQQgh+YH7ATUozX+b+kXxx8oPx+hfdB4J2QbxP MV3sLya142YkQyJsNimtNuUS5wyak3g3kxWHpHVWOJxIJoQaehHVqcKnX5ARrIrn vlxX9N8xLHgrHs184jIDIisIQA+F+V22N7cmP+CNjGY+Umzy7jt9Nou9qJQVDKkm xduJy83Xw8EilHGqfLmfDHpfVQWJPWaV8qTrfFtUobyNVU2t8SoqCi3IJwsU2eRJ wscSUWfbzfFUzA== -----END CERTIFICATE-----Generated at Mon Dec 22 05:32:50 2025 by rpki-client