This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft File: HzPIww-60mD0qd98O1IGahp7TtU.mft (raw, json) Hash identifier: SiX8XSjzB+fWeWbFXLLmfwE+uhpMbtw+AUIuSAB2uGk= Subject key identifier: 3F:30:9A:6E:C5:78:C9:41:10:9A:A3:2A:4B:2F:86:35:57:35:52:DF Authority key identifier: 1F:33:C8:C3:0F:BA:D2:60:F4:A9:DF:7C:3B:52:06:6A:1A:7B:4E:D5 Certificate issuer: /CN=1f33c8c30fbad260f4a9df7c3b52066a1a7b4ed5 Certificate serial: 019B5A513F31D83895D9ACD20978CA16BE5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzPIww-60mD0qd98O1IGahp7TtU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft Manifest number: 0156 Signing time: Fri 26 Dec 2025 11:00:32 +0000 Manifest this update: Fri 26 Dec 2025 11:00:32 +0000 Manifest next update: Sat 27 Dec 2025 11:00:32 +0000 Files and hashes: 1: HzPIww-60mD0qd98O1IGahp7TtU.crl (hash: WvQDuUpNuI8zAmZcf4I2aDOaPEDQoMRDn3puK8X9/z4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft rsync://rpki.ripe.net/repository/DEFAULT/HzPIww-60mD0qd98O1IGahp7TtU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:3f:31:d8:38:95:d9:ac:d2:09:78:ca:16:be:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f33c8c30fbad260f4a9df7c3b52066a1a7b4ed5 Validity Not Before: Dec 26 11:00:32 2025 GMT Not After : Dec 27 11:00:32 2025 GMT Subject: CN=3f309a6ec578c941109aa32a4b2f8635573552df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c8:89:03:06:24:7b:15:ee:70:a5:c0:4d:36: 66:be:cd:97:3e:b0:bc:af:49:b4:bb:47:58:a1:99: ee:b7:6f:7b:22:a1:65:13:80:6e:23:fb:fd:f8:d0: 2f:09:2a:e5:ee:b5:f1:b1:a2:9f:a5:82:d2:4b:7a: 92:eb:b9:df:ad:9e:33:8e:a0:5c:f3:c9:8d:16:66: 59:cf:bf:34:97:c4:50:02:2d:6f:1e:dc:61:66:da: 12:21:94:9d:2a:4a:b7:f1:c1:91:73:11:6b:d9:cb: 19:32:72:f1:92:de:a0:6b:78:76:3e:71:0a:ed:35: a8:0a:c7:e5:c3:77:37:af:79:37:6b:ed:13:8c:32: db:32:50:80:b3:da:37:1a:04:33:56:5b:9c:2f:47: 7a:7d:6e:a2:84:99:e8:a0:a2:1b:45:13:b5:1c:0b: ce:7e:c0:26:8d:ae:c7:e9:a1:2b:fb:44:7b:97:99: 4b:a0:a2:72:e8:39:cd:ad:c0:da:fc:a8:17:f8:41: 7b:25:86:c2:f7:6d:1e:5a:5c:85:86:2f:5d:da:b9: 4a:00:2c:37:9d:82:2f:30:b4:14:de:0e:87:c8:e4: f7:38:dd:2c:e8:8d:64:ba:26:71:08:6f:4d:ee:4a: 9f:51:bb:1b:06:6e:5b:9f:a9:13:bf:56:af:24:b2: fb:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:30:9A:6E:C5:78:C9:41:10:9A:A3:2A:4B:2F:86:35:57:35:52:DF X509v3 Authority Key Identifier: keyid:1F:33:C8:C3:0F:BA:D2:60:F4:A9:DF:7C:3B:52:06:6A:1A:7B:4E:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzPIww-60mD0qd98O1IGahp7TtU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/eade98-4e1d-4c98-8509-134415fe15d0/1/HzPIww-60mD0qd98O1IGahp7TtU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:dc:86:42:e4:5b:87:0b:63:1f:78:c7:e5:4b:a7:e5:d9:18: c5:92:9f:71:2e:99:9b:fe:2e:68:30:e9:6d:97:8e:f7:39:97: 25:7f:e3:0d:76:62:f6:d0:9d:c0:b4:69:d9:37:9c:f9:eb:6f: 7e:93:cb:01:3b:56:dc:ec:31:28:1f:4a:f9:94:7c:42:fe:e2: 5b:f3:d7:f5:e8:b4:77:b0:54:5b:b1:9c:de:b5:2e:8b:ff:b6: 6a:47:dc:35:3a:86:81:09:2b:39:cb:e0:87:d6:59:81:e4:54: 7a:81:c8:9e:ab:2f:a9:fe:ca:d1:5f:74:cd:34:2f:67:b9:cd: 2a:e4:b9:e2:8b:2a:b3:ef:e5:32:95:55:06:e0:22:3a:14:fe: da:eb:52:76:7f:09:c9:ba:b5:b5:26:0d:17:6e:7f:15:22:8d: 43:d6:bd:90:15:12:8f:23:f5:a9:0f:a0:62:1d:a2:96:68:ec: f6:87:95:eb:85:69:d0:f4:5c:86:79:29:28:d6:b7:15:fe:b7: 2b:44:d0:6e:e6:e5:5e:73:ec:12:94:19:40:91:2a:44:97:8f: b9:4e:16:a8:53:d2:9d:59:2b:8b:66:70:49:7f:00:06:c0:7a: 85:88:b7:72:46:d0:a6:f3:6a:be:3a:ab:be:fd:79:94:5e:50: 67:5f:9d:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUT8x2DiV2azSCXjKFr5cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzNjOGMzMGZiYWQyNjBmNGE5ZGY3YzNiNTIwNjZhMWE3 YjRlZDUwHhcNMjUxMjI2MTEwMDMyWhcNMjUxMjI3MTEwMDMyWjAzMTEwLwYDVQQD EygzZjMwOWE2ZWM1NzhjOTQxMTA5YWEzMmE0YjJmODYzNTU3MzU1MmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsiJAwYkexXucKXATTZmvs2XPrC8 r0m0u0dYoZnut297IqFlE4BuI/v9+NAvCSrl7rXxsaKfpYLSS3qS67nfrZ4zjqBc 88mNFmZZz780l8RQAi1vHtxhZtoSIZSdKkq38cGRcxFr2csZMnLxkt6ga3h2PnEK 7TWoCsflw3c3r3k3a+0TjDLbMlCAs9o3GgQzVlucL0d6fW6ihJnooKIbRRO1HAvO fsAmja7H6aEr+0R7l5lLoKJy6DnNrcDa/KgX+EF7JYbC920eWlyFhi9d2rlKACw3 nYIvMLQU3g6HyOT3ON0s6I1kuiZxCG9N7kqfUbsbBm5bn6kTv1avJLL7ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD8wmm7FeMlBEJqjKksvhjVXNVLfMB8GA1UdIwQY MBaAFB8zyMMPutJg9KnffDtSBmoae07VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpQSXd3LTYwbUQwcWQ5OE8xSUdhaHA3VHRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9lYWRlOTgtNGUxZC00Yzk4LTg1MDkt MTM0NDE1ZmUxNWQwLzEvSHpQSXd3LTYwbUQwcWQ5OE8xSUdhaHA3VHRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS9lYWRlOTgtNGUxZC00Yzk4LTg1MDktMTM0NDE1ZmUxNWQw LzEvSHpQSXd3LTYwbUQwcWQ5OE8xSUdhaHA3VHRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABNyGQuRb hwtjH3jH5Uun5dkYxZKfcS6Zm/4uaDDpbZeO9zmXJX/jDXZi9tCdwLRp2Tec+etv fpPLATtW3OwxKB9K+ZR8Qv7iW/PX9ei0d7BUW7Gc3rUui/+2akfcNTqGgQkrOcvg h9ZZgeRUeoHInqsvqf7K0V90zTQvZ7nNKuS54osqs+/lMpVVBuAiOhT+2utSdn8J ybq1tSYNF25/FSKNQ9a9kBUSjyP1qQ+gYh2ilmjs9oeV64Vp0PRchnkpKNa3Ff63 K0TQbublXnPsEpQZQJEqRJePuU4WqFPSnVkri2ZwSX8ABsB6hYi3ckbQpvNqvjqr vv15lF5QZ1+d3A== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:26 2025 by rpki-client