This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft File: HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json) Hash identifier: rMSIwGBPF0tEnJAlJCMjEB9e1gHHNbNSw7wH38NtXuA= Subject key identifier: 32:52:16:02:F7:47:B7:20:44:94:46:2E:EC:ED:B6:A8:E4:B1:3B:51 Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17 Certificate issuer: /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317 Certificate serial: 019B5A515C9432FFCA8A10532C17EB91F323 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft Manifest number: 07D7 Signing time: Fri 26 Dec 2025 11:00:39 +0000 Manifest this update: Fri 26 Dec 2025 11:00:39 +0000 Manifest next update: Sat 27 Dec 2025 11:00:39 +0000 Files and hashes: 1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: 1rr/nmtvU9A66XzLjaH192jzpFOtZR15s4ix5vade7E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:5c:94:32:ff:ca:8a:10:53:2c:17:eb:91:f3:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317 Validity Not Before: Dec 26 11:00:39 2025 GMT Not After : Dec 27 11:00:39 2025 GMT Subject: CN=32521602f747b7204494462eecedb6a8e4b13b51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:82:2d:99:15:01:1e:92:7e:2f:fb:b9:07:9b: 36:fd:7f:02:c1:1d:56:d2:83:94:f2:10:e2:40:70: 94:6f:51:df:1a:b5:24:8e:93:83:7f:2f:ab:e2:2a: 77:33:32:8a:a6:24:81:dc:87:ec:54:1e:bc:f5:9d: 41:04:dd:39:42:e1:49:b1:ff:e0:68:76:0b:7e:1f: a6:b5:9e:40:4d:ab:65:e1:54:3c:c0:6b:2e:1e:44: b9:1f:9a:36:54:1e:84:fa:de:7e:b5:93:77:7f:31: 64:e1:1b:43:3b:f8:c3:2f:8a:e7:09:f8:c1:50:3b: 8d:ab:d0:07:7f:86:14:4f:d2:ff:95:16:9f:87:92: 19:ec:d5:17:2e:dd:96:81:4c:d3:f6:a3:78:d9:5c: 16:fb:dd:02:4b:1e:b0:9b:a0:89:27:c8:9b:fa:6c: 6a:0a:70:4f:e0:00:2a:c5:d4:f1:c6:f9:43:c4:2e: ed:ca:1e:88:31:cf:bf:41:60:72:36:b4:1a:fb:6b: 0b:b2:15:37:4b:65:e5:b8:4e:4d:fc:5c:73:2c:28: 2d:e2:68:4d:91:73:38:22:20:83:28:c7:73:a1:91: c3:52:d3:b4:9b:3e:e4:92:3e:6f:b7:c5:53:1f:d4: 6f:c0:7c:57:1c:0a:54:c1:10:e7:d1:5d:66:1a:68: 93:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:52:16:02:F7:47:B7:20:44:94:46:2E:EC:ED:B6:A8:E4:B1:3B:51 X509v3 Authority Key Identifier: keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:1c:bd:f3:dc:9d:f0:ab:7d:d0:76:22:10:67:eb:34:24:60: 1f:56:e3:4e:62:1e:bd:9c:18:33:d7:31:84:c3:06:a3:81:c3: 48:4b:51:f1:54:55:86:22:4c:67:1e:38:24:7f:72:ba:06:fa: d0:91:66:b0:34:87:4f:ee:8c:48:64:4f:63:d1:4d:e6:a7:d1: 6d:20:29:a6:e0:96:3a:af:9a:2d:53:a6:9c:bf:33:95:da:95: 56:b5:ab:ac:81:7e:fe:32:70:8e:80:ec:e7:92:0a:2d:09:ec: ff:97:6b:ac:1d:c1:bd:6d:c2:c2:c8:71:ba:58:3a:ca:59:7b: 17:b0:72:21:2c:27:72:30:10:bb:85:18:27:d5:d6:2d:ac:bd: a8:e4:57:ad:a5:bb:11:65:f6:18:3d:42:b9:a8:6e:83:e8:fe: 65:ae:2f:18:8c:23:68:61:9e:ff:f8:84:1a:2d:38:ba:00:65: 25:32:52:58:6b:3f:35:e3:77:1d:8e:f6:6b:62:5a:f7:1c:a1: 0f:e4:35:9e:ff:a7:63:18:ea:0c:ec:cd:41:4a:08:9f:9a:89: 57:c2:de:a3:50:48:ca:c1:e8:42:88:5d:eb:e9:83:f0:a7:0a: a6:f1:2b:3e:e0:73:bb:b6:5d:cf:cd:fa:bb:2f:66:90:4c:be: 4e:73:66:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUVyUMv/KihBTLBfrkfMjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy YzYzMTcwHhcNMjUxMjI2MTEwMDM5WhcNMjUxMjI3MTEwMDM5WjAzMTEwLwYDVQQD EygzMjUyMTYwMmY3NDdiNzIwNDQ5NDQ2MmVlY2VkYjZhOGU0YjEzYjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIItmRUBHpJ+L/u5B5s2/X8CwR1W 0oOU8hDiQHCUb1HfGrUkjpODfy+r4ip3MzKKpiSB3IfsVB689Z1BBN05QuFJsf/g aHYLfh+mtZ5ATatl4VQ8wGsuHkS5H5o2VB6E+t5+tZN3fzFk4RtDO/jDL4rnCfjB UDuNq9AHf4YUT9L/lRafh5IZ7NUXLt2WgUzT9qN42VwW+90CSx6wm6CJJ8ib+mxq CnBP4AAqxdTxxvlDxC7tyh6IMc+/QWByNrQa+2sLshU3S2XluE5N/FxzLCgt4mhN kXM4IiCDKMdzoZHDUtO0mz7kkj5vt8VTH9RvwHxXHApUwRDn0V1mGmiTzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDJSFgL3R7cgRJRGLuzttqjksTtRMB8GA1UdIwQY MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBy989yd 8Kt90HYiEGfrNCRgH1bjTmIevZwYM9cxhMMGo4HDSEtR8VRVhiJMZx44JH9yugb6 0JFmsDSHT+6MSGRPY9FN5qfRbSAppuCWOq+aLVOmnL8zldqVVrWrrIF+/jJwjoDs 55IKLQns/5drrB3BvW3Cwshxulg6yll7F7ByISwncjAQu4UYJ9XWLay9qORXraW7 EWX2GD1Cuahug+j+Za4vGIwjaGGe//iEGi04ugBlJTJSWGs/NeN3HY72a2Ja9xyh D+Q1nv+nYxjqDOzNQUoIn5qJV8Leo1BIysHoQohd6+mD8KcKpvErPuBzu7Zdz836 uy9mkEy+TnNm/Q== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:53 2025 by rpki-client