This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.mft File: hpqzMEaGKrWEBeXpJ930EnLfxxQ.mft (raw, json) Hash identifier: QHgGvGH9k7hQtw/O8ftFlTfa+cEpGCfNal8AaaGX9mc= Subject key identifier: DF:05:40:27:3A:56:C3:C1:E9:34:B8:59:A4:7F:2E:AC:D3:04:72:B6 Authority key identifier: 86:9A:B3:30:46:86:2A:B5:84:05:E5:E9:27:DD:F4:12:72:DF:C7:14 Certificate issuer: /CN=869ab33046862ab58405e5e927ddf41272dfc714 Certificate serial: 019B32D63638FA7E07C6DED4EC7D3B5D492B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.mft Manifest number: 0574 Signing time: Thu 18 Dec 2025 19:00:57 +0000 Manifest this update: Thu 18 Dec 2025 19:00:57 +0000 Manifest next update: Fri 19 Dec 2025 19:00:57 +0000 Files and hashes: 1: hpqzMEaGKrWEBeXpJ930EnLfxxQ.crl (hash: 9sJ6zoadbHHBKkJ+AY0D4gkHMorI4Stv5gGMwiSfP5M=) 2: p8T_kCS-MYJ8fc4C7hUc5E1T1qg.roa (hash: CHS1S8lMOJ2pkxab6trVxWbo2qQA5JXICjYrqXb1IdY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:36:38:fa:7e:07:c6:de:d4:ec:7d:3b:5d:49:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=869ab33046862ab58405e5e927ddf41272dfc714 Validity Not Before: Dec 18 19:00:57 2025 GMT Not After : Dec 19 19:00:57 2025 GMT Subject: CN=df0540273a56c3c1e934b859a47f2eacd30472b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9a:2f:3b:d7:d9:eb:6a:b8:4f:7b:e7:b0:0f: 65:cb:c8:88:02:3e:1e:a7:1a:38:58:ff:58:60:f4: 30:df:04:6a:f8:a0:19:3e:b8:9f:a1:da:ee:7c:d1: 84:07:72:5b:22:32:b9:b9:37:b2:a0:99:40:1e:62: 36:60:fe:5a:29:7f:f1:26:c8:10:45:cd:0c:2e:98: 95:21:41:13:eb:58:c2:01:4f:74:4d:ce:b4:6f:92: d2:30:d3:bd:1d:e1:ec:10:1a:fe:33:c5:c7:44:21: c9:15:0b:8c:db:11:6b:6f:b3:3e:68:37:fb:cb:c7: 92:0c:07:80:f6:98:81:9b:65:9b:d9:09:31:4a:2a: f7:f7:58:c8:54:7f:fb:82:cf:5a:91:7c:03:22:e1: 52:f2:61:23:55:d4:c0:90:05:0c:a6:0e:f5:c7:17: a6:69:cc:87:5b:f9:3f:d8:b8:df:22:ec:d1:87:df: b5:52:9e:a2:cb:39:62:5a:a5:f6:a7:ac:3f:df:a1: d5:27:6d:50:ec:25:6f:13:8f:83:4b:ab:4b:20:8a: bc:91:89:50:d2:75:e8:88:97:d2:7d:8b:6c:bb:a3: a6:8f:f3:06:ba:cf:77:e9:af:f4:59:82:5c:79:8c: 24:bd:45:bc:23:e3:5d:2c:41:0d:c8:52:d8:db:dc: 1c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:05:40:27:3A:56:C3:C1:E9:34:B8:59:A4:7F:2E:AC:D3:04:72:B6 X509v3 Authority Key Identifier: keyid:86:9A:B3:30:46:86:2A:B5:84:05:E5:E9:27:DD:F4:12:72:DF:C7:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpqzMEaGKrWEBeXpJ930EnLfxxQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/f8e8e5-692b-40a9-b32f-394c47ff45ae/1/hpqzMEaGKrWEBeXpJ930EnLfxxQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:7e:46:ef:ad:02:ac:c5:16:ce:e5:3b:df:08:2a:b5:22:6d: 1a:28:e5:2e:af:b9:b6:4d:14:a9:a6:8c:65:27:fe:a9:10:0b: 80:9f:d5:21:79:19:ab:75:d5:bc:1a:36:2b:64:fb:92:8c:32: d5:6b:39:75:c5:9e:8c:9d:c8:fb:77:f8:31:1f:f5:31:42:89: 41:5f:4e:13:5d:b8:10:51:54:46:e0:94:f4:03:fa:6a:cc:bf: 84:42:58:2e:af:21:ac:b0:64:2a:6f:a5:37:6d:77:24:8d:81: 8a:f9:b8:ad:7a:d8:0c:f1:e0:28:d6:9a:11:9e:68:97:fe:c8: 72:0f:21:05:7c:58:59:89:40:1e:f6:0d:08:b9:b3:72:b8:7a: 19:72:ba:34:f0:6f:93:a6:ae:4a:5d:fa:5a:40:19:17:bd:85: 77:c4:68:b0:bc:9c:02:02:7f:02:30:06:45:7f:ea:16:12:05: bd:35:db:d0:a6:b3:83:88:93:f7:19:ed:bc:30:2c:57:62:68: 28:b3:dd:7e:fd:69:87:0d:81:c6:62:e6:83:3d:55:4e:a7:2f: 56:b4:3c:20:2c:be:4d:eb:fd:96:6d:01:ea:9c:5b:fa:61:f7: 32:6d:42:ad:0c:21:02:13:b2:d1:62:58:9c:47:e7:1c:26:82: 2e:03:66:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1jY4+n4Hxt7U7H07XUkrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OWFiMzMwNDY4NjJhYjU4NDA1ZTVlOTI3ZGRmNDEyNzJk ZmM3MTQwHhcNMjUxMjE4MTkwMDU3WhcNMjUxMjE5MTkwMDU3WjAzMTEwLwYDVQQD EyhkZjA1NDAyNzNhNTZjM2MxZTkzNGI4NTlhNDdmMmVhY2QzMDQ3MmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJovO9fZ62q4T3vnsA9ly8iIAj4e pxo4WP9YYPQw3wRq+KAZPrifodrufNGEB3JbIjK5uTeyoJlAHmI2YP5aKX/xJsgQ Rc0MLpiVIUET61jCAU90Tc60b5LSMNO9HeHsEBr+M8XHRCHJFQuM2xFrb7M+aDf7 y8eSDAeA9piBm2Wb2QkxSir391jIVH/7gs9akXwDIuFS8mEjVdTAkAUMpg71xxem acyHW/k/2LjfIuzRh9+1Up6iyzliWqX2p6w/36HVJ21Q7CVvE4+DS6tLIIq8kYlQ 0nXoiJfSfYtsu6Omj/MGus936a/0WYJceYwkvUW8I+NdLEENyFLY29wcFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN8FQCc6VsPB6TS4WaR/LqzTBHK2MB8GA1UdIwQY MBaAFIaaszBGhiq1hAXl6Sfd9BJy38cUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9mOGU4ZTUtNjkyYi00MGE5LWIzMmYt Mzk0YzQ3ZmY0NWFlLzEvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy9mOGU4ZTUtNjkyYi00MGE5LWIzMmYtMzk0YzQ3ZmY0NWFl LzEvaHBxek1FYUdLcldFQmVYcEo5MzBFbkxmeHhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN35G760C rMUWzuU73wgqtSJtGijlLq+5tk0UqaaMZSf+qRALgJ/VIXkZq3XVvBo2K2T7kowy 1Ws5dcWejJ3I+3f4MR/1MUKJQV9OE124EFFURuCU9AP6asy/hEJYLq8hrLBkKm+l N213JI2Bivm4rXrYDPHgKNaaEZ5ol/7Icg8hBXxYWYlAHvYNCLmzcrh6GXK6NPBv k6auSl36WkAZF72Fd8RosLycAgJ/AjAGRX/qFhIFvTXb0Kazg4iT9xntvDAsV2Jo KLPdfv1phw2BxmLmgz1VTqcvVrQ8ICy+Tev9lm0B6pxb+mH3Mm1CrQwhAhOy0WJY nEfnHCaCLgNmYg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:49:33 2025 by rpki-client