This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft File: HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json) Hash identifier: Aj9O8btr02ATT/ZvPvUz0tpvYUVAIkqB4k2J758d0No= Subject key identifier: 6A:79:AD:7E:6B:FD:54:91:3E:4E:1C:8D:E2:DE:93:61:5E:00:CB:83 Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6 Certificate issuer: /CN=1f390af833d7d4269042c249bcf49648572095b6 Certificate serial: 019B597638ED503FB1C0B1E615ADE6B105D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft Manifest number: 1236 Signing time: Fri 26 Dec 2025 07:01:18 +0000 Manifest this update: Fri 26 Dec 2025 07:01:18 +0000 Manifest next update: Sat 27 Dec 2025 07:01:18 +0000 Files and hashes: 1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: +Rzj0jOS2IN+KvF3g7Ct0nT9GsX8RislBV7wi0x1UiU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:38:ed:50:3f:b1:c0:b1:e6:15:ad:e6:b1:05:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6 Validity Not Before: Dec 26 07:01:18 2025 GMT Not After : Dec 27 07:01:18 2025 GMT Subject: CN=6a79ad7e6bfd54913e4e1c8de2de93615e00cb83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:2d:02:e5:ef:df:ae:3f:71:b0:b8:97:8d:c5: e3:65:b9:72:09:ed:68:3e:cc:26:c4:55:0a:0d:a6: 86:28:ab:e8:c1:0c:1b:9d:2a:c5:47:3e:f6:07:b3: 4b:69:55:69:df:f6:90:3e:68:f4:d9:3f:e1:e7:7e: 09:dc:fd:c2:10:38:2c:38:7b:65:fa:20:26:6d:f9: ea:b1:9c:5c:ee:30:69:66:0a:26:d4:df:dc:f4:72: 5d:a5:c8:59:76:ca:8d:db:cb:64:91:5f:b7:f8:30: ee:9e:55:8c:09:4b:92:55:82:58:0d:55:3b:cc:3a: fb:2e:04:59:c7:f4:5e:e9:e3:65:15:20:e8:50:5b: ec:1b:b9:24:a5:e8:5e:9b:d4:7f:f9:df:96:61:a7: aa:2b:48:d9:9a:be:ce:0c:96:35:57:e6:9b:f4:25: fb:80:4e:7c:03:5d:19:fc:4b:84:ee:6a:38:ea:9e: 12:64:14:ea:07:49:66:21:2f:2b:94:56:2d:cc:37: 05:b5:6d:d0:89:43:e4:ce:b6:a7:ba:3a:e3:d9:30: c8:90:c1:d7:84:e9:61:8b:5d:33:ac:be:24:1a:ba: a8:4e:d2:b7:fc:da:51:38:b4:3f:14:f9:f9:33:a1: 3c:7f:8b:2a:d5:97:bd:86:bc:84:03:e3:59:96:2b: 5c:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:79:AD:7E:6B:FD:54:91:3E:4E:1C:8D:E2:DE:93:61:5E:00:CB:83 X509v3 Authority Key Identifier: keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:1e:e9:28:43:60:4a:bd:06:82:38:bb:43:49:22:ee:f4:ab: b8:6f:cb:fb:7f:fe:f4:42:2f:55:6a:9e:3e:1e:92:78:2a:1b: 26:5a:61:07:72:ef:16:80:b4:da:87:04:e2:51:bc:08:29:b9: 7b:ef:9e:05:9a:70:2c:b7:24:ac:72:c0:0a:40:26:2e:69:d4: c7:ab:f7:7f:82:e4:cc:a5:9c:ec:a0:d1:87:dc:23:b4:ea:55: 9d:30:f3:65:9e:73:5d:4b:15:4e:3c:e4:b4:76:47:3e:df:de: 8b:07:f5:07:49:5c:6d:7b:9e:72:31:ac:5f:2c:a2:61:ef:56: 9b:c3:ef:29:20:64:aa:b9:dc:1d:6a:48:5a:37:94:de:cb:b9: e7:e0:ee:e2:83:5f:f2:38:b3:c3:96:04:45:e4:ea:5d:58:09: 5c:c9:d2:3a:7c:08:54:dd:22:8b:fa:76:4f:fd:c0:06:1c:a9: c1:43:59:fb:3d:89:30:59:62:93:be:67:eb:ee:34:7c:6e:0e: c2:8f:77:b3:e5:91:85:c4:4a:45:25:87:fd:b1:85:b0:76:d5: 99:87:c2:02:fa:5d:a7:9c:2f:6e:5d:b2:6b:92:92:f7:3c:03: d8:f5:80:38:13:65:f1:88:a6:d8:5e:ea:b8:ac:cb:ef:75:68: 92:f7:a0:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdjjtUD+xwLHmFa3msQXWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy MDk1YjYwHhcNMjUxMjI2MDcwMTE4WhcNMjUxMjI3MDcwMTE4WjAzMTEwLwYDVQQD Eyg2YTc5YWQ3ZTZiZmQ1NDkxM2U0ZTFjOGRlMmRlOTM2MTVlMDBjYjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4i0C5e/frj9xsLiXjcXjZblyCe1o PswmxFUKDaaGKKvowQwbnSrFRz72B7NLaVVp3/aQPmj02T/h534J3P3CEDgsOHtl +iAmbfnqsZxc7jBpZgom1N/c9HJdpchZdsqN28tkkV+3+DDunlWMCUuSVYJYDVU7 zDr7LgRZx/Re6eNlFSDoUFvsG7kkpehem9R/+d+WYaeqK0jZmr7ODJY1V+ab9CX7 gE58A10Z/EuE7mo46p4SZBTqB0lmIS8rlFYtzDcFtW3QiUPkzranujrj2TDIkMHX hOlhi10zrL4kGrqoTtK3/NpROLQ/FPn5M6E8f4sq1Ze9hryEA+NZlitccwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGp5rX5r/VSRPk4cjeLek2FeAMuDMB8GA1UdIwQY MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeh7pKENg Sr0Ggji7Q0ki7vSruG/L+3/+9EIvVWqePh6SeCobJlphB3LvFoC02ocE4lG8CCm5 e++eBZpwLLckrHLACkAmLmnUx6v3f4LkzKWc7KDRh9wjtOpVnTDzZZ5zXUsVTjzk tHZHPt/eiwf1B0lcbXuecjGsXyyiYe9Wm8PvKSBkqrncHWpIWjeU3su55+Du4oNf 8jizw5YEReTqXVgJXMnSOnwIVN0ii/p2T/3ABhypwUNZ+z2JMFlik75n6+40fG4O wo93s+WRhcRKRSWH/bGFsHbVmYfCAvpdp5wvbl2ya5KS9zwD2PWAOBNl8Yim2F7q uKzL73Vokveg9A== -----END CERTIFICATE-----Generated at Fri Dec 26 14:06:10 2025 by rpki-client