This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft File: HzkK-DPX1CaQQsJJvPSWSFcglbY.mft (raw, json) Hash identifier: 4sq8U/PhQVSABuL2IHB2k9XTHCzP7hMEoSxNSiT/WX4= Subject key identifier: 24:40:4A:1E:5B:5A:A6:A6:52:25:DE:CC:B3:A8:F4:BA:3F:8A:42:25 Authority key identifier: 1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6 Certificate issuer: /CN=1f390af833d7d4269042c249bcf49648572095b6 Certificate serial: 019C43224DFA291AF19A15F03AF7E5905ECF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft Manifest number: 12AF Signing time: Mon 09 Feb 2026 16:00:47 +0000 Manifest this update: Mon 09 Feb 2026 16:00:47 +0000 Manifest next update: Tue 10 Feb 2026 16:00:47 +0000 Files and hashes: 1: HzkK-DPX1CaQQsJJvPSWSFcglbY.crl (hash: 3F2H2KvJY5XTqucQs2LKn0ZYDb9KRq0ZwxzvvYcMFOI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:22:4d:fa:29:1a:f1:9a:15:f0:3a:f7:e5:90:5e:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f390af833d7d4269042c249bcf49648572095b6 Validity Not Before: Feb 9 16:00:47 2026 GMT Not After : Feb 10 16:00:47 2026 GMT Subject: CN=24404a1e5b5aa6a65225deccb3a8f4ba3f8a4225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0b:77:40:84:76:7d:df:01:71:02:e5:69:b7: a7:2c:45:43:cb:e1:3a:72:3b:86:51:73:ae:05:77: e3:e8:a6:12:44:d2:09:79:42:09:98:c5:39:38:96: af:6a:63:94:dd:9c:22:8b:d2:a1:75:5a:4a:fe:eb: 59:50:b8:14:e8:50:5f:00:ca:d0:81:f2:74:a2:fe: 41:5b:d0:e2:1e:22:6a:d3:60:90:ee:96:8a:52:ae: b2:9d:07:a9:a8:04:86:8e:f0:7b:a4:d5:c9:32:76: bb:3e:e8:55:c3:fb:e1:49:df:a9:78:10:d2:b0:45: b4:e4:60:3e:5f:e3:c1:4b:76:28:93:60:d0:44:d7: 10:50:18:34:ee:b8:29:b0:ed:47:51:75:2c:e3:f4: 9a:dc:ba:36:2c:a3:3c:73:31:f2:fe:52:21:b7:bc: 67:91:39:8f:5e:1f:ae:2e:22:a6:26:d2:99:20:d0: 20:88:fc:9b:82:db:6c:2f:f1:85:d9:b4:ef:02:81: bd:6c:4c:3c:7c:7b:e3:29:21:b9:99:a1:d4:54:ce: b6:ec:33:23:16:ae:1b:f6:a7:c6:b7:d5:da:9c:ad: 3b:6a:cf:47:d3:ec:7f:31:d9:02:c8:51:1d:2b:61: f1:d8:91:56:d2:b3:95:a4:d6:5b:e7:c7:9e:d7:a3: 2f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:40:4A:1E:5B:5A:A6:A6:52:25:DE:CC:B3:A8:F4:BA:3F:8A:42:25 X509v3 Authority Key Identifier: keyid:1F:39:0A:F8:33:D7:D4:26:90:42:C2:49:BC:F4:96:48:57:20:95:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzkK-DPX1CaQQsJJvPSWSFcglbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ba3048-6224-4a97-ba31-d758372cf8f0/1/HzkK-DPX1CaQQsJJvPSWSFcglbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:3e:87:1b:3e:59:12:98:ed:34:a4:b1:71:e6:cf:d1:cb:ff: 46:53:81:30:9d:40:b2:bb:8b:79:40:cb:e6:72:22:87:fe:07: 4c:e3:f3:0b:f3:56:0b:14:05:5d:ad:50:77:89:44:c7:ef:26: 5f:1e:b8:b5:69:31:bb:65:71:61:c0:ea:5a:48:27:c1:c0:44: a5:af:ed:1f:62:69:81:5c:dd:0d:c1:31:5b:cb:ba:aa:84:fd: 76:27:1a:4d:ff:4f:77:64:f1:ac:be:d7:6c:18:db:c8:79:e8: 2a:98:93:04:56:bb:d3:84:fd:54:d4:76:44:8d:c9:f3:56:76: 9a:45:1c:a5:cc:f8:49:e2:f8:d8:3f:df:be:d3:8b:3c:cb:10: 61:cc:c8:44:f8:d7:f0:b3:d4:bb:f3:b2:15:b6:e7:e6:39:65: a0:08:2e:80:b2:f4:9d:ff:8b:a9:61:06:09:b3:f4:3d:a3:f6: bb:ab:68:87:be:da:c2:76:69:db:c5:be:83:26:56:f3:ed:3b: 8c:06:f3:88:38:ba:db:d8:ff:6c:55:fc:f6:dd:57:0d:2d:0b: 92:d9:a5:ac:a8:e6:a2:85:99:0a:00:23:73:d9:f0:f1:31:c5: 9b:43:b8:fb:20:13:4a:54:15:a8:34:ed:62:0f:0e:d9:23:ce: e5:68:16:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDIk36KRrxmhXwOvflkF7PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzkwYWY4MzNkN2Q0MjY5MDQyYzI0OWJjZjQ5NjQ4NTcy MDk1YjYwHhcNMjYwMjA5MTYwMDQ3WhcNMjYwMjEwMTYwMDQ3WjAzMTEwLwYDVQQD EygyNDQwNGExZTViNWFhNmE2NTIyNWRlY2NiM2E4ZjRiYTNmOGE0MjI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgt3QIR2fd8BcQLlabenLEVDy+E6 cjuGUXOuBXfj6KYSRNIJeUIJmMU5OJavamOU3Zwii9KhdVpK/utZULgU6FBfAMrQ gfJ0ov5BW9DiHiJq02CQ7paKUq6ynQepqASGjvB7pNXJMna7PuhVw/vhSd+peBDS sEW05GA+X+PBS3Yok2DQRNcQUBg07rgpsO1HUXUs4/Sa3Lo2LKM8czHy/lIht7xn kTmPXh+uLiKmJtKZINAgiPybgttsL/GF2bTvAoG9bEw8fHvjKSG5maHUVM627DMj Fq4b9qfGt9XanK07as9H0+x/MdkCyFEdK2Hx2JFW0rOVpNZb58ee16Mv6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCRASh5bWqamUiXezLOo9Lo/ikIlMB8GA1UdIwQY MBaAFB85Cvgz19QmkELCSbz0lkhXIJW2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEt ZDc1ODM3MmNmOGYwLzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9iYTMwNDgtNjIyNC00YTk3LWJhMzEtZDc1ODM3MmNmOGYw LzEvSHprSy1EUFgxQ2FRUXNKSnZQU1dTRmNnbGJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYD6HGz5Z EpjtNKSxcebP0cv/RlOBMJ1AsruLeUDL5nIih/4HTOPzC/NWCxQFXa1Qd4lEx+8m Xx64tWkxu2VxYcDqWkgnwcBEpa/tH2JpgVzdDcExW8u6qoT9dicaTf9Pd2TxrL7X bBjbyHnoKpiTBFa704T9VNR2RI3J81Z2mkUcpcz4SeL42D/fvtOLPMsQYczIRPjX 8LPUu/OyFbbn5jlloAgugLL0nf+LqWEGCbP0PaP2u6toh77awnZp28W+gyZW8+07 jAbziDi629j/bFX89t1XDS0LktmlrKjmooWZCgAjc9nw8THFm0O4+yATSlQVqDTt Yg8O2SPO5WgWrg== -----END CERTIFICATE-----Generated at Mon Feb 9 21:06:23 2026 by rpki-client