This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft File: HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json) Hash identifier: SOPehcTUvnKyV0l+HSzhN58LT/d6otn7kfMM9sk9W+E= Subject key identifier: 0C:E2:D2:0B:FD:BC:CC:B2:DA:1C:C5:A7:D2:EE:CB:F8:43:DE:7A:61 Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9 Certificate issuer: /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9 Certificate serial: 019B4439247C08586C383812816E8A32D452 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft Manifest number: 0986 Signing time: Mon 22 Dec 2025 04:02:34 +0000 Manifest this update: Mon 22 Dec 2025 04:02:34 +0000 Manifest next update: Tue 23 Dec 2025 04:02:34 +0000 Files and hashes: 1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: NsM+wY6pb9FbS+eLAmpzpPVlQj5piMd5DNTA5l58N1Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:39:24:7c:08:58:6c:38:38:12:81:6e:8a:32:d4:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9 Validity Not Before: Dec 22 04:02:34 2025 GMT Not After : Dec 23 04:02:34 2025 GMT Subject: CN=0ce2d20bfdbcccb2da1cc5a7d2eecbf843de7a61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:06:51:48:ac:7f:bf:1b:e4:0e:22:bc:54:75: 47:97:23:8e:85:90:06:10:ba:2e:7e:06:2a:12:86: 0f:26:4b:1a:af:b3:0d:11:a0:01:eb:b3:0a:b6:3b: 65:47:eb:1e:01:5c:56:4d:39:66:17:61:17:46:0e: f6:77:dc:99:9d:61:04:8d:40:58:73:6e:12:92:e7: 91:6c:98:b5:d8:c0:7d:18:ea:61:2f:eb:66:2e:3d: 10:0b:ea:6e:b2:51:dd:4b:c7:6c:14:89:c7:ab:b3: 00:3d:47:c7:da:01:a9:07:32:b1:dd:6b:e4:3b:ea: 15:5b:81:2e:75:85:27:16:bc:e9:00:fd:57:71:76: 55:6a:9f:89:48:27:54:0f:52:79:e1:19:e4:0c:d5: 3c:d4:8a:24:44:4a:0b:1c:57:a4:ae:71:10:2a:fe: 2e:5a:f6:ac:2b:73:5e:f5:74:1b:15:78:f6:49:06: 85:ec:90:65:e0:a9:c1:80:f9:5c:47:7c:6e:f5:e0: 16:d6:f2:db:a1:9e:2e:ac:e8:da:d3:df:81:6e:b6: 8d:3c:95:bd:9b:77:50:a9:a1:bf:fc:25:bf:85:ab: 9e:e9:ce:03:6d:4d:23:3d:b8:2c:7c:ee:25:35:7f: 2f:88:b3:bc:bc:16:f4:91:a2:33:12:b1:46:12:1e: c6:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:E2:D2:0B:FD:BC:CC:B2:DA:1C:C5:A7:D2:EE:CB:F8:43:DE:7A:61 X509v3 Authority Key Identifier: keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:9a:d5:12:c6:e1:7e:38:fd:66:ce:df:e8:c6:10:32:71:4a: 86:c4:b0:d7:36:d6:07:76:62:22:4c:41:fb:6d:bc:a3:65:54: 8d:21:22:ec:e0:c7:7d:f6:78:55:43:4f:7e:cf:0c:0b:87:55: a9:b8:fc:66:a3:60:44:cd:a8:5b:20:dd:c5:2e:d9:95:32:90: 75:63:2c:f5:28:68:4d:06:1f:45:66:5f:6a:2a:c0:e8:21:db: 45:3d:7a:04:44:af:05:df:62:81:ee:f8:62:c8:40:c8:b3:e6: b5:11:17:63:cf:94:6c:d9:a4:ae:99:7b:25:a6:70:30:3c:0f: 88:0d:22:25:a6:61:63:df:f3:d4:84:7a:db:43:87:fa:0f:6d: 7e:be:12:14:da:0a:43:a4:ca:11:43:5a:aa:bc:6d:5a:d4:05: 21:32:ad:b9:95:fa:f7:a1:1c:f7:a3:f7:d6:f5:cb:ea:de:e8: 28:f5:f5:98:51:22:67:f8:ab:43:fc:88:81:bf:8b:b3:0e:d2: 0e:08:fe:2a:7d:80:07:7f:37:63:47:a2:b3:b3:ce:53:ca:7a: f5:5b:a0:5e:c7:99:e0:30:c0:c9:af:93:7f:f3:db:a9:df:7c: c3:55:3a:6c:de:37:17:50:eb:4f:e8:fd:e1:e1:b8:13:bb:9a: ca:b4:bc:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOSR8CFhsODgSgW6KMtRSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2 NTg0ZDkwHhcNMjUxMjIyMDQwMjM0WhcNMjUxMjIzMDQwMjM0WjAzMTEwLwYDVQQD EygwY2UyZDIwYmZkYmNjY2IyZGExY2M1YTdkMmVlY2JmODQzZGU3YTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgZRSKx/vxvkDiK8VHVHlyOOhZAG ELoufgYqEoYPJksar7MNEaAB67MKtjtlR+seAVxWTTlmF2EXRg72d9yZnWEEjUBY c24SkueRbJi12MB9GOphL+tmLj0QC+puslHdS8dsFInHq7MAPUfH2gGpBzKx3Wvk O+oVW4EudYUnFrzpAP1XcXZVap+JSCdUD1J54RnkDNU81IokREoLHFekrnEQKv4u WvasK3Ne9XQbFXj2SQaF7JBl4KnBgPlcR3xu9eAW1vLboZ4urOja09+BbraNPJW9 m3dQqaG//CW/haue6c4DbU0jPbgsfO4lNX8viLO8vBb0kaIzErFGEh7GwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAzi0gv9vMyy2hzFp9Luy/hD3nphMB8GA1UdIwQY MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJrVEsbh fjj9Zs7f6MYQMnFKhsSw1zbWB3ZiIkxB+228o2VUjSEi7ODHffZ4VUNPfs8MC4dV qbj8ZqNgRM2oWyDdxS7ZlTKQdWMs9ShoTQYfRWZfairA6CHbRT16BESvBd9ige74 YshAyLPmtREXY8+UbNmkrpl7JaZwMDwPiA0iJaZhY9/z1IR620OH+g9tfr4SFNoK Q6TKEUNaqrxtWtQFITKtuZX696Ec96P31vXL6t7oKPX1mFEiZ/irQ/yIgb+Lsw7S Dgj+Kn2AB383Y0eis7POU8p69VugXseZ4DDAya+Tf/Pbqd98w1U6bN43F1DrT+j9 4eG4E7uayrS8QA== -----END CERTIFICATE-----Generated at Mon Dec 22 05:38:24 2025 by rpki-client