This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft File: HjXAaowG1d1k_nawkKPh4qSZbcg.mft (raw, json) Hash identifier: UMOqsQ58VGaGTA5FHPxkSGu58iwN5wZXCH05og++0tg= Subject key identifier: C4:E3:ED:BD:3C:19:B1:05:34:F0:E5:28:8D:69:3C:3F:80:D8:68:B5 Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8 Certificate issuer: /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8 Certificate serial: 019B0F3739952999238970018A6BAB02D6D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft Manifest number: 1772 Signing time: Thu 11 Dec 2025 21:00:35 +0000 Manifest this update: Thu 11 Dec 2025 21:00:35 +0000 Manifest next update: Fri 12 Dec 2025 21:00:35 +0000 Files and hashes: 1: HjXAaowG1d1k_nawkKPh4qSZbcg.crl (hash: 9KPUzGm3lUt/UnRa0dEhEjKWLFSh7SS6kuY7h1Nr+eY=) 2: R12AgdneGd4IinauuD2IQCzaNdo.roa (hash: 0Vf4DfoprRpqIbS3viTk0elhBi8JnCMTTU8OHnzZBdQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:37:39:95:29:99:23:89:70:01:8a:6b:ab:02:d6:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8 Validity Not Before: Dec 11 21:00:35 2025 GMT Not After : Dec 12 21:00:35 2025 GMT Subject: CN=c4e3edbd3c19b10534f0e5288d693c3f80d868b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:cf:ff:42:fd:d9:5d:f7:9c:cd:70:51:f0:2f: 61:be:e5:b4:74:9e:11:03:c7:40:70:52:a3:b1:5d: 86:1a:ae:60:18:a5:1e:24:4f:dc:de:43:28:3b:df: fb:61:5d:ce:e1:0d:7f:68:9c:6f:ce:2d:2a:e8:6b: bb:83:e2:bb:35:a4:46:b2:b8:1c:b2:25:91:d1:3b: 97:0e:00:b9:01:80:a1:06:62:7c:bf:67:d2:28:ec: 33:36:c3:04:d5:44:91:e1:f3:40:58:64:5a:be:cd: 1b:73:ca:13:42:69:ed:34:8e:bb:fe:65:94:79:16: 4e:4e:5a:11:e2:be:47:47:3d:f2:2e:77:af:d3:fc: af:d1:db:f0:7b:0f:2d:66:f7:47:a8:d2:ea:5d:27: 95:dc:d5:be:15:fd:84:5c:aa:02:94:c3:35:7f:34: 14:75:54:f0:d0:9a:95:e9:2a:53:2e:e1:75:4f:96: de:04:f2:6b:03:2d:17:7e:0c:a1:87:1a:43:b2:5f: fb:d9:ac:d8:93:e4:30:30:e3:90:6b:25:bc:7d:af: 30:8f:58:7e:fe:e1:40:e8:fa:a8:df:8f:6d:e2:55: dd:55:4f:60:a2:02:23:7f:d5:93:09:dd:ef:b5:7f: eb:ab:c6:c3:b7:eb:9e:83:a2:49:7f:1e:22:98:94: 55:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:E3:ED:BD:3C:19:B1:05:34:F0:E5:28:8D:69:3C:3F:80:D8:68:B5 X509v3 Authority Key Identifier: keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:de:43:f9:3f:85:38:de:91:85:f1:26:6b:e0:d3:0d:ce:33: 19:3d:3b:b4:d6:c0:cd:de:b1:02:f3:7a:0a:5d:db:d4:5f:d6: e4:6d:cb:1b:e1:3c:e3:e0:fc:0c:2e:19:98:cf:70:74:a2:72: f2:2f:d2:d3:de:27:d5:b9:65:92:a6:c2:81:ae:fd:62:0a:d4: cd:89:89:37:04:8c:8e:d2:45:f9:02:21:b3:a6:ea:93:74:4a: 83:8d:ec:57:a7:a0:b6:87:62:2b:67:e2:ca:a8:8c:90:46:54: 57:58:f2:9d:6a:1d:69:6f:19:69:f3:1b:f4:e0:a9:d3:2c:e6: 97:24:55:29:3f:5c:a7:c4:de:73:85:b5:e9:e3:cc:95:f5:a5: fc:9c:cf:b9:ce:80:ba:c9:df:90:56:cb:27:7d:22:0c:bd:fe: ab:12:36:a7:02:be:b0:97:7b:82:7e:d8:e5:7a:0c:89:c3:60: 3c:79:4f:65:fe:54:c3:6b:ab:79:a2:36:f4:a2:e8:a1:56:a4: 82:7a:76:d8:f2:60:93:57:6f:ce:40:bf:6c:e4:b0:57:9a:0f: 84:f2:85:f3:40:ed:db:6d:82:b9:e4:88:68:2b:b0:95:f1:cd: a8:8c:a3:c3:21:d0:8d:66:be:c8:2e:5a:db:57:a9:78:e0:2d: fd:34:2f:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPNzmVKZkjiXABimurAtbUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5 OTZkYzgwHhcNMjUxMjExMjEwMDM1WhcNMjUxMjEyMjEwMDM1WjAzMTEwLwYDVQQD EyhjNGUzZWRiZDNjMTliMTA1MzRmMGU1Mjg4ZDY5M2MzZjgwZDg2OGI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc//Qv3ZXfeczXBR8C9hvuW0dJ4R A8dAcFKjsV2GGq5gGKUeJE/c3kMoO9/7YV3O4Q1/aJxvzi0q6Gu7g+K7NaRGsrgc siWR0TuXDgC5AYChBmJ8v2fSKOwzNsME1USR4fNAWGRavs0bc8oTQmntNI67/mWU eRZOTloR4r5HRz3yLnev0/yv0dvwew8tZvdHqNLqXSeV3NW+Ff2EXKoClMM1fzQU dVTw0JqV6SpTLuF1T5beBPJrAy0XfgyhhxpDsl/72azYk+QwMOOQayW8fa8wj1h+ /uFA6Pqo349t4lXdVU9gogIjf9WTCd3vtX/rq8bDt+ueg6JJfx4imJRVnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMTj7b08GbEFNPDlKI1pPD+A2Gi1MB8GA1UdIwQY MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt OWI1ZDc2YTk0OWY0LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0 LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAN5D+T+F ON6RhfEma+DTDc4zGT07tNbAzd6xAvN6Cl3b1F/W5G3LG+E84+D8DC4ZmM9wdKJy 8i/S094n1bllkqbCga79YgrUzYmJNwSMjtJF+QIhs6bqk3RKg43sV6egtodiK2fi yqiMkEZUV1jynWodaW8ZafMb9OCp0yzmlyRVKT9cp8Tec4W16ePMlfWl/JzPuc6A usnfkFbLJ30iDL3+qxI2pwK+sJd7gn7Y5XoMicNgPHlPZf5Uw2ureaI29KLooVak gnp22PJgk1dvzkC/bOSwV5oPhPKF80Dt222CueSIaCuwlfHNqIyjwyHQjWa+yC5a 21epeOAt/TQvjw== -----END CERTIFICATE-----Generated at Fri Dec 12 05:15:38 2025 by rpki-client