This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft File: Hzspn37Z9UTXv5ALWcz4iadk30g.mft (raw, json) Hash identifier: UPrRBj4ZGmfMgZNOueM0/4efpQZJBuEaJuTD3jwie1c= Subject key identifier: 0A:32:BE:03:19:C1:3E:D5:A2:84:DF:91:2E:8B:6B:A5:E1:13:BD:B4 Authority key identifier: 1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48 Certificate issuer: /CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48 Certificate serial: 019AF276BDDA2BFE6232D67AEB0AA92F0B2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 07:00:59 +0000 Manifest this update: Sat 06 Dec 2025 07:00:59 +0000 Manifest next update: Sun 07 Dec 2025 07:00:59 +0000 Files and hashes: 1: Hzspn37Z9UTXv5ALWcz4iadk30g.crl (hash: 9wrJZWfUBcptI64QVXM1aBy6Y07MTCa3vkQcxFemJyo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:bd:da:2b:fe:62:32:d6:7a:eb:0a:a9:2f:0b:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3b299f7ed9f544d7bf900b59ccf889a764df48 Validity Not Before: Dec 6 07:00:59 2025 GMT Not After : Dec 7 07:00:59 2025 GMT Subject: CN=0a32be0319c13ed5a284df912e8b6ba5e113bdb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:7b:b0:67:b6:a2:2c:62:75:01:01:45:57:7f: ba:d8:33:97:88:fe:ac:77:94:b0:46:0f:15:23:db: f2:12:c3:91:fb:64:d3:13:30:94:f0:c8:0c:ec:ae: 49:9f:66:4e:69:42:5c:d4:86:fa:a9:dd:42:ff:e9: 03:a2:1a:71:ca:e8:74:55:92:5e:6d:17:48:42:a1: 6d:f0:18:60:e1:84:9a:25:e8:29:ba:37:b8:f8:1b: f7:72:ba:02:35:ea:ef:13:35:a6:1b:da:cc:66:aa: e6:d3:2d:0c:9e:5e:7e:b4:29:35:f3:49:2f:68:3a: 60:c7:91:ac:87:f6:0a:63:74:86:dd:94:87:2b:c1: e6:6e:40:b6:c9:a0:c8:62:cf:75:b9:58:77:9f:85: c6:77:71:a0:4b:14:11:c5:9f:14:f5:dc:1b:67:f9: 8b:ee:ad:a0:5f:1f:21:19:65:fe:a3:ac:a3:a2:06: a5:fe:a5:23:8b:a7:08:a7:bf:45:72:16:65:41:af: 85:9a:a4:ba:1b:51:5f:e0:30:a5:18:63:4b:f1:76: 18:0c:a6:52:21:5b:29:e2:f6:50:d5:f7:43:ca:1f: 79:28:39:42:c3:46:b4:71:0f:d3:70:66:64:c2:72: b1:ad:a4:3c:35:95:9e:3a:35:92:ee:8b:39:1a:48: e0:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:32:BE:03:19:C1:3E:D5:A2:84:DF:91:2E:8B:6B:A5:E1:13:BD:B4 X509v3 Authority Key Identifier: keyid:1F:3B:29:9F:7E:D9:F5:44:D7:BF:90:0B:59:CC:F8:89:A7:64:DF:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hzspn37Z9UTXv5ALWcz4iadk30g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/614631-6314-4933-a76d-75cdc2d57262/1/Hzspn37Z9UTXv5ALWcz4iadk30g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:04:6d:46:cf:fd:b5:94:04:04:7a:da:b7:2a:dd:f5:f1:de: 87:f3:8b:8a:1e:b8:2d:7a:a6:c2:4c:f2:76:47:14:a4:ee:01: 2b:d0:06:ec:dc:b9:d8:01:cd:99:e7:1a:b7:f6:31:ba:89:db: 97:2d:0c:26:99:81:eb:b1:5a:f1:b5:ea:66:66:ab:f3:f0:42: 3e:64:48:5b:d2:a0:7b:35:3b:55:f6:79:d4:a5:11:dc:1e:67: 88:2b:b2:7e:53:ed:27:0a:ca:17:78:f6:17:ca:14:90:00:31: e7:f1:2e:5f:4f:84:8a:c0:38:6c:68:44:fe:6b:a0:50:f4:3d: 4a:df:af:fd:4e:f6:46:11:76:6a:a6:c8:54:d1:c6:71:53:0c: 57:8f:a0:3d:08:98:b6:22:b4:7b:b5:24:63:72:16:79:3b:7e: 26:0f:1f:8c:84:de:c3:db:0c:55:93:c8:76:58:1d:e2:59:eb: 2d:18:dd:70:47:88:64:1e:65:2b:9b:89:9b:e7:18:99:04:3e: c9:f3:5d:ff:4d:1d:43:83:00:98:08:11:43:81:21:65:6e:1d: 25:f3:26:f6:64:78:fc:df:b4:1a:96:bd:1c:2d:cf:2f:62:47: 03:aa:dc:ae:27:07:6d:25:a1:03:55:31:4e:01:58:af:58:12: fb:05:3c:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydr3aK/5iMtZ66wqpLwsuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmM2IyOTlmN2VkOWY1NDRkN2JmOTAwYjU5Y2NmODg5YTc2 NGRmNDgwHhcNMjUxMjA2MDcwMDU5WhcNMjUxMjA3MDcwMDU5WjAzMTEwLwYDVQQD EygwYTMyYmUwMzE5YzEzZWQ1YTI4NGRmOTEyZThiNmJhNWUxMTNiZGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3uwZ7aiLGJ1AQFFV3+62DOXiP6s d5SwRg8VI9vyEsOR+2TTEzCU8MgM7K5Jn2ZOaUJc1Ib6qd1C/+kDohpxyuh0VZJe bRdIQqFt8Bhg4YSaJegpuje4+Bv3croCNervEzWmG9rMZqrm0y0Mnl5+tCk180kv aDpgx5Gsh/YKY3SG3ZSHK8HmbkC2yaDIYs91uVh3n4XGd3GgSxQRxZ8U9dwbZ/mL 7q2gXx8hGWX+o6yjogal/qUji6cIp79FchZlQa+FmqS6G1Ff4DClGGNL8XYYDKZS IVsp4vZQ1fdDyh95KDlCw0a0cQ/TcGZkwnKxraQ8NZWeOjWS7os5Gkjg9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAoyvgMZwT7VooTfkS6La6XhE720MB8GA1UdIwQY MBaAFB87KZ9+2fVE17+QC1nM+ImnZN9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQt NzVjZGMyZDU3MjYyLzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS82MTQ2MzEtNjMxNC00OTMzLWE3NmQtNzVjZGMyZDU3MjYy LzEvSHpzcG4zN1o5VVRYdjVBTFdjejRpYWRrMzBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAARtRs/9 tZQEBHratyrd9fHeh/OLih64LXqmwkzydkcUpO4BK9AG7Ny52AHNmecat/Yxuonb ly0MJpmB67Fa8bXqZmar8/BCPmRIW9KgezU7VfZ51KUR3B5niCuyflPtJwrKF3j2 F8oUkAAx5/EuX0+EisA4bGhE/mugUPQ9St+v/U72RhF2aqbIVNHGcVMMV4+gPQiY tiK0e7UkY3IWeTt+Jg8fjITew9sMVZPIdlgd4lnrLRjdcEeIZB5lK5uJm+cYmQQ+ yfNd/00dQ4MAmAgRQ4EhZW4dJfMm9mR4/N+0Gpa9HC3PL2JHA6rcricHbSWhA1Ux TgFYr1gS+wU8qQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:31:15 2025 by rpki-client