This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json) Hash identifier: mSZwe7NmD+ct2D52fQgWwcsexJ6aqSqNzDnLsaSnml8= Subject key identifier: 68:1E:0A:D2:E5:B5:D7:69:59:A7:F4:AC:6E:93:09:C6:DA:97:18:B8 Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1 Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1 Certificate serial: 019AF209789355F830CEA6B2B45AA74D1CA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft Manifest number: 1387 Signing time: Sat 06 Dec 2025 05:01:38 +0000 Manifest this update: Sat 06 Dec 2025 05:01:38 +0000 Manifest next update: Sun 07 Dec 2025 05:01:38 +0000 Files and hashes: 1: CSj4rvQmRyDsyaDEw0jstidXLzo.roa (hash: 3pSnEcRnf/ULKrT/Poc1HoH7UgR2xUCZ7SNrN3hfNmI=) 2: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: +EJfGpoxSCy57oIgWD/KXe2iWZjdA/b4a+kZzw9Uy6Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:78:93:55:f8:30:ce:a6:b2:b4:5a:a7:4d:1c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1 Validity Not Before: Dec 6 05:01:38 2025 GMT Not After : Dec 7 05:01:38 2025 GMT Subject: CN=681e0ad2e5b5d76959a7f4ac6e9309c6da9718b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:f6:5a:b7:94:67:f3:2a:d9:9c:b4:b0:7e:8e: 10:8f:8e:3a:74:cb:97:82:10:3f:97:ef:08:29:13: 4f:27:cc:a9:51:b7:4d:3e:bb:17:85:47:ed:39:82: bc:f1:71:6a:ac:05:f8:88:0f:7f:e0:de:15:60:19: da:6a:9f:e6:15:6a:0c:35:ce:11:b2:58:d9:a2:ca: d3:ed:d5:11:b7:05:5f:00:52:ab:33:84:aa:9f:e1: 14:b7:cb:85:8e:83:a1:68:25:b7:86:19:09:aa:0a: d0:83:84:72:10:1b:7a:15:8c:c1:c2:45:3c:9c:55: d0:11:64:f6:1d:69:f3:60:b4:6c:41:4e:6f:61:7e: 17:0f:70:e3:55:6f:36:71:1e:2b:03:7d:da:0d:90: 6b:d4:9c:39:f8:3a:4f:d3:9f:8f:85:83:b5:c6:83: 70:cf:98:d4:2e:46:cb:03:4b:58:36:b2:30:2b:03: 33:00:2c:00:f8:3c:98:54:52:4f:64:c2:c4:ad:71: 19:8b:c8:fd:05:bb:51:e7:fd:fd:27:3c:55:e1:87: 65:7c:6e:97:f1:27:c4:1b:27:20:9a:db:6c:b0:58: fb:5e:4b:d7:10:b5:c6:99:7a:c2:2f:01:b1:56:21: bd:24:ff:c2:24:8c:2b:5c:58:dd:d5:eb:a1:c6:52: f8:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:1E:0A:D2:E5:B5:D7:69:59:A7:F4:AC:6E:93:09:C6:DA:97:18:B8 X509v3 Authority Key Identifier: keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:6f:54:bf:4c:f9:a7:57:4b:88:cb:90:ed:82:f7:1a:52:45: 19:89:ad:aa:84:33:1d:ce:5a:ce:6a:6d:d6:df:dc:6a:33:21: 54:2e:be:5c:78:6e:d8:1e:89:4e:20:0a:e4:7a:f1:1e:62:4f: 92:27:07:a5:cd:bd:b6:bf:d4:8a:7b:a1:8a:5c:6b:87:2a:41: 6d:96:6c:86:f0:2e:47:79:69:ff:48:a0:c9:86:e9:8c:5c:72: 33:21:ce:fa:20:53:d7:a3:2e:28:3e:fd:ed:5e:c7:a2:64:2c: 1b:fd:6e:2a:48:dc:3c:fc:02:cf:d4:55:6e:ad:b7:7b:3a:85: 5d:b1:3e:c7:6f:08:bd:a6:3e:ab:74:b3:58:18:69:4e:96:c4: a2:93:0c:71:b5:a8:74:19:af:69:cb:54:24:7e:ae:fa:5c:07: dd:25:03:07:d6:6f:1b:61:ea:bc:fb:3f:50:f0:53:d5:3e:35: 16:3b:60:a6:c7:09:b9:6d:0e:d3:61:ff:3c:18:98:a7:7e:27: 94:d5:4d:b8:98:8c:db:62:0e:b2:25:f9:50:3c:5d:b9:af:9e: 07:ed:c7:e0:2b:5a:c9:ef:99:64:0d:78:b1:84:c5:ac:6a:05: af:19:0c:5b:55:d8:95:a1:69:92:87:6d:5f:33:61:f5:ec:40: 26:df:86:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCXiTVfgwzqaytFqnTRyhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy OTcwYjEwHhcNMjUxMjA2MDUwMTM4WhcNMjUxMjA3MDUwMTM4WjAzMTEwLwYDVQQD Eyg2ODFlMGFkMmU1YjVkNzY5NTlhN2Y0YWM2ZTkzMDljNmRhOTcxOGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/Zat5Rn8yrZnLSwfo4Qj446dMuX ghA/l+8IKRNPJ8ypUbdNPrsXhUftOYK88XFqrAX4iA9/4N4VYBnaap/mFWoMNc4R sljZosrT7dURtwVfAFKrM4Sqn+EUt8uFjoOhaCW3hhkJqgrQg4RyEBt6FYzBwkU8 nFXQEWT2HWnzYLRsQU5vYX4XD3DjVW82cR4rA33aDZBr1Jw5+DpP05+PhYO1xoNw z5jULkbLA0tYNrIwKwMzACwA+DyYVFJPZMLErXEZi8j9BbtR5/39JzxV4YdlfG6X 8SfEGycgmttssFj7XkvXELXGmXrCLwGxViG9JP/CJIwrXFjd1euhxlL4wwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGgeCtLltddpWaf0rG6TCcbalxi4MB8GA1UdIwQY MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFW9Uv0z5 p1dLiMuQ7YL3GlJFGYmtqoQzHc5azmpt1t/cajMhVC6+XHhu2B6JTiAK5HrxHmJP kicHpc29tr/UinuhilxrhypBbZZshvAuR3lp/0igyYbpjFxyMyHO+iBT16MuKD79 7V7HomQsG/1uKkjcPPwCz9RVbq23ezqFXbE+x28IvaY+q3SzWBhpTpbEopMMcbWo dBmvactUJH6u+lwH3SUDB9ZvG2HqvPs/UPBT1T41FjtgpscJuW0O02H/PBiYp34n lNVNuJiM22IOsiX5UDxdua+eB+3H4Ctaye+ZZA14sYTFrGoFrxkMW1XYlaFpkodt XzNh9exAJt+Gew== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:44 2025 by rpki-client