This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json) Hash identifier: NHW/lBqAY1UTRn9irEtZbXdH5tSPYCnWs2o2A0t0rWE= Subject key identifier: B1:B9:71:F6:57:94:C0:B9:FC:AD:24:1F:C2:DF:11:B1:E7:C8:3C:45 Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0 Certificate serial: 019AF5406812DE112F11C8FC76E034D684E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 20:00:30 +0000 Manifest this update: Sat 06 Dec 2025 20:00:30 +0000 Manifest next update: Sun 07 Dec 2025 20:00:30 +0000 Files and hashes: 1: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: X/BzlUSjQMO+NtmPiOWKgnncbhm2R5QWhuVHVx4MrRs=) 2: xSS92RJP_9kDYA2uBQZz6tpYK1I.roa (hash: rR5n4U9xDx2H85hw0wOs3NY+BK3tAcVO4QlJE3rUQXA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:40:68:12:de:11:2f:11:c8:fc:76:e0:34:d6:84:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0 Validity Not Before: Dec 6 20:00:30 2025 GMT Not After : Dec 7 20:00:30 2025 GMT Subject: CN=b1b971f65794c0b9fcad241fc2df11b1e7c83c45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:83:21:f6:28:b2:48:e2:bc:26:87:2f:8a:b4: 5e:c3:a8:c6:c8:19:f1:26:c1:44:76:de:e2:a7:09: 8f:cd:86:ae:fd:55:ba:b8:ac:5b:55:98:5b:d8:61: a2:ce:88:eb:3c:a5:67:54:77:0b:ac:dc:c5:75:a2: a7:16:d5:c7:fd:d2:52:9b:68:78:be:20:ed:44:dd: e0:e3:36:7b:37:49:cf:36:23:b1:02:dd:43:43:ac: 00:4f:81:cc:d3:57:f3:50:49:94:57:8e:a8:d1:14: 95:27:7a:42:5d:3d:ff:5b:e0:77:89:5a:c2:03:9b: a4:75:06:30:53:94:0c:32:84:54:bd:18:89:03:5d: 3c:ce:c9:b4:f4:ae:23:77:c2:89:4e:b2:84:91:ef: 11:e6:4c:dd:2d:69:53:2a:ee:b1:c2:de:fb:27:99: ff:62:44:ff:52:42:4d:68:18:40:7b:d2:21:ce:59: 43:d2:13:97:2d:53:56:17:52:8b:cf:9e:d7:a0:73: 6e:ee:26:e3:f6:e4:1c:01:16:3d:41:ec:56:6d:6f: e0:af:c5:81:a8:f4:a6:17:8c:60:73:f5:85:d9:95: 1a:4a:e9:3d:53:09:ac:d5:91:af:cb:40:a5:ea:79: 67:da:de:b9:ec:92:27:72:09:ee:1f:84:c6:bc:6c: 59:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:B9:71:F6:57:94:C0:B9:FC:AD:24:1F:C2:DF:11:B1:E7:C8:3C:45 X509v3 Authority Key Identifier: keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:47:a9:83:37:b3:d0:40:de:d3:79:ca:cd:b4:4e:25:7b:f0: eb:b9:60:f9:a9:d8:0d:1b:36:21:d0:ac:c2:ad:e0:f2:76:b9: 90:51:34:db:c2:22:46:9f:78:0e:7e:88:57:ad:e8:28:09:a1: 72:c4:96:00:23:ef:61:16:3a:0f:17:b5:c4:1b:3c:06:bc:a6: c0:e3:84:73:6c:99:d7:1d:62:ef:3d:d4:94:59:02:15:39:11: 7a:4c:24:52:d8:d5:64:52:e0:83:07:c1:f9:e2:31:c0:78:b8: c8:c3:f4:6b:66:5d:68:1f:05:71:a9:b8:2d:0e:bd:9b:73:3a: 7e:73:4c:e9:40:6b:3e:45:00:cf:91:ef:42:3c:3e:3c:27:e0: dc:14:87:29:b8:22:b5:58:45:d3:3f:ea:8c:8c:2b:f6:44:7c: ad:9b:8f:fe:ce:be:ce:65:52:43:78:de:d0:72:4e:3e:48:41: 80:67:0e:f0:f2:90:7e:28:b7:13:81:49:13:38:41:0f:eb:ea: fb:54:f8:04:49:94:2f:45:40:37:49:e9:ac:43:74:58:57:59: 01:fd:74:24:39:8a:0a:48:c7:9a:ea:28:ca:c4:e7:68:1b:71: 3d:eb:fa:81:64:f1:e2:3e:a1:2f:04:29:0c:5a:5e:05:6f:7d: 47:61:ad:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QGgS3hEvEcj8duA01oTkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1 NWRlZTAwHhcNMjUxMjA2MjAwMDMwWhcNMjUxMjA3MjAwMDMwWjAzMTEwLwYDVQQD EyhiMWI5NzFmNjU3OTRjMGI5ZmNhZDI0MWZjMmRmMTFiMWU3YzgzYzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYMh9iiySOK8JocvirRew6jGyBnx JsFEdt7ipwmPzYau/VW6uKxbVZhb2GGizojrPKVnVHcLrNzFdaKnFtXH/dJSm2h4 viDtRN3g4zZ7N0nPNiOxAt1DQ6wAT4HM01fzUEmUV46o0RSVJ3pCXT3/W+B3iVrC A5ukdQYwU5QMMoRUvRiJA108zsm09K4jd8KJTrKEke8R5kzdLWlTKu6xwt77J5n/ YkT/UkJNaBhAe9IhzllD0hOXLVNWF1KLz57XoHNu7ibj9uQcARY9QexWbW/gr8WB qPSmF4xgc/WF2ZUaSuk9Uwms1ZGvy0Cl6nln2t657JIncgnuH4TGvGxZDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLG5cfZXlMC5/K0kH8LfEbHnyDxFMB8GA1UdIwQY MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqUepgzez 0EDe03nKzbROJXvw67lg+anYDRs2IdCswq3g8na5kFE028IiRp94Dn6IV63oKAmh csSWACPvYRY6Dxe1xBs8BrymwOOEc2yZ1x1i7z3UlFkCFTkRekwkUtjVZFLggwfB +eIxwHi4yMP0a2ZdaB8Fcam4LQ69m3M6fnNM6UBrPkUAz5HvQjw+PCfg3BSHKbgi tVhF0z/qjIwr9kR8rZuP/s6+zmVSQ3je0HJOPkhBgGcO8PKQfii3E4FJEzhBD+vq +1T4BEmUL0VAN0nprEN0WFdZAf10JDmKCkjHmuooysTnaBtxPev6gWTx4j6hLwQp DFpeBW99R2Gt4w== -----END CERTIFICATE-----Generated at Sat Dec 6 23:53:39 2025 by rpki-client