This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft File: hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft (raw, json) Hash identifier: L2fttxTy/EKHtWhR6yv97jIqBx7uiDDtDXlNkQA7aSA= Subject key identifier: B7:29:AD:36:8C:0F:36:6A:DC:27:6B:91:25:1B:4E:15:53:5A:85:CD Authority key identifier: 87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F Certificate issuer: /CN=8738bf1cc1381678038ef5da67642398e3d9819f Certificate serial: 019AF1D245809DAA9B427E9DA60A2F380DB9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft Manifest number: 02AD Signing time: Sat 06 Dec 2025 04:01:20 +0000 Manifest this update: Sat 06 Dec 2025 04:01:20 +0000 Manifest next update: Sun 07 Dec 2025 04:01:20 +0000 Files and hashes: 1: hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl (hash: CmdcJMpnupGM1NeypRf1p4+HYWL0v46UWvFm5GQq5g4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:45:80:9d:aa:9b:42:7e:9d:a6:0a:2f:38:0d:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8738bf1cc1381678038ef5da67642398e3d9819f Validity Not Before: Dec 6 04:01:20 2025 GMT Not After : Dec 7 04:01:20 2025 GMT Subject: CN=b729ad368c0f366adc276b91251b4e15535a85cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9c:03:e0:ad:76:48:1c:c7:54:fd:ff:66:18: 64:c4:64:fe:18:5f:a7:35:ac:dd:8c:16:1a:ed:7e: db:56:06:e5:76:22:11:80:cb:ff:d0:22:bb:6f:77: 7a:45:47:55:46:3f:1e:a4:30:1d:f0:89:03:a0:1c: 5d:0a:38:33:c0:23:75:7e:b9:7a:39:17:a0:80:19: 8c:99:d5:cd:06:1a:9b:c7:69:68:84:4a:25:6d:9e: e9:52:34:ed:6c:47:6e:79:1a:1f:9f:d9:9b:25:6a: b7:ea:23:73:df:8e:67:ed:cc:74:27:c8:2e:6c:fc: 62:65:fe:a4:f4:08:c9:56:35:1d:c6:39:41:38:e3: 70:65:43:1d:06:50:bd:cd:1c:58:4d:ff:4f:db:af: 3c:5e:62:ae:af:61:bf:ed:41:82:b0:80:f8:c5:42: 97:6a:65:fc:e8:e4:bd:a2:85:17:c4:c6:90:70:93: 81:4a:c0:08:48:65:6f:fa:dd:fc:a1:41:4c:9a:51: b0:72:70:5c:3a:08:a2:42:14:0c:77:85:26:3e:cc: b9:bc:26:f3:d1:50:80:69:68:73:74:0c:bd:de:f9: 70:c9:dc:37:6c:49:1e:aa:47:89:81:0b:f1:c4:47: ea:9f:06:8b:c9:5f:55:07:d6:2a:5e:dc:cd:99:8f: c3:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:29:AD:36:8C:0F:36:6A:DC:27:6B:91:25:1B:4E:15:53:5A:85:CD X509v3 Authority Key Identifier: keyid:87:38:BF:1C:C1:38:16:78:03:8E:F5:DA:67:64:23:98:E3:D9:81:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzi_HME4FngDjvXaZ2QjmOPZgZ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b28eb-b5ac-46fc-896b-51f73cd125bf/1/hzi_HME4FngDjvXaZ2QjmOPZgZ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:66:59:2a:5b:ae:40:83:87:89:59:ce:46:96:f1:ad:2b:f4: 56:65:d5:b9:81:1f:16:c4:09:16:1c:28:21:84:ec:1d:7a:48: fd:e1:e0:55:00:06:cf:ce:f4:7f:42:2e:7c:a1:70:60:9f:16: 2c:ca:f4:07:72:c2:f4:a9:09:c0:d0:84:b5:12:85:e9:bb:28: 43:1b:b0:90:a1:95:bd:26:f3:14:6d:e8:8a:f2:47:08:50:69: da:c0:1a:e1:ef:30:41:87:12:a9:75:5e:b5:06:68:17:53:fa: 36:94:64:57:27:ef:a2:f4:57:9f:7f:68:24:0f:b8:45:41:91: 0b:39:92:ee:d9:79:7f:52:b8:0e:ae:b4:5b:e7:cb:15:e3:cb: f5:29:ff:08:8e:e2:e0:f9:fc:8a:78:49:fd:4d:ef:01:e3:b1: 5d:51:47:36:c4:18:ff:25:ac:66:b3:88:b9:17:0e:d5:b9:cc: 9c:f6:bb:a2:11:03:68:84:5d:0f:da:fb:2b:c8:c9:2e:97:af: 43:2e:61:33:5a:e0:29:30:d8:62:59:19:c2:28:55:39:9b:e1: f8:46:a4:97:ec:90:30:c0:15:57:86:b8:97:d7:dc:09:e7:19: a3:09:37:b8:96:78:5c:11:e4:74:6c:9f:54:b6:bb:30:a8:17: e2:e8:6b:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0kWAnaqbQn6dpgovOA25MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3MzhiZjFjYzEzODE2NzgwMzhlZjVkYTY3NjQyMzk4ZTNk OTgxOWYwHhcNMjUxMjA2MDQwMTIwWhcNMjUxMjA3MDQwMTIwWjAzMTEwLwYDVQQD EyhiNzI5YWQzNjhjMGYzNjZhZGMyNzZiOTEyNTFiNGUxNTUzNWE4NWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZwD4K12SBzHVP3/ZhhkxGT+GF+n NazdjBYa7X7bVgbldiIRgMv/0CK7b3d6RUdVRj8epDAd8IkDoBxdCjgzwCN1frl6 OReggBmMmdXNBhqbx2lohEolbZ7pUjTtbEdueRofn9mbJWq36iNz345n7cx0J8gu bPxiZf6k9AjJVjUdxjlBOONwZUMdBlC9zRxYTf9P2688XmKur2G/7UGCsID4xUKX amX86OS9ooUXxMaQcJOBSsAISGVv+t38oUFMmlGwcnBcOgiiQhQMd4UmPsy5vCbz 0VCAaWhzdAy93vlwydw3bEkeqkeJgQvxxEfqnwaLyV9VB9YqXtzNmY/D+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLcprTaMDzZq3CdrkSUbThVTWoXNMB8GA1UdIwQY MBaAFIc4vxzBOBZ4A4712mdkI5jj2YGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmIt NTFmNzNjZDEyNWJmLzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xYjI4ZWItYjVhYy00NmZjLTg5NmItNTFmNzNjZDEyNWJm LzEvaHppX0hNRTRGbmdEanZYYVoyUWptT1BaZ1o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhWZZKluu QIOHiVnORpbxrSv0VmXVuYEfFsQJFhwoIYTsHXpI/eHgVQAGz870f0IufKFwYJ8W LMr0B3LC9KkJwNCEtRKF6bsoQxuwkKGVvSbzFG3oivJHCFBp2sAa4e8wQYcSqXVe tQZoF1P6NpRkVyfvovRXn39oJA+4RUGRCzmS7tl5f1K4Dq60W+fLFePL9Sn/CI7i 4Pn8inhJ/U3vAeOxXVFHNsQY/yWsZrOIuRcO1bnMnPa7ohEDaIRdD9r7K8jJLpev Qy5hM1rgKTDYYlkZwihVOZvh+Eakl+yQMMAVV4a4l9fcCecZowk3uJZ4XBHkdGyf VLa7MKgX4uhruQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:41:08 2025 by rpki-client