This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft File: hkCo0qJ0maklfW7UZjoLMNob_jM.mft (raw, json) Hash identifier: rNF8pV861mVzFp+TcEoPDB02bDJHgipNREtwASuzhO8= Subject key identifier: CE:6D:D4:9A:51:56:94:8F:5D:31:00:7E:04:DE:5D:C8:5B:66:CB:FB Authority key identifier: 86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 Certificate issuer: /CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Certificate serial: 019B33448CCB0E608FA443D924A4D6B36197 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft Manifest number: 0B2A Signing time: Thu 18 Dec 2025 21:01:28 +0000 Manifest this update: Thu 18 Dec 2025 21:01:28 +0000 Manifest next update: Fri 19 Dec 2025 21:01:28 +0000 Files and hashes: 1: hkCo0qJ0maklfW7UZjoLMNob_jM.crl (hash: lHfiP3cOvKf6kn9cX2LIp/E9gNKc+ypEEiS5V4TonTs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:8c:cb:0e:60:8f:a4:43:d9:24:a4:d6:b3:61:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8640a8d2a27499a9257d6ed4663a0b30da1bfe33 Validity Not Before: Dec 18 21:01:28 2025 GMT Not After : Dec 19 21:01:28 2025 GMT Subject: CN=ce6dd49a5156948f5d31007e04de5dc85b66cbfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:4f:df:a0:78:72:57:79:25:68:8d:a6:0c:4a: e8:af:85:ab:24:24:14:7f:b3:83:60:dc:86:88:38: e7:e5:d4:f7:ad:0a:e1:e8:47:19:17:d3:1e:7d:2e: e4:50:79:d9:a9:cb:cf:20:f2:e2:ed:8d:89:32:e0: 86:bb:f6:5a:36:ad:28:c1:ac:74:26:ba:29:4a:a0: 99:35:4c:74:53:f6:d7:d2:46:24:bc:dd:82:0c:69: 7a:b7:9e:45:1f:0e:04:52:07:e3:a6:02:86:f6:60: 92:23:da:b9:40:2e:89:31:24:f1:9e:b7:9d:f3:ae: db:c3:d3:4c:6e:fa:eb:21:66:05:ea:8e:b5:f3:c5: 49:8d:db:b6:3b:52:4d:4d:6c:d1:fb:ef:2e:21:c3: 96:43:89:6b:68:36:a8:30:60:0a:63:7a:a2:8c:54: f1:25:01:65:9c:c5:76:49:0e:58:7b:7e:5d:1b:1d: 23:18:05:65:ff:63:10:f5:91:b0:82:1a:1a:16:90: 87:7f:46:a7:17:15:12:44:b6:e0:1c:f1:6a:7a:cc: fa:6e:be:5e:73:07:5a:9b:00:f6:34:92:96:6b:01: ce:7b:99:3b:79:63:4f:2a:f5:71:4f:b3:53:46:c9: 40:8e:85:84:bd:24:d9:93:d4:2c:c5:5d:7e:35:ac: ed:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:6D:D4:9A:51:56:94:8F:5D:31:00:7E:04:DE:5D:C8:5B:66:CB:FB X509v3 Authority Key Identifier: keyid:86:40:A8:D2:A2:74:99:A9:25:7D:6E:D4:66:3A:0B:30:DA:1B:FE:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkCo0qJ0maklfW7UZjoLMNob_jM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/909dc1-c048-4fb4-898a-0710747a2e91/1/hkCo0qJ0maklfW7UZjoLMNob_jM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:79:b9:e0:95:12:1c:a5:2e:0e:f3:48:56:61:de:5f:44:33: 96:65:e8:ae:e8:82:6f:6b:28:aa:4d:02:e4:05:6b:e4:25:dc: 0a:64:d1:b9:b2:54:77:d8:41:17:30:85:a9:93:7d:fa:cb:d8: 90:a8:26:ee:5e:1d:62:b8:d2:f2:60:c7:1a:45:ad:a0:b6:8b: 33:83:90:7c:ec:52:f8:f8:3a:1d:a4:6e:bf:99:e6:46:ad:c8: 70:32:68:4f:b0:47:69:d4:97:67:82:51:3a:87:ac:ec:40:12: 90:33:97:82:02:9b:0b:37:0a:ce:13:51:54:b7:b4:5a:cc:f5: 59:01:dc:77:07:38:b1:99:db:82:3a:1c:ab:d6:6d:9c:93:12: a9:8c:eb:8b:12:aa:e2:cc:1a:12:d9:2b:da:0e:ee:57:45:e3: db:71:7b:05:bd:bc:c7:a5:5a:81:04:f4:67:76:ca:bc:b2:61: b4:1a:34:49:cf:47:c2:85:5c:d6:7f:f4:c4:e2:56:ac:ab:ff: 12:c7:ff:26:16:83:1b:aa:bb:72:f7:ef:f3:ac:ee:78:9a:24: 64:67:63:c1:cd:65:ee:10:9a:4e:ed:46:bd:e4:89:cf:48:b0: 6c:88:40:7c:b6:76:7e:90:bb:2b:30:c6:b3:d7:6a:a4:67:7d: 42:48:f0:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRIzLDmCPpEPZJKTWs2GXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDBhOGQyYTI3NDk5YTkyNTdkNmVkNDY2M2EwYjMwZGEx YmZlMzMwHhcNMjUxMjE4MjEwMTI4WhcNMjUxMjE5MjEwMTI4WjAzMTEwLwYDVQQD EyhjZTZkZDQ5YTUxNTY5NDhmNWQzMTAwN2UwNGRlNWRjODViNjZjYmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE/foHhyV3klaI2mDEror4WrJCQU f7ODYNyGiDjn5dT3rQrh6EcZF9MefS7kUHnZqcvPIPLi7Y2JMuCGu/ZaNq0owax0 JropSqCZNUx0U/bX0kYkvN2CDGl6t55FHw4EUgfjpgKG9mCSI9q5QC6JMSTxnred 867bw9NMbvrrIWYF6o6188VJjdu2O1JNTWzR++8uIcOWQ4lraDaoMGAKY3qijFTx JQFlnMV2SQ5Ye35dGx0jGAVl/2MQ9ZGwghoaFpCHf0anFxUSRLbgHPFqesz6br5e cwdamwD2NJKWawHOe5k7eWNPKvVxT7NTRslAjoWEvSTZk9QsxV1+NaztLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM5t1JpRVpSPXTEAfgTeXchbZsv7MB8GA1UdIwQY MBaAFIZAqNKidJmpJX1u1GY6CzDaG/4zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEt MDcxMDc0N2EyZTkxLzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC85MDlkYzEtYzA0OC00ZmI0LTg5OGEtMDcxMDc0N2EyZTkx LzEvaGtDbzBxSjBtYWtsZlc3VVpqb0xNTm9iX2pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcnm54JUS HKUuDvNIVmHeX0QzlmXoruiCb2soqk0C5AVr5CXcCmTRubJUd9hBFzCFqZN9+svY kKgm7l4dYrjS8mDHGkWtoLaLM4OQfOxS+Pg6HaRuv5nmRq3IcDJoT7BHadSXZ4JR Ooes7EASkDOXggKbCzcKzhNRVLe0Wsz1WQHcdwc4sZnbgjocq9ZtnJMSqYzrixKq 4swaEtkr2g7uV0Xj23F7Bb28x6VagQT0Z3bKvLJhtBo0Sc9HwoVc1n/0xOJWrKv/ Esf/JhaDG6q7cvfv86zueJokZGdjwc1l7hCaTu1GveSJz0iwbIhAfLZ2fpC7KzDG s9dqpGd9Qkjw+g== -----END CERTIFICATE-----Generated at Fri Dec 19 00:47:21 2025 by rpki-client