This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft File: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft (raw, json) Hash identifier: 8UAZNabLSUXhh18MHVNGIWMK59l62yY1yiFp26f+arA= Subject key identifier: C6:5B:FF:D5:C7:EA:79:5F:F0:90:29:67:4D:81:1E:27:5F:37:0D:02 Authority key identifier: 86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE Certificate issuer: /CN=8649aa4b328735536d27c168cdbf4ea177701dce Certificate serial: 019AF464E488ED4A9EC02DF6365315B28299 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 16:00:43 +0000 Manifest this update: Sat 06 Dec 2025 16:00:43 +0000 Manifest next update: Sun 07 Dec 2025 16:00:43 +0000 Files and hashes: 1: hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl (hash: /mwOtMUWqgI+9PruT7Jz0Gt25MeU8zuR3E2gtupxEGw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:e4:88:ed:4a:9e:c0:2d:f6:36:53:15:b2:82:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8649aa4b328735536d27c168cdbf4ea177701dce Validity Not Before: Dec 6 16:00:43 2025 GMT Not After : Dec 7 16:00:43 2025 GMT Subject: CN=c65bffd5c7ea795ff09029674d811e275f370d02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:90:5a:24:41:8d:75:98:99:60:ff:95:b3:02: a3:5e:aa:c2:a9:52:32:75:98:14:08:11:83:72:8a: ae:29:d0:ec:25:5c:80:ba:f1:10:7c:1f:40:aa:88: 65:57:a8:a6:10:08:94:63:18:90:82:0c:88:67:9e: 49:b3:bc:ca:26:4b:1a:6b:94:31:81:28:7e:ad:5a: b7:e2:82:f7:98:f9:90:f8:b9:c2:33:c6:19:be:21: b0:00:9f:2f:17:e9:99:5d:cb:16:15:3e:ad:10:eb: 97:a1:58:4c:59:cd:cf:3f:02:20:9b:e0:13:96:b1: 46:f2:c3:39:0a:7e:2d:0e:ad:62:9e:e5:55:8c:ad: 01:30:84:f4:27:92:6c:c9:ca:99:74:14:3b:23:de: 18:18:17:ca:19:26:2b:1b:a7:59:d2:0b:67:1f:50: d0:14:6a:6e:f2:7d:5f:90:1d:a7:89:93:ad:c2:93: ae:17:2b:5b:f4:53:97:b8:99:f6:9d:0d:c3:7d:55: de:1a:35:23:37:49:b3:2c:00:74:77:34:56:fc:37: ce:66:78:93:05:ac:84:a2:71:61:b8:e5:da:5c:12: d7:3f:a1:9b:c1:c1:92:8b:cb:17:e9:cc:2d:3f:cf: 2a:08:ae:13:9b:90:c2:0a:12:54:9f:66:da:34:6f: 3f:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:5B:FF:D5:C7:EA:79:5F:F0:90:29:67:4D:81:1E:27:5F:37:0D:02 X509v3 Authority Key Identifier: keyid:86:49:AA:4B:32:87:35:53:6D:27:C1:68:CD:BF:4E:A1:77:70:1D:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c4d41f-60cd-4cbb-b253-19f1dab2d1b4/1/hkmqSzKHNVNtJ8Fozb9OoXdwHc4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:92:67:22:07:e3:c3:6c:3b:9a:c6:89:63:e4:b0:05:66:41: 91:33:13:8f:f2:bb:56:04:37:0a:17:41:e6:0d:78:35:54:c9: 82:a1:bf:8b:86:e8:ee:4b:a4:0f:1b:54:dd:39:85:04:09:5d: 8f:bd:63:e3:f2:bb:0e:7a:44:b3:23:97:75:1d:fe:cb:47:ad: ba:cf:7b:30:f0:88:4a:d4:3d:c4:d9:47:aa:06:ae:9d:bb:55: e4:9a:b8:b7:15:ee:9c:5b:c5:6c:61:c0:50:68:a3:f0:08:ad: b8:fd:6a:f6:63:a6:a1:1d:14:5d:19:fb:77:01:98:0a:4a:2c: 87:2a:96:bd:57:22:14:5e:45:a9:55:e0:63:34:71:d1:df:d5: 2d:a0:7e:82:87:54:4d:1b:11:ba:7d:1b:04:d3:28:27:f9:82: 0d:66:2a:00:46:d6:d6:e9:22:32:95:ae:75:04:4b:59:74:bc: 68:a8:27:33:26:5e:df:c9:02:62:c6:99:d4:8b:4a:e9:27:05: 65:88:dc:ae:4e:0e:23:4e:5a:fb:fc:ff:ae:03:41:16:bd:85: 86:3e:5e:9a:11:ee:90:88:1f:d2:51:cf:3b:98:9e:c0:22:3c: 32:e8:0f:7d:32:30:ff:43:5c:a3:72:c4:84:0a:60:8f:cf:7e: 53:77:2e:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZOSI7UqewC32NlMVsoKZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NDlhYTRiMzI4NzM1NTM2ZDI3YzE2OGNkYmY0ZWExNzc3 MDFkY2UwHhcNMjUxMjA2MTYwMDQzWhcNMjUxMjA3MTYwMDQzWjAzMTEwLwYDVQQD EyhjNjViZmZkNWM3ZWE3OTVmZjA5MDI5Njc0ZDgxMWUyNzVmMzcwZDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJBaJEGNdZiZYP+VswKjXqrCqVIy dZgUCBGDcoquKdDsJVyAuvEQfB9AqohlV6imEAiUYxiQggyIZ55Js7zKJksaa5Qx gSh+rVq34oL3mPmQ+LnCM8YZviGwAJ8vF+mZXcsWFT6tEOuXoVhMWc3PPwIgm+AT lrFG8sM5Cn4tDq1inuVVjK0BMIT0J5JsycqZdBQ7I94YGBfKGSYrG6dZ0gtnH1DQ FGpu8n1fkB2niZOtwpOuFytb9FOXuJn2nQ3DfVXeGjUjN0mzLAB0dzRW/DfOZniT BayEonFhuOXaXBLXP6GbwcGSi8sX6cwtP88qCK4Tm5DCChJUn2baNG8/nwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMZb/9XH6nlf8JApZ02BHidfNw0CMB8GA1UdIwQY MBaAFIZJqksyhzVTbSfBaM2/TqF3cB3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMt MTlmMWRhYjJkMWI0LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9jNGQ0MWYtNjBjZC00Y2JiLWIyNTMtMTlmMWRhYjJkMWI0 LzEvaGttcVN6S0hOVk50SjhGb3piOU9vWGR3SGM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAspJnIgfj w2w7msaJY+SwBWZBkTMTj/K7VgQ3ChdB5g14NVTJgqG/i4bo7kukDxtU3TmFBAld j71j4/K7DnpEsyOXdR3+y0etus97MPCIStQ9xNlHqgaunbtV5Jq4txXunFvFbGHA UGij8AituP1q9mOmoR0UXRn7dwGYCkoshyqWvVciFF5FqVXgYzRx0d/VLaB+godU TRsRun0bBNMoJ/mCDWYqAEbW1ukiMpWudQRLWXS8aKgnMyZe38kCYsaZ1ItK6ScF ZYjcrk4OI05a+/z/rgNBFr2Fhj5emhHukIgf0lHPO5iewCI8MugPfTIw/0Nco3LE hApgj89+U3cu6Q== -----END CERTIFICATE-----Generated at Sat Dec 6 19:30:38 2025 by rpki-client