This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft File: HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft (raw, json) Hash identifier: IyK55jseP3+4WqHTi6tRIYUHFG1X1iJI3sL2TK4OEy4= Subject key identifier: 33:E5:93:23:94:FA:01:B3:92:B2:88:6E:50:F6:32:64:21:B7:13:90 Authority key identifier: 1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17 Certificate issuer: /CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317 Certificate serial: 019AF20952F6649DDC1C0E3BE5D6C41DCF46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft Manifest number: 07A1 Signing time: Sat 06 Dec 2025 05:01:28 +0000 Manifest this update: Sat 06 Dec 2025 05:01:28 +0000 Manifest next update: Sun 07 Dec 2025 05:01:28 +0000 Files and hashes: 1: HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl (hash: UdI/WKDNybudIEwLtT/scyB/ibGp4A8YYPWqPhMgJqs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:52:f6:64:9d:dc:1c:0e:3b:e5:d6:c4:1d:cf:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c0a99501e7681fa3c67e1fd3d735128a22c6317 Validity Not Before: Dec 6 05:01:28 2025 GMT Not After : Dec 7 05:01:28 2025 GMT Subject: CN=33e5932394fa01b392b2886e50f6326421b71390 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:dc:b2:37:f9:2e:35:ba:03:4a:cb:e3:9a:d2: 73:90:3a:dd:9b:3f:8c:91:57:4c:ce:4e:ff:5c:ac: 83:0c:e1:1b:52:3d:85:2f:bb:bc:45:79:78:08:d1: 46:66:f3:a0:6f:db:f3:34:fa:1f:7a:a6:f3:4b:9d: 84:5b:ff:16:b2:ed:c9:2a:59:f9:48:a4:85:7a:75: d7:e5:ba:5e:58:c0:5e:b3:be:4a:55:31:dd:f3:ea: d5:89:d1:74:d0:3a:1b:7b:61:67:f7:13:d1:ed:8f: 6f:08:a9:c8:d9:4e:87:86:81:86:42:56:44:10:26: 96:5e:15:c3:a5:2a:1d:c3:f8:82:94:ca:58:8a:19: 2e:41:17:3a:f7:1f:e4:50:c8:0e:53:b5:3d:b4:98: 78:3b:fd:06:2b:fd:fd:8c:a7:67:dc:7a:71:b4:12: d5:ad:4a:36:51:4a:cf:ed:3c:5c:c6:46:57:aa:09: aa:0f:69:fb:14:c2:dd:c2:70:e9:d1:5d:c4:bc:87: e6:e5:2d:b9:2d:f2:d8:dd:dc:e7:8b:3a:a2:e8:f0: dd:c8:9e:ca:1d:0c:5f:33:80:47:a1:e2:10:88:f2: 96:37:a9:89:5b:4a:0f:14:f7:f4:99:ec:69:55:f5: 44:be:c0:ee:aa:82:c7:a6:c8:c2:54:64:96:8f:9b: 4b:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:E5:93:23:94:FA:01:B3:92:B2:88:6E:50:F6:32:64:21:B7:13:90 X509v3 Authority Key Identifier: keyid:1C:0A:99:50:1E:76:81:FA:3C:67:E1:FD:3D:73:51:28:A2:2C:63:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAqZUB52gfo8Z-H9PXNRKKIsYxc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e9c0b1-166a-4bea-bb53-13cf918f6cbc/1/HAqZUB52gfo8Z-H9PXNRKKIsYxc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:e2:c9:c5:2f:b4:8a:69:78:04:8d:fc:af:de:de:e3:29:fc: 1b:f8:96:95:86:fb:2b:7e:13:e6:60:87:83:5c:bf:69:38:6f: ba:1a:5e:4d:a4:03:0b:97:a6:5a:eb:df:d2:42:40:00:0a:8a: 0b:4b:a9:2a:02:0b:e1:5c:65:0d:8e:4a:8b:6c:f5:dc:22:fa: e0:bb:bf:72:88:52:43:fa:5c:e6:46:ef:1b:c6:db:fa:01:73: 0f:0c:b6:95:ae:f6:61:45:29:93:5f:2f:10:08:e0:ab:30:7d: dc:b9:ee:c8:3a:7d:2d:d1:b0:54:6b:94:6a:a8:d0:42:af:66: eb:98:6b:e2:8a:b8:01:79:ed:bd:48:8c:e9:26:33:80:7c:3f: c8:18:84:8d:29:c9:14:03:a8:01:11:05:db:69:df:43:3a:73: e8:fb:9a:dc:cd:b0:43:f8:ed:c5:04:9e:68:31:5b:c5:fd:cf: b6:97:0d:95:0a:19:47:96:a9:d1:d5:36:5c:21:ef:e6:18:29: 06:8a:97:a2:0e:28:03:e2:25:fe:a5:33:5d:53:ff:ff:75:94: 7f:d2:e0:08:18:9e:b2:c0:55:6a:cf:ef:d4:c1:0d:02:34:db: 58:1e:40:ea:15:fd:17:c1:a8:48:10:92:28:da:e0:08:f7:bf: f6:2d:cf:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCVL2ZJ3cHA475dbEHc9GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMGE5OTUwMWU3NjgxZmEzYzY3ZTFmZDNkNzM1MTI4YTIy YzYzMTcwHhcNMjUxMjA2MDUwMTI4WhcNMjUxMjA3MDUwMTI4WjAzMTEwLwYDVQQD EygzM2U1OTMyMzk0ZmEwMWIzOTJiMjg4NmU1MGY2MzI2NDIxYjcxMzkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtyyN/kuNboDSsvjmtJzkDrdmz+M kVdMzk7/XKyDDOEbUj2FL7u8RXl4CNFGZvOgb9vzNPofeqbzS52EW/8Wsu3JKln5 SKSFenXX5bpeWMBes75KVTHd8+rVidF00Dobe2Fn9xPR7Y9vCKnI2U6HhoGGQlZE ECaWXhXDpSodw/iClMpYihkuQRc69x/kUMgOU7U9tJh4O/0GK/39jKdn3HpxtBLV rUo2UUrP7TxcxkZXqgmqD2n7FMLdwnDp0V3EvIfm5S25LfLY3dznizqi6PDdyJ7K HQxfM4BHoeIQiPKWN6mJW0oPFPf0mexpVfVEvsDuqoLHpsjCVGSWj5tLjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDPlkyOU+gGzkrKIblD2MmQhtxOQMB8GA1UdIwQY MBaAFBwKmVAedoH6PGfh/T1zUSiiLGMXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMt MTNjZjkxOGY2Y2JjLzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi9lOWMwYjEtMTY2YS00YmVhLWJiNTMtMTNjZjkxOGY2Y2Jj LzEvSEFxWlVCNTJnZm84Wi1IOVBYTlJLS0lzWXhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZuLJxS+0 iml4BI38r97e4yn8G/iWlYb7K34T5mCHg1y/aThvuhpeTaQDC5emWuvf0kJAAAqK C0upKgIL4VxlDY5Ki2z13CL64Lu/cohSQ/pc5kbvG8bb+gFzDwy2la72YUUpk18v EAjgqzB93LnuyDp9LdGwVGuUaqjQQq9m65hr4oq4AXntvUiM6SYzgHw/yBiEjSnJ FAOoAREF22nfQzpz6Pua3M2wQ/jtxQSeaDFbxf3PtpcNlQoZR5ap0dU2XCHv5hgp BoqXog4oA+Il/qUzXVP//3WUf9LgCBiessBVas/v1MENAjTbWB5A6hX9F8GoSBCS KNrgCPe/9i3PYg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:11:57 2025 by rpki-client