This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft File: HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft (raw, json) Hash identifier: 4tbQlSGljF+XG19DKrjJ58aEwb8zmvYIiG+E2U1b2kc= Subject key identifier: 7B:50:71:40:97:8A:3E:E1:AA:8E:F2:D0:81:8F:F2:F8:AB:2C:F4:7F Authority key identifier: 1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3 Certificate issuer: /CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3 Certificate serial: 019BF462F79B79CC9C97DA7010054B71C30B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft Manifest number: 177A Signing time: Sun 25 Jan 2026 09:01:25 +0000 Manifest this update: Sun 25 Jan 2026 09:01:25 +0000 Manifest next update: Mon 26 Jan 2026 09:01:25 +0000 Files and hashes: 1: HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl (hash: tNlgZwTOgkpM63tNu5YygajIWmL7zpSRroDh0GqwlPk=) 2: LtF7nKZF5Eu_SugtCNfVkUGiFHM.roa (hash: DT5yTfPTZI2KTOuvzB4Bd0By5xLBRBjLmkPSrqIV9B8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:62:f7:9b:79:cc:9c:97:da:70:10:05:4b:71:c3:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3 Validity Not Before: Jan 25 09:01:25 2026 GMT Not After : Jan 26 09:01:25 2026 GMT Subject: CN=7b507140978a3ee1aa8ef2d0818ff2f8ab2cf47f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:16:28:cc:c3:b0:40:1c:dc:01:1c:15:86:08: 12:57:19:ef:12:e9:00:3c:2c:0d:cb:1c:9e:ee:e4: 82:c2:4a:f2:8f:d2:47:e3:e7:be:bf:34:57:13:73: 24:ff:93:a1:d3:7f:59:a1:3c:b8:f4:0f:02:7e:77: 1f:9e:90:b7:de:59:71:c5:84:0a:76:19:52:8f:3f: f1:5c:81:9e:b9:2e:5a:72:26:82:a3:9a:22:ee:07: 4f:2a:ce:ad:24:de:df:bc:b9:76:46:4d:e1:f8:0d: c0:6b:bf:cd:c6:8d:07:da:e5:8e:64:50:0a:a2:02: 09:9e:59:67:e1:d0:93:9d:aa:a5:10:49:5c:ca:94: d3:17:99:19:60:e8:68:1a:10:3b:4c:ae:42:d9:ad: 92:9d:fe:95:89:59:64:4f:0c:6d:87:3e:36:23:34: a1:94:30:76:a8:37:52:a1:c5:a0:ef:78:5f:97:5a: 7a:c4:b1:bd:87:8b:d2:d8:81:c8:6c:6f:a7:08:54: 33:4a:0e:dd:df:1e:23:ab:b5:26:eb:aa:44:11:34: 65:b0:4f:e4:dc:52:5c:93:41:bf:d5:83:7b:78:7d: 98:b9:b8:8a:7c:d0:04:91:00:55:a6:b5:7b:09:3d: 83:b1:63:8d:ee:b3:74:a6:99:01:7b:59:aa:5d:61: 88:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:50:71:40:97:8A:3E:E1:AA:8E:F2:D0:81:8F:F2:F8:AB:2C:F4:7F X509v3 Authority Key Identifier: keyid:1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:e4:bf:5e:0e:5b:d6:5c:5e:12:cd:6d:a8:8e:84:d6:13:c7: 13:7c:8e:08:75:47:cc:86:46:46:1c:12:d7:4c:63:9b:80:6f: 49:0c:2e:f5:94:3d:20:1c:d0:9d:29:59:6c:02:e8:12:37:17: 90:9f:ef:b0:8f:69:19:e1:a3:20:60:1a:60:85:f0:39:b5:00: 16:80:73:d3:a5:60:35:7d:99:a4:d5:7b:63:83:02:0b:f9:3a: be:92:86:10:09:28:ef:6d:63:1a:4e:d1:79:df:65:11:55:a7: 9a:ce:f2:98:a8:0a:4b:e6:05:9f:4a:eb:ab:0c:d2:a1:b9:fa: 5d:ce:9a:6e:3b:3f:a0:56:0a:be:b3:49:4b:c2:45:3d:fb:3f: 6b:8a:ff:dd:22:18:46:f7:e1:e6:80:77:4e:67:73:83:40:ba: bf:5e:b5:30:c2:af:79:a5:39:72:e0:ee:bc:eb:14:ef:2e:c2: b0:a9:58:42:42:3d:3e:65:22:23:4f:b3:8d:b6:25:35:17:1b: 77:63:0f:12:c8:cc:8e:da:c8:d2:c7:13:34:41:2a:78:31:f5: e7:f8:1d:6a:f5:9d:6d:df:21:2b:fe:04:df:7d:9e:9d:4e:37: 8a:e0:0e:05:78:90:24:c4:0c:c0:b8:24:39:3d:b0:36:de:a5: 9e:9d:e0:bd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv0Yvebecycl9pwEAVLccMLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOTAzNDRkY2FmZmJkMzNlNjhkODQ4OTVkODdkOGFiZjUz Yzc0YTMwHhcNMjYwMTI1MDkwMTI1WhcNMjYwMTI2MDkwMTI1WjAzMTEwLwYDVQQD Eyg3YjUwNzE0MDk3OGEzZWUxYWE4ZWYyZDA4MThmZjJmOGFiMmNmNDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BYozMOwQBzcARwVhggSVxnvEukA PCwNyxye7uSCwkryj9JH4+e+vzRXE3Mk/5Oh039ZoTy49A8CfncfnpC33llxxYQK dhlSjz/xXIGeuS5aciaCo5oi7gdPKs6tJN7fvLl2Rk3h+A3Aa7/Nxo0H2uWOZFAK ogIJnlln4dCTnaqlEElcypTTF5kZYOhoGhA7TK5C2a2Snf6ViVlkTwxthz42IzSh lDB2qDdSocWg73hfl1p6xLG9h4vS2IHIbG+nCFQzSg7d3x4jq7Um66pEETRlsE/k 3FJck0G/1YN7eH2YubiKfNAEkQBVprV7CT2DsWON7rN0ppkBe1mqXWGIWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHtQcUCXij7hqo7y0IGP8virLPR/MB8GA1UdIwQY MBaAFB2QNE3K/70z5o2EiV2H2Kv1PHSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYt ZTUwNjRkYjIxYjIwLzEvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYtZTUwNjRkYjIxYjIw LzEvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAveS/Xg5b 1lxeEs1tqI6E1hPHE3yOCHVHzIZGRhwS10xjm4BvSQwu9ZQ9IBzQnSlZbALoEjcX kJ/vsI9pGeGjIGAaYIXwObUAFoBz06VgNX2ZpNV7Y4MCC/k6vpKGEAko721jGk7R ed9lEVWnms7ymKgKS+YFn0rrqwzSobn6Xc6abjs/oFYKvrNJS8JFPfs/a4r/3SIY Rvfh5oB3Tmdzg0C6v161MMKveaU5cuDuvOsU7y7CsKlYQkI9PmUiI0+zjbYlNRcb d2MPEsjMjtrI0scTNEEqeDH15/gdavWdbd8hK/4E332enU43iuAOBXiQJMQMwLgk OT2wNt6lnp3gvQ== -----END CERTIFICATE-----Generated at Sun Jan 25 18:52:37 2026 by rpki-client