This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft File: HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft (raw, json) Hash identifier: h0OvPW+CDKHI2rW5R8WVkc66ffn52/gZ41vCyvdfjTY= Subject key identifier: 5E:A7:D0:45:B9:D9:AB:10:AF:97:E3:BE:31:AC:7D:E0:BB:48:A7:0F Authority key identifier: 1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3 Certificate issuer: /CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3 Certificate serial: 019B07B4EF8AED0D1543619596438278880A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft Manifest number: 16FF Signing time: Wed 10 Dec 2025 10:00:56 +0000 Manifest this update: Wed 10 Dec 2025 10:00:56 +0000 Manifest next update: Thu 11 Dec 2025 10:00:56 +0000 Files and hashes: 1: HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl (hash: 9UtIg1ZPxyCo4S4jKcxJq+ca/XhlT9zjLM/eXwVRVKM=) 2: hIagYPgcgLqF5hqMfUhJY2-sJAs.roa (hash: ZaaWq0BbjJoluHI5ROX+aFarBCsxRa8oHhsXlvsyUeU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:07:b4:ef:8a:ed:0d:15:43:61:95:96:43:82:78:88:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3 Validity Not Before: Dec 10 10:00:56 2025 GMT Not After : Dec 11 10:00:56 2025 GMT Subject: CN=5ea7d045b9d9ab10af97e3be31ac7de0bb48a70f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a1:35:58:10:c6:c3:2e:49:a7:9c:34:f0:37: 10:b3:88:75:8a:e0:df:db:4b:3e:11:c0:5e:de:af: a2:49:50:3d:1e:6c:7b:d6:36:20:5b:d1:4e:09:d4: 8d:7e:e3:40:36:26:f2:df:9a:f7:85:09:8e:9d:ce: 39:10:eb:73:ce:c4:03:0e:4c:4a:45:78:fb:d1:11: 8d:28:88:40:a3:c4:9f:ca:18:17:c2:e9:72:74:6a: 2c:01:25:f0:a9:cd:9f:8c:bb:e5:e3:fc:89:94:2a: ca:44:ea:27:d0:f7:74:06:99:b6:17:7d:bd:56:3a: 4b:25:eb:2d:a1:f5:c0:84:92:45:d8:a5:8d:d8:26: 83:7a:29:6b:c8:d6:aa:cb:b7:9e:b7:bc:47:aa:9f: af:52:2e:b9:3c:74:ce:03:57:6a:23:73:86:d3:b6: 6f:84:f2:9d:82:89:60:ba:d0:28:18:d2:5b:d6:15: ef:4b:70:58:aa:0b:91:33:46:48:5e:39:e2:af:94: c6:26:8e:b9:0d:fb:ac:86:b1:a7:5f:e3:74:ae:46: 92:ff:ab:8c:34:81:5f:6b:79:e3:31:74:e1:07:95: c4:7a:a6:46:ae:40:cc:7a:88:75:54:d7:83:43:76: df:4b:b4:2b:09:87:6d:14:74:c9:c4:c4:82:40:67: c4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:A7:D0:45:B9:D9:AB:10:AF:97:E3:BE:31:AC:7D:E0:BB:48:A7:0F X509v3 Authority Key Identifier: keyid:1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:2c:6b:cd:d0:96:d8:98:73:5f:4e:26:25:22:a0:de:89:42: 8f:8d:93:a3:ae:a5:d2:13:b4:5f:17:9f:06:db:91:f3:38:ff: 46:47:30:a9:ad:b2:19:0e:fa:b5:82:6b:64:a4:e7:48:96:23: 29:3c:25:25:75:1b:b0:76:f1:4b:f7:a8:ef:a9:e5:4f:19:32: f5:9e:0a:ac:a2:62:38:3a:da:08:bc:98:a8:67:4a:9a:42:d7: 2e:31:fc:2d:b3:57:5a:e8:c7:df:c7:7b:fa:30:54:3b:b9:19: 76:a1:36:c7:ae:29:90:a7:c0:44:e9:48:73:ca:3f:af:09:80: 2c:d9:28:89:4e:98:fc:7a:49:f9:9a:dd:c4:1f:b3:13:cb:ba: ea:99:a7:be:00:18:88:84:99:e8:fc:c5:b0:a0:0a:63:f3:bd: 85:2c:e5:99:98:4e:da:17:5f:1d:0f:e8:0d:13:f8:65:f3:61: 64:be:42:c5:76:c1:f0:97:98:bf:88:f3:dc:9f:ae:4c:cc:b7: d5:5e:dd:86:f4:c0:6f:d5:79:55:3b:bf:dc:2f:c5:1e:fa:c2: ca:21:df:30:5b:32:24:8e:6d:ce:d7:12:b0:d3:eb:ae:75:40: ba:08:28:15:32:81:da:04:8f:5f:49:9a:dc:18:36:df:a2:a1: 9b:aa:42:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsHtO+K7Q0VQ2GVlkOCeIgKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOTAzNDRkY2FmZmJkMzNlNjhkODQ4OTVkODdkOGFiZjUz Yzc0YTMwHhcNMjUxMjEwMTAwMDU2WhcNMjUxMjExMTAwMDU2WjAzMTEwLwYDVQQD Eyg1ZWE3ZDA0NWI5ZDlhYjEwYWY5N2UzYmUzMWFjN2RlMGJiNDhhNzBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaE1WBDGwy5Jp5w08DcQs4h1iuDf 20s+EcBe3q+iSVA9Hmx71jYgW9FOCdSNfuNANiby35r3hQmOnc45EOtzzsQDDkxK RXj70RGNKIhAo8SfyhgXwulydGosASXwqc2fjLvl4/yJlCrKROon0Pd0Bpm2F329 VjpLJestofXAhJJF2KWN2CaDeilryNaqy7eet7xHqp+vUi65PHTOA1dqI3OG07Zv hPKdgolgutAoGNJb1hXvS3BYqguRM0ZIXjnir5TGJo65DfushrGnX+N0rkaS/6uM NIFfa3njMXThB5XEeqZGrkDMeoh1VNeDQ3bfS7QrCYdtFHTJxMSCQGfERQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF6n0EW52asQr5fjvjGsfeC7SKcPMB8GA1UdIwQY MBaAFB2QNE3K/70z5o2EiV2H2Kv1PHSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYt ZTUwNjRkYjIxYjIwLzEvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYtZTUwNjRkYjIxYjIw LzEvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyxrzdCW 2JhzX04mJSKg3olCj42To66l0hO0XxefBtuR8zj/Rkcwqa2yGQ76tYJrZKTnSJYj KTwlJXUbsHbxS/eo76nlTxky9Z4KrKJiODraCLyYqGdKmkLXLjH8LbNXWujH38d7 +jBUO7kZdqE2x64pkKfAROlIc8o/rwmALNkoiU6Y/HpJ+ZrdxB+zE8u66pmnvgAY iISZ6PzFsKAKY/O9hSzlmZhO2hdfHQ/oDRP4ZfNhZL5CxXbB8JeYv4jz3J+uTMy3 1V7dhvTAb9V5VTu/3C/FHvrCyiHfMFsyJI5tztcSsNPrrnVAuggoFTKB2gSPX0ma 3Bg236Khm6pCuw== -----END CERTIFICATE-----Generated at Wed Dec 10 17:22:28 2025 by rpki-client