This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft File: HzjUsMuomcJPTjQHOE1tP6jVGl8.mft (raw, json) Hash identifier: hKMgeBfO8SfSNNS3jAd74IZKHyocDyRR5s3ETuxBhdM= Subject key identifier: 4C:1C:7D:8F:71:22:78:EC:C7:F6:45:52:89:1B:9A:A7:BD:6F:48:A7 Authority key identifier: 1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F Certificate issuer: /CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f Certificate serial: 019AF5785F777169FAF06A245ADD4BEF0F03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft Manifest number: 052D Signing time: Sat 06 Dec 2025 21:01:37 +0000 Manifest this update: Sat 06 Dec 2025 21:01:37 +0000 Manifest next update: Sun 07 Dec 2025 21:01:37 +0000 Files and hashes: 1: HzjUsMuomcJPTjQHOE1tP6jVGl8.crl (hash: J1Ew8VccQoSLKWwLu1ZEYrGHxtAubFvzTgoN91KKpME=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:5f:77:71:69:fa:f0:6a:24:5a:dd:4b:ef:0f:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f Validity Not Before: Dec 6 21:01:37 2025 GMT Not After : Dec 7 21:01:37 2025 GMT Subject: CN=4c1c7d8f712278ecc7f64552891b9aa7bd6f48a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:c6:8a:d8:83:f9:fb:1d:e8:7a:1a:8a:65:36: 0f:47:9e:97:17:d8:36:df:a6:0a:59:3d:1b:d9:de: 66:98:2e:bf:c9:d8:06:58:a2:f9:23:58:4b:48:77: 89:66:e4:ee:f2:c6:99:90:6a:a3:a6:66:d6:f5:17: e2:9d:19:8d:d7:b5:23:ac:c9:b7:4c:a7:a1:14:54: 0b:63:89:c7:0b:d8:2c:f8:35:e7:3e:18:33:5e:7b: d0:e1:78:90:ea:f0:3b:b5:a9:d0:c8:4c:fa:25:0c: cd:ce:2b:87:fa:20:32:9f:39:76:e4:81:91:9d:f1: e6:fd:4d:59:be:2a:7a:f1:3c:3b:ef:af:fd:18:88: d5:46:1e:21:9a:fb:24:2c:11:d9:97:19:b8:7a:2d: 91:1f:cd:bb:0a:c1:14:cf:0b:a9:79:b0:13:18:b8: 51:cd:14:74:52:7c:ec:66:f0:db:db:6d:5b:21:7b: 14:0b:c7:87:2e:95:e8:93:f6:38:6c:30:b3:32:01: 85:6e:02:ce:a6:fa:f7:ad:43:a9:d2:05:c2:30:35: 47:e7:6d:8f:f0:1e:ab:3c:2c:20:2b:4f:81:74:51: 68:fb:76:1b:19:b8:46:5b:6c:ae:36:16:1c:13:ad: 5b:e9:28:b8:1c:e7:62:58:f6:09:d1:3c:61:22:7d: 91:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:1C:7D:8F:71:22:78:EC:C7:F6:45:52:89:1B:9A:A7:BD:6F:48:A7 X509v3 Authority Key Identifier: keyid:1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:29:22:f9:51:3b:d5:c5:3e:aa:4b:ba:6e:cd:ca:95:92:f7: d6:b6:e6:59:50:19:e7:36:d8:1f:8f:37:36:e9:42:e1:49:7c: 2b:76:72:a9:33:cc:b1:95:a7:58:f7:03:d1:7d:3a:a8:2a:95: e9:25:21:61:27:09:77:76:b7:8e:18:01:71:5e:0d:a4:80:92: 12:2a:4f:63:41:ff:bc:92:37:5e:20:7d:6d:30:cd:db:15:64: 4f:4c:04:ea:3c:e4:f5:0c:a4:b6:35:6d:11:c6:3e:e7:1a:e8: 67:58:f5:f1:95:bb:99:e3:92:bf:d6:d4:1d:09:7f:97:30:97: b3:30:f4:1c:78:96:f7:27:80:1e:bc:40:b0:49:46:29:a9:b7: 82:0b:72:d1:24:a2:d1:d2:fd:16:55:55:6a:90:38:38:de:72: 8f:1b:a8:03:c0:45:59:21:89:42:6d:1a:38:41:fa:f4:c3:f1: 39:20:8a:24:a2:34:a7:4a:70:02:be:77:7a:0d:b3:fe:48:15: 55:2f:34:46:84:9f:61:f2:02:06:a9:6c:fd:ce:61:41:2b:c4: 61:b8:ed:ad:24:0b:77:d8:f3:57:76:88:3f:6f:cb:b0:ef:f3: 3e:b4:50:b4:34:df:19:df:66:38:fd:e4:09:87:b7:fc:da:01: 47:71:df:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eF93cWn68GokWt1L7w8DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzhkNGIwY2JhODk5YzI0ZjRlMzQwNzM4NGQ2ZDNmYThk NTFhNWYwHhcNMjUxMjA2MjEwMTM3WhcNMjUxMjA3MjEwMTM3WjAzMTEwLwYDVQQD Eyg0YzFjN2Q4ZjcxMjI3OGVjYzdmNjQ1NTI4OTFiOWFhN2JkNmY0OGE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsaK2IP5+x3oehqKZTYPR56XF9g2 36YKWT0b2d5mmC6/ydgGWKL5I1hLSHeJZuTu8saZkGqjpmbW9RfinRmN17UjrMm3 TKehFFQLY4nHC9gs+DXnPhgzXnvQ4XiQ6vA7tanQyEz6JQzNziuH+iAynzl25IGR nfHm/U1Zvip68Tw776/9GIjVRh4hmvskLBHZlxm4ei2RH827CsEUzwupebATGLhR zRR0UnzsZvDb221bIXsUC8eHLpXok/Y4bDCzMgGFbgLOpvr3rUOp0gXCMDVH522P 8B6rPCwgK0+BdFFo+3YbGbhGW2yuNhYcE61b6Si4HOdiWPYJ0TxhIn2RPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEwcfY9xInjsx/ZFUokbmqe9b0inMB8GA1UdIwQY MBaAFB841LDLqJnCT040BzhNbT+o1RpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEt M2EyODhjMmM4NTJjLzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEtM2EyODhjMmM4NTJj LzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCki+VE7 1cU+qku6bs3KlZL31rbmWVAZ5zbYH483NulC4Ul8K3ZyqTPMsZWnWPcD0X06qCqV 6SUhYScJd3a3jhgBcV4NpICSEipPY0H/vJI3XiB9bTDN2xVkT0wE6jzk9QyktjVt EcY+5xroZ1j18ZW7meOSv9bUHQl/lzCXszD0HHiW9yeAHrxAsElGKam3ggty0SSi 0dL9FlVVapA4ON5yjxuoA8BFWSGJQm0aOEH69MPxOSCKJKI0p0pwAr53eg2z/kgV VS80RoSfYfICBqls/c5hQSvEYbjtrSQLd9jzV3aIP2/LsO/zPrRQtDTfGd9mOP3k CYe3/NoBR3Hf5A== -----END CERTIFICATE-----Generated at Sun Dec 7 04:14:02 2025 by rpki-client