This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft File: HzJorQbzq480bQ3jm9SuqztlhNk.mft (raw, json) Hash identifier: Ni073Mzn0HwhGzadwq1lxUlkK4B3IEH3+mY8vUHHbOo= Subject key identifier: 4E:A8:59:3B:E7:16:29:F4:7E:59:A1:89:56:08:20:F5:12:60:26:05 Authority key identifier: 1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9 Certificate issuer: /CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9 Certificate serial: 019AF31C99AFC4BF5635F730360B6F09D927 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft Manifest number: 095C Signing time: Sat 06 Dec 2025 10:02:08 +0000 Manifest this update: Sat 06 Dec 2025 10:02:08 +0000 Manifest next update: Sun 07 Dec 2025 10:02:08 +0000 Files and hashes: 1: HzJorQbzq480bQ3jm9SuqztlhNk.crl (hash: csCStQMHURMT+l63EG5FRlb3+H4joUBiIatQcS5gUBI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:99:af:c4:bf:56:35:f7:30:36:0b:6f:09:d9:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f3268ad06f3ab8f346d0de39bd4aeab3b6584d9 Validity Not Before: Dec 6 10:02:08 2025 GMT Not After : Dec 7 10:02:08 2025 GMT Subject: CN=4ea8593be71629f47e59a189560820f512602605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:b5:46:6e:d7:3e:85:c6:a4:a6:b0:e1:9c:d2: e3:50:bf:81:7f:40:60:b5:74:32:0b:70:51:8e:07: a6:02:ec:b3:98:11:36:03:fd:a5:f8:b8:72:54:dd: 68:84:75:9d:b0:6d:c1:be:69:d8:fc:fc:7f:62:16: 00:e1:02:28:e7:17:e6:55:84:12:dc:d2:be:a1:94: 34:96:08:a0:2b:9f:00:33:79:14:d0:81:61:71:eb: 5c:7a:e2:2e:c5:cd:09:46:ac:fd:5e:f8:87:f5:06: ce:42:17:03:59:46:af:50:1b:80:9c:01:a8:e9:a4: 28:82:77:7b:7b:43:a5:e2:72:ba:cb:23:71:a0:04: 77:41:79:ec:de:b4:c9:58:3c:f0:07:aa:99:9f:0d: a8:a2:2b:fa:ac:62:07:fb:ab:3b:ae:69:2d:6d:42: dd:5a:90:da:35:ba:03:9a:f0:e5:f3:5b:3f:4b:7a: 01:4c:f2:41:3e:57:cc:49:fe:5d:37:bd:7b:67:70: 9d:c8:1c:b3:b1:4c:7d:5f:01:b8:39:5a:b8:cc:bc: 29:e2:c9:ac:cf:c8:d2:48:3d:0e:60:91:a7:ea:b0: 06:80:0e:b5:03:74:4e:a5:c7:7e:64:b4:5f:57:ca: e5:09:47:c0:c8:37:78:f8:4f:a0:3b:4e:63:b5:9d: e7:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:A8:59:3B:E7:16:29:F4:7E:59:A1:89:56:08:20:F5:12:60:26:05 X509v3 Authority Key Identifier: keyid:1F:32:68:AD:06:F3:AB:8F:34:6D:0D:E3:9B:D4:AE:AB:3B:65:84:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzJorQbzq480bQ3jm9SuqztlhNk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/3919d3-2139-4c42-b7d4-8a0c729893ba/1/HzJorQbzq480bQ3jm9SuqztlhNk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:4a:a5:1e:84:a9:16:59:ee:4c:67:a3:fa:f0:7e:25:ca:aa: b1:75:ae:fe:b6:4a:73:8f:62:f5:33:b6:c5:f6:f9:27:08:bd: de:d9:17:cd:b6:31:a6:85:20:c5:8d:09:de:b4:f1:47:35:53: a8:33:c1:d7:a6:5f:e1:d1:01:68:6e:fa:3c:98:c0:5e:29:27: 8f:b7:97:de:95:ec:0b:49:9e:17:9d:6c:f4:ef:d2:8c:2e:5a: 9c:12:e0:27:bc:a5:95:96:d3:1c:25:c1:2e:eb:bf:0a:f1:4b: 05:96:d6:95:b1:2e:94:cb:37:1e:45:f8:6a:99:e5:9b:81:18: de:39:95:08:87:b3:0d:2e:c4:0d:f4:cc:07:f7:ec:6f:e3:47: 4c:97:24:06:6b:30:b2:ef:14:f7:57:52:ad:b1:66:fb:1f:d9: ef:db:b6:5b:85:09:bd:fe:dc:13:8a:a2:59:97:e8:e2:42:1b: a3:71:bf:22:7d:0b:96:59:76:6c:a1:10:5d:13:d5:b1:7e:35: ac:df:1e:c7:3c:bc:47:d4:7d:89:d3:4e:0b:55:f2:5b:45:8c: 95:1d:43:e4:fb:f0:ea:74:01:78:68:07:80:8e:2b:be:28:f7: f4:ad:f3:3e:d0:5d:18:17:3a:65:f7:ba:75:ff:c9:2f:91:65: ed:de:58:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHJmvxL9WNfcwNgtvCdknMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmMzI2OGFkMDZmM2FiOGYzNDZkMGRlMzliZDRhZWFiM2I2 NTg0ZDkwHhcNMjUxMjA2MTAwMjA4WhcNMjUxMjA3MTAwMjA4WjAzMTEwLwYDVQQD Eyg0ZWE4NTkzYmU3MTYyOWY0N2U1OWExODk1NjA4MjBmNTEyNjAyNjA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7VGbtc+hcakprDhnNLjUL+Bf0Bg tXQyC3BRjgemAuyzmBE2A/2l+LhyVN1ohHWdsG3BvmnY/Px/YhYA4QIo5xfmVYQS 3NK+oZQ0lgigK58AM3kU0IFhcetceuIuxc0JRqz9XviH9QbOQhcDWUavUBuAnAGo 6aQognd7e0Ol4nK6yyNxoAR3QXns3rTJWDzwB6qZnw2ooiv6rGIH+6s7rmktbULd WpDaNboDmvDl81s/S3oBTPJBPlfMSf5dN717Z3CdyByzsUx9XwG4OVq4zLwp4sms z8jSSD0OYJGn6rAGgA61A3ROpcd+ZLRfV8rlCUfAyDd4+E+gO05jtZ3n7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE6oWTvnFin0flmhiVYIIPUSYCYFMB8GA1UdIwQY MBaAFB8yaK0G86uPNG0N45vUrqs7ZYTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQt OGEwYzcyOTg5M2JhLzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8zOTE5ZDMtMjEzOS00YzQyLWI3ZDQtOGEwYzcyOTg5M2Jh LzEvSHpKb3JRYnpxNDgwYlEzam05U3VxenRsaE5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0qlHoSp FlnuTGej+vB+JcqqsXWu/rZKc49i9TO2xfb5Jwi93tkXzbYxpoUgxY0J3rTxRzVT qDPB16Zf4dEBaG76PJjAXiknj7eX3pXsC0meF51s9O/SjC5anBLgJ7yllZbTHCXB Luu/CvFLBZbWlbEulMs3HkX4apnlm4EY3jmVCIezDS7EDfTMB/fsb+NHTJckBmsw su8U91dSrbFm+x/Z79u2W4UJvf7cE4qiWZfo4kIbo3G/In0Llll2bKEQXRPVsX41 rN8exzy8R9R9idNOC1XyW0WMlR1D5Pvw6nQBeGgHgI4rvij39K3zPtBdGBc6Zfe6 df/JL5Fl7d5YrA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:27:38 2025 by rpki-client