This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft File: HdGoMITMB7cxuvkdqvMTbC9rddM.mft (raw, json) Hash identifier: EMjoElX5gE7miVV83yh1BMPBVOWWoh2fob9WTTgrlKk= Subject key identifier: 4A:C8:B5:12:EC:DB:9E:79:B3:1F:70:49:44:85:63:78:A1:0E:40:7F Authority key identifier: 1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3 Certificate issuer: /CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3 Certificate serial: 019B2D0B7E06ED83873DABC2C09356E68592 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft Manifest number: 134D Signing time: Wed 17 Dec 2025 16:01:26 +0000 Manifest this update: Wed 17 Dec 2025 16:01:26 +0000 Manifest next update: Thu 18 Dec 2025 16:01:26 +0000 Files and hashes: 1: HdGoMITMB7cxuvkdqvMTbC9rddM.crl (hash: PFjHJ6FxAaKR9ni/3hzJMQaVmwN/8W5sPCHeo6kAlTU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0b:7e:06:ed:83:87:3d:ab:c2:c0:93:56:e6:85:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1dd1a83084cc07b731baf91daaf3136c2f6b75d3 Validity Not Before: Dec 17 16:01:26 2025 GMT Not After : Dec 18 16:01:26 2025 GMT Subject: CN=4ac8b512ecdb9e79b31f704944856378a10e407f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:a0:5d:d2:0d:13:00:b8:8b:0e:44:29:f1:84: e9:59:4c:75:47:2f:95:3b:b6:ad:78:a9:dc:09:b6: c6:95:08:e6:ae:16:68:c1:f7:f8:3c:ae:e1:2d:0d: 93:54:3e:76:d9:26:ae:1e:7a:66:52:8b:b1:da:9a: 91:ce:af:7b:22:4d:79:f5:8d:52:50:26:41:ab:06: 75:1f:d3:16:cc:d4:34:78:c2:16:46:0f:d4:3c:62: 3c:f1:4e:08:f5:1b:7d:4d:d5:fe:c1:59:6b:f3:e4: cd:33:68:42:69:40:3d:b0:e8:14:14:fe:fa:13:d2: 02:db:8d:1c:c1:ae:69:c0:8f:8d:6b:4a:8e:78:c2: 2a:03:4c:3d:0e:c0:64:ce:4b:4c:60:48:c0:ba:2d: 34:5a:20:91:4a:55:32:bd:13:20:a7:42:24:1a:72: 85:b8:f6:a5:99:d2:35:af:eb:e9:23:f9:e2:ef:cb: ca:9d:6c:54:5e:e0:6e:d0:84:9a:b9:b5:1b:24:1e: fe:98:fc:cb:55:7b:f3:12:f5:0b:df:ec:21:0f:fd: fb:b7:04:0b:9f:10:eb:68:fd:43:00:f9:f1:f1:fe: 78:29:02:09:2d:b2:b1:9e:e2:30:a8:65:4d:35:ed: a6:28:d9:54:3f:bd:c9:ca:d7:af:48:55:7f:d8:ca: 81:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:C8:B5:12:EC:DB:9E:79:B3:1F:70:49:44:85:63:78:A1:0E:40:7F X509v3 Authority Key Identifier: keyid:1D:D1:A8:30:84:CC:07:B7:31:BA:F9:1D:AA:F3:13:6C:2F:6B:75:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdGoMITMB7cxuvkdqvMTbC9rddM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5d0928-e68f-4e19-b226-4036278b43f9/1/HdGoMITMB7cxuvkdqvMTbC9rddM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:a7:07:7e:5d:10:bb:02:02:26:16:9e:fc:bf:ea:36:1b:e6: 60:06:24:c1:c4:e3:ea:ee:34:5e:a3:5d:05:fe:1e:40:91:62: fc:54:30:da:32:43:a0:92:48:50:8f:39:83:c4:e9:3e:53:8a: 8b:4f:72:21:60:32:20:c3:de:53:07:23:fc:13:cb:52:3f:0f: dc:3b:30:23:dc:41:7c:b8:2a:f5:77:b2:16:cc:33:35:d7:f7: 19:aa:ef:2b:5e:31:1b:2b:9f:cd:7e:3c:6e:bd:d9:f1:29:5c: 07:a7:66:56:70:9c:40:ce:7e:65:11:4d:81:6d:a5:e2:d3:06: 72:89:56:fa:74:b4:3e:f6:da:8e:6d:a4:5a:11:e7:38:bc:5b: e2:fd:d5:3f:6c:6a:c1:39:b2:cd:e1:ff:91:2d:ed:35:75:4e: 47:b3:15:2f:23:08:8c:ad:b8:1a:cf:62:4f:ca:15:ef:a1:7c: 7a:30:ae:8e:40:57:86:ec:4a:37:b1:3f:6e:5e:88:2e:bb:df: 5e:2e:a6:1d:8c:8a:f1:a9:6e:e1:59:eb:fe:98:45:a2:2d:b0: 50:a1:f4:2a:82:11:63:3e:13:4b:2a:e5:be:53:79:d3:28:00: 13:94:63:c1:3a:23:af:56:82:6d:0e:18:c1:16:09:73:b8:04: fd:ba:2e:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstC34G7YOHPavCwJNW5oWSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZDFhODMwODRjYzA3YjczMWJhZjkxZGFhZjMxMzZjMmY2 Yjc1ZDMwHhcNMjUxMjE3MTYwMTI2WhcNMjUxMjE4MTYwMTI2WjAzMTEwLwYDVQQD Eyg0YWM4YjUxMmVjZGI5ZTc5YjMxZjcwNDk0NDg1NjM3OGExMGU0MDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KBd0g0TALiLDkQp8YTpWUx1Ry+V O7ateKncCbbGlQjmrhZowff4PK7hLQ2TVD522SauHnpmUoux2pqRzq97Ik159Y1S UCZBqwZ1H9MWzNQ0eMIWRg/UPGI88U4I9Rt9TdX+wVlr8+TNM2hCaUA9sOgUFP76 E9IC240cwa5pwI+Na0qOeMIqA0w9DsBkzktMYEjAui00WiCRSlUyvRMgp0IkGnKF uPalmdI1r+vpI/ni78vKnWxUXuBu0ISaubUbJB7+mPzLVXvzEvUL3+whD/37twQL nxDraP1DAPnx8f54KQIJLbKxnuIwqGVNNe2mKNlUP73JytevSFV/2MqBxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFErItRLs2555sx9wSUSFY3ihDkB/MB8GA1UdIwQY MBaAFB3RqDCEzAe3Mbr5HarzE2wva3XTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYt NDAzNjI3OGI0M2Y5LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS81ZDA5MjgtZTY4Zi00ZTE5LWIyMjYtNDAzNjI3OGI0M2Y5 LzEvSGRHb01JVE1CN2N4dXZrZHF2TVRiQzlyZGRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKcHfl0Q uwICJhae/L/qNhvmYAYkwcTj6u40XqNdBf4eQJFi/FQw2jJDoJJIUI85g8TpPlOK i09yIWAyIMPeUwcj/BPLUj8P3DswI9xBfLgq9XeyFswzNdf3GarvK14xGyufzX48 br3Z8SlcB6dmVnCcQM5+ZRFNgW2l4tMGcolW+nS0Pvbajm2kWhHnOLxb4v3VP2xq wTmyzeH/kS3tNXVOR7MVLyMIjK24Gs9iT8oV76F8ejCujkBXhuxKN7E/bl6ILrvf Xi6mHYyK8alu4Vnr/phFoi2wUKH0KoIRYz4TSyrlvlN50ygAE5RjwTojr1aCbQ4Y wRYJc7gE/bou/w== -----END CERTIFICATE-----Generated at Wed Dec 17 19:20:46 2025 by rpki-client