This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft File: lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json) Hash identifier: syoSNqTXOnFynrfcdiypSgADJE0Yb6zyv/yZZ4301M8= Subject key identifier: 8B:E2:B7:F8:C1:2C:9D:C9:57:1E:B0:66:43:4F:54:81:8A:CF:F3:94 Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8 Certificate issuer: /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8 Certificate serial: 019AF0BF2FFA37A5BCD7A018149AD9726B27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft Manifest number: 0482 Signing time: Fri 05 Dec 2025 23:00:52 +0000 Manifest this update: Fri 05 Dec 2025 23:00:52 +0000 Manifest next update: Sat 06 Dec 2025 23:00:52 +0000 Files and hashes: 1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: FX1MWd5a+y18PTdzuNYAKQ3Rr9wzVxK+YiH4vgTOeQk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:2f:fa:37:a5:bc:d7:a0:18:14:9a:d9:72:6b:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8 Validity Not Before: Dec 5 23:00:52 2025 GMT Not After : Dec 6 23:00:52 2025 GMT Subject: CN=8be2b7f8c12c9dc9571eb066434f54818acff394 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:40:25:e9:ba:97:f4:a5:be:63:02:7d:4f:be: 1c:d2:ab:c0:49:af:04:6b:3d:2c:d1:57:c9:5e:5e: 02:9f:84:23:9c:6c:9b:ba:ea:0f:fb:04:8e:79:09: d8:43:e0:b3:39:0a:34:57:ae:5b:06:cf:99:8f:13: bd:28:5a:97:32:47:20:e2:3e:64:26:af:6c:5c:d8: 76:4a:96:77:95:ef:36:97:4d:ca:36:cd:07:3e:09: 8c:af:3c:dd:19:b2:fb:fc:c1:70:53:7c:bc:79:f3: 4b:35:19:6f:92:a9:3a:bd:29:e8:e2:fb:9f:f7:5e: 6b:47:bd:df:3a:30:66:fa:b6:e5:a1:97:29:2c:57: de:db:8b:73:64:99:60:3e:4b:63:b7:e1:7d:41:20: ea:1b:a7:1d:ff:b2:8f:e4:c3:81:7e:d1:c9:23:1f: 08:6b:b6:a5:28:36:3e:08:18:96:bf:ed:3d:2a:6a: 7d:2e:42:7a:73:c0:22:64:53:60:67:a0:67:4f:23: e1:c9:e4:a5:45:d3:10:e2:98:55:e2:fe:94:28:5f: 24:dc:44:e4:98:63:08:27:9d:10:c1:6a:ed:79:e1: b9:c1:c5:47:8c:ff:61:a7:54:52:51:c8:51:a4:9c: 22:6a:58:03:4d:b9:18:11:0e:a6:66:07:7e:26:23: a5:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:E2:B7:F8:C1:2C:9D:C9:57:1E:B0:66:43:4F:54:81:8A:CF:F3:94 X509v3 Authority Key Identifier: keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:bf:96:db:a6:f2:47:c2:ae:16:32:90:92:9d:0d:39:be:b5: 02:67:a3:70:81:c4:36:60:e5:f6:8a:fc:28:7e:3b:86:9c:05: 19:81:99:11:2c:d5:d0:d6:39:8d:ed:40:cd:ae:73:6a:73:88: 62:41:2f:bf:e2:3f:af:32:cd:3f:fd:e4:68:43:93:3f:1f:66: a1:1a:b8:e6:28:2d:6f:0e:c8:22:3c:a3:b4:98:47:f6:76:c9: 4e:00:a8:f2:45:d6:23:95:59:0e:92:32:3c:2d:b7:32:c1:b4: 28:b6:6e:7e:7a:3f:d9:bd:80:38:2d:3a:4d:79:25:68:b6:e6: 65:29:20:ae:19:83:be:28:93:c1:17:cb:ba:f9:2d:da:6d:b5: e7:79:84:ae:2b:d6:ff:88:c9:ef:22:f4:67:f8:ee:1a:c7:90: fa:33:08:3f:83:41:fd:46:f1:03:01:87:38:32:78:32:b6:71: c1:0a:35:26:c4:23:1e:0a:e5:64:f7:35:48:53:44:7d:55:22: 1c:5e:48:74:17:07:cd:f2:44:f4:20:df:75:0e:ca:be:c0:00: 11:bf:33:76:79:a8:1b:95:4a:62:d8:a6:cf:85:02:24:2e:55: e6:b4:e1:a3:95:22:d5:17:39:1a:2e:be:8e:91:48:54:9e:be: 17:dd:f4:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvy/6N6W816AYFJrZcmsnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4 YmRlYjgwHhcNMjUxMjA1MjMwMDUyWhcNMjUxMjA2MjMwMDUyWjAzMTEwLwYDVQQD Eyg4YmUyYjdmOGMxMmM5ZGM5NTcxZWIwNjY0MzRmNTQ4MThhY2ZmMzk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0Al6bqX9KW+YwJ9T74c0qvASa8E az0s0VfJXl4Cn4QjnGybuuoP+wSOeQnYQ+CzOQo0V65bBs+ZjxO9KFqXMkcg4j5k Jq9sXNh2SpZ3le82l03KNs0HPgmMrzzdGbL7/MFwU3y8efNLNRlvkqk6vSno4vuf 915rR73fOjBm+rbloZcpLFfe24tzZJlgPktjt+F9QSDqG6cd/7KP5MOBftHJIx8I a7alKDY+CBiWv+09Kmp9LkJ6c8AiZFNgZ6BnTyPhyeSlRdMQ4phV4v6UKF8k3ETk mGMIJ50QwWrteeG5wcVHjP9hp1RSUchRpJwialgDTbkYEQ6mZgd+JiOlaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIvit/jBLJ3JVx6wZkNPVIGKz/OUMB8GA1UdIwQY MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7+W26by R8KuFjKQkp0NOb61AmejcIHENmDl9or8KH47hpwFGYGZESzV0NY5je1Aza5zanOI YkEvv+I/rzLNP/3kaEOTPx9moRq45igtbw7IIjyjtJhH9nbJTgCo8kXWI5VZDpIy PC23MsG0KLZufno/2b2AOC06TXklaLbmZSkgrhmDviiTwRfLuvkt2m2153mErivW /4jJ7yL0Z/juGseQ+jMIP4NB/UbxAwGHODJ4MrZxwQo1JsQjHgrlZPc1SFNEfVUi HF5IdBcHzfJE9CDfdQ7KvsAAEb8zdnmoG5VKYtimz4UCJC5V5rTho5Ui1Rc5Gi6+ jpFIVJ6+F9305g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:06 2025 by rpki-client