This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft File: q4PmT3LdWIn7E9whjGg_bi-s9bI.mft (raw, json) Hash identifier: fHVBmj9aX+W1FMB7L3eFx5mER3RE1+xMYKcrxTaFxRc= Subject key identifier: 21:EB:98:69:FC:58:11:BE:19:4B:17:83:21:FB:0F:96:DB:96:80:9A Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2 Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2 Certificate serial: 019AF08809D353E560EE7C64417FA7911412 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft Manifest number: 1768 Signing time: Fri 05 Dec 2025 22:00:38 +0000 Manifest this update: Fri 05 Dec 2025 22:00:38 +0000 Manifest next update: Sat 06 Dec 2025 22:00:38 +0000 Files and hashes: 1: XXoZOakmJlvXmGLWUcpo0gQIMX0.roa (hash: pmwXibQwTAqNCSY5Q6bAlM3gdp8aduabThZ3TyryXdc=) 2: q4PmT3LdWIn7E9whjGg_bi-s9bI.crl (hash: G+bnhcZeVtT9hbshrbOxaipyR+XsNh5f81iJKBLtw0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:09:d3:53:e5:60:ee:7c:64:41:7f:a7:91:14:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2 Validity Not Before: Dec 5 22:00:38 2025 GMT Not After : Dec 6 22:00:38 2025 GMT Subject: CN=21eb9869fc5811be194b178321fb0f96db96809a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:76:04:a4:ad:e7:68:a5:c8:f7:0d:a6:4a:49: 4c:11:93:b7:31:18:eb:18:3b:fd:a1:87:9a:54:92: 90:3b:5d:5d:c3:5d:6e:1d:14:c3:ce:47:4d:29:0a: db:48:35:e8:2c:cd:f6:2e:64:36:03:74:e6:1a:08: 45:b4:aa:0f:da:f8:62:52:53:43:68:ec:a3:11:68: 04:89:9c:19:e0:de:cb:ce:f8:02:53:13:14:fd:98: b0:60:b9:b6:17:3e:17:c1:9f:ae:7e:fb:f4:fd:b3: b6:56:ac:ba:c1:d7:d9:c3:a2:4a:b2:15:20:79:b3: ed:c3:82:d7:06:82:98:e1:59:49:15:cf:77:50:b4: 88:e2:d4:3d:24:f4:40:a8:01:e4:0b:78:d4:62:db: e0:a8:fd:80:68:d8:85:da:a8:a8:70:e9:8e:3e:ed: ed:44:c7:a0:98:d1:76:38:ac:e2:70:98:d3:66:a5: de:d9:62:9b:22:49:29:46:b6:9b:cc:ed:8e:b1:43: 66:00:27:36:8f:05:6a:0e:92:20:8c:12:2a:6f:51: 9e:8c:42:da:69:8d:10:ff:55:61:8e:9e:5e:3f:63: 38:62:16:4e:cb:e0:94:db:fd:93:e9:9d:0b:51:0e: bf:85:d6:0b:1f:9f:88:3a:a0:44:a5:a2:66:8b:66: 4b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:EB:98:69:FC:58:11:BE:19:4B:17:83:21:FB:0F:96:DB:96:80:9A X509v3 Authority Key Identifier: keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:0f:8a:52:0d:3e:24:79:83:60:8a:43:70:ba:97:93:ce:f1: d7:e6:c6:20:c1:60:5b:b2:57:0c:b4:9c:cc:6e:7b:b7:47:04: 3a:77:ed:bb:91:41:86:cd:5f:f2:af:37:8e:39:0c:53:0b:b5: 8f:f2:33:5e:c2:c1:8c:ed:64:a6:dd:1a:87:9a:c7:4b:ca:5c: ad:00:e8:cf:71:03:58:e5:05:8a:a2:3a:26:9a:7e:77:34:03: 84:6f:36:b6:2d:9e:5f:51:4c:0b:03:15:93:9b:61:ab:ae:ca: 09:4c:8d:3e:71:55:1c:f7:dd:ff:06:b6:bc:47:72:66:05:fc: 51:5d:40:ac:7f:bc:44:7c:2a:d2:15:69:81:24:9a:76:d2:4c: 8a:ab:ea:45:a3:ec:18:1c:17:2c:d5:25:86:f6:a0:7c:ed:eb: 34:70:b6:d7:36:43:01:a1:5d:fb:86:1e:dd:76:51:59:88:94: 32:6f:ac:0f:bd:d2:76:4d:8a:55:84:67:53:03:7d:cc:3b:78: 3d:e7:15:ea:2a:46:6f:b2:b8:23:7b:66:b3:1b:82:29:c9:04: 9d:7e:57:76:2b:83:e7:c2:38:af:8f:1d:27:79:d1:9b:a9:4d: 00:14:fd:cc:c8:d8:cc:1f:c8:e1:e0:9c:0e:e5:71:e7:2c:66: 18:ca:4e:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiAnTU+Vg7nxkQX+nkRQSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh Y2Y1YjIwHhcNMjUxMjA1MjIwMDM4WhcNMjUxMjA2MjIwMDM4WjAzMTEwLwYDVQQD EygyMWViOTg2OWZjNTgxMWJlMTk0YjE3ODMyMWZiMGY5NmRiOTY4MDlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHYEpK3naKXI9w2mSklMEZO3MRjr GDv9oYeaVJKQO11dw11uHRTDzkdNKQrbSDXoLM32LmQ2A3TmGghFtKoP2vhiUlND aOyjEWgEiZwZ4N7LzvgCUxMU/ZiwYLm2Fz4XwZ+ufvv0/bO2Vqy6wdfZw6JKshUg ebPtw4LXBoKY4VlJFc93ULSI4tQ9JPRAqAHkC3jUYtvgqP2AaNiF2qiocOmOPu3t RMegmNF2OKzicJjTZqXe2WKbIkkpRrabzO2OsUNmACc2jwVqDpIgjBIqb1GejELa aY0Q/1Vhjp5eP2M4YhZOy+CU2/2T6Z0LUQ6/hdYLH5+IOqBEpaJmi2ZL4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCHrmGn8WBG+GUsXgyH7D5bbloCaMB8GA1UdIwQY MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt NTQxZjQ4OTI0OTUyLzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQ+KUg0+ JHmDYIpDcLqXk87x1+bGIMFgW7JXDLSczG57t0cEOnftu5FBhs1f8q83jjkMUwu1 j/IzXsLBjO1kpt0ah5rHS8pcrQDoz3EDWOUFiqI6Jpp+dzQDhG82ti2eX1FMCwMV k5thq67KCUyNPnFVHPfd/wa2vEdyZgX8UV1ArH+8RHwq0hVpgSSadtJMiqvqRaPs GBwXLNUlhvagfO3rNHC21zZDAaFd+4Ye3XZRWYiUMm+sD73Sdk2KVYRnUwN9zDt4 PecV6ipGb7K4I3tmsxuCKckEnX5XdiuD58I4r48dJ3nRm6lNABT9zMjYzB/I4eCc DuVx5yxmGMpOnA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:08 2025 by rpki-client