This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft File: qiIvVnO4KKeuUvmboMYqzXCXSjg.mft (raw, json) Hash identifier: /Ed7OZbs8To68SRHA4CUq6a5G22OEuWjG8mC4KgCt+s= Subject key identifier: A4:76:E9:CD:45:91:19:66:F3:15:73:A8:80:BB:36:8A:8E:59:C6:15 Authority key identifier: AA:22:2F:56:73:B8:28:A7:AE:52:F9:9B:A0:C6:2A:CD:70:97:4A:38 Certificate issuer: /CN=aa222f5673b828a7ae52f99ba0c62acd70974a38 Certificate serial: 019AF3F75186BBBDE46EE36A0650DB8BB893 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft Manifest number: 045D Signing time: Sat 06 Dec 2025 14:01:02 +0000 Manifest this update: Sat 06 Dec 2025 14:01:02 +0000 Manifest next update: Sun 07 Dec 2025 14:01:02 +0000 Files and hashes: 1: Lh_NKL7D2mWFyhzHGugt5SgY5Oo.roa (hash: DjvsQWCGurUIzxMM5VASKrLIiSf6rVM8+QHojBeXG6I=) 2: qiIvVnO4KKeuUvmboMYqzXCXSjg.crl (hash: HOMyOsy4q5ltMrFLc5WhtVT+ThGrAn3T9Mynv53nQbM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.crl rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:51:86:bb:bd:e4:6e:e3:6a:06:50:db:8b:b8:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa222f5673b828a7ae52f99ba0c62acd70974a38 Validity Not Before: Dec 6 14:01:02 2025 GMT Not After : Dec 7 14:01:02 2025 GMT Subject: CN=a476e9cd45911966f31573a880bb368a8e59c615 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3c:4d:ad:01:2c:3f:55:6e:88:7e:ee:de:64: cd:22:a9:a2:dd:0d:2b:be:b4:b3:97:e7:c0:d4:05: a0:88:c9:b4:f4:00:8a:5e:22:fd:16:e0:0b:5b:ce: 58:4e:a1:a4:b1:a7:b3:d9:4a:6a:57:5c:c5:a9:94: 64:0e:f0:4f:e9:d7:8d:b6:b2:46:c7:60:e8:e9:1b: a1:85:67:d0:e6:ef:85:36:62:92:91:ed:ce:08:73: 8e:c2:ba:f0:0a:ff:56:57:b5:6e:a6:0e:16:7c:46: c3:72:fe:8f:1b:17:ca:11:c1:56:dc:b6:1a:5e:c8: ef:e4:5b:da:96:a3:71:29:ad:9c:1e:e4:bf:f0:6e: 26:f6:d2:0e:25:1a:5d:96:0c:e4:97:73:3d:5c:ef: 8e:39:e1:72:1f:78:39:00:2b:4a:43:71:9f:31:02: f3:9e:6f:6d:5e:9a:c6:87:a3:c3:f7:85:83:e5:45: 4f:f1:16:da:7a:7a:e9:c9:cb:98:ba:63:18:77:29: ff:2a:c9:c3:25:06:46:ab:03:36:a0:ec:29:05:ea: 3a:73:66:e9:c0:88:99:cb:aa:de:7f:26:cd:02:d3: a9:d0:3c:d4:45:37:01:99:92:70:b0:63:9f:1a:49: 52:13:a0:8f:58:f6:74:fb:c4:b2:62:5e:cc:87:86: 8b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:76:E9:CD:45:91:19:66:F3:15:73:A8:80:BB:36:8A:8E:59:C6:15 X509v3 Authority Key Identifier: keyid:AA:22:2F:56:73:B8:28:A7:AE:52:F9:9B:A0:C6:2A:CD:70:97:4A:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:96:5e:6f:b4:1b:7d:ca:6d:d4:2e:a6:8d:5d:b4:b4:b0:d9: 77:4f:77:71:5c:d6:35:08:18:66:bf:74:71:37:ca:f3:25:2d: 68:47:72:e7:20:65:03:60:d3:2c:91:da:09:76:d6:51:3d:51: 8e:be:10:24:97:06:a4:c2:a2:3f:26:e7:e8:fe:a1:97:be:14: 5a:44:b0:2b:d8:95:0a:7b:38:03:4c:47:dc:73:07:9d:cb:ef: d6:60:99:aa:72:02:8c:fe:5c:e1:03:6b:90:cd:b7:f6:a6:f9: a3:fc:cd:c3:e0:8e:84:71:f8:d9:a5:4d:37:e6:84:08:56:86: 15:be:2b:23:9e:48:2f:f0:52:b9:b6:2b:68:6e:eb:7e:d9:c9: 5e:70:4b:ea:14:de:4b:6a:34:4a:1d:75:d8:eb:d6:91:3a:39: e1:d3:a4:95:8e:8a:f1:88:1e:9d:58:d9:c3:74:e9:f5:2d:97: f9:ac:46:6e:30:7c:0a:48:9e:3f:69:fc:fb:44:05:f6:22:d2: 17:44:85:1a:6a:e0:d4:e1:5d:eb:14:d6:49:26:e9:15:36:17: 44:b3:e1:21:42:cf:06:f8:ea:27:c8:ab:96:07:84:17:48:ce: ad:b6:69:2a:d1:86:81:0d:9c:7b:95:4c:29:9a:d2:de:5a:87: 97:b8:c8:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz91GGu73kbuNqBlDbi7iTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhMjIyZjU2NzNiODI4YTdhZTUyZjk5YmEwYzYyYWNkNzA5 NzRhMzgwHhcNMjUxMjA2MTQwMTAyWhcNMjUxMjA3MTQwMTAyWjAzMTEwLwYDVQQD EyhhNDc2ZTljZDQ1OTExOTY2ZjMxNTczYTg4MGJiMzY4YThlNTljNjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujxNrQEsP1VuiH7u3mTNIqmi3Q0r vrSzl+fA1AWgiMm09ACKXiL9FuALW85YTqGksaez2UpqV1zFqZRkDvBP6deNtrJG x2Do6RuhhWfQ5u+FNmKSke3OCHOOwrrwCv9WV7Vupg4WfEbDcv6PGxfKEcFW3LYa Xsjv5FvalqNxKa2cHuS/8G4m9tIOJRpdlgzkl3M9XO+OOeFyH3g5ACtKQ3GfMQLz nm9tXprGh6PD94WD5UVP8RbaenrpycuYumMYdyn/KsnDJQZGqwM2oOwpBeo6c2bp wIiZy6refybNAtOp0DzURTcBmZJwsGOfGklSE6CPWPZ0+8SyYl7Mh4aLEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKR26c1FkRlm8xVzqIC7NoqOWcYVMB8GA1UdIwQY MBaAFKoiL1ZzuCinrlL5m6DGKs1wl0o4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTQ2MzYtYzk5OC00MDlhLTg5YmIt MmI3YjgyN2U3MThjLzEvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lNTQ2MzYtYzk5OC00MDlhLTg5YmItMmI3YjgyN2U3MThj LzEvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5Zeb7Qb fcpt1C6mjV20tLDZd093cVzWNQgYZr90cTfK8yUtaEdy5yBlA2DTLJHaCXbWUT1R jr4QJJcGpMKiPybn6P6hl74UWkSwK9iVCns4A0xH3HMHncvv1mCZqnICjP5c4QNr kM239qb5o/zNw+COhHH42aVNN+aECFaGFb4rI55IL/BSubYraG7rftnJXnBL6hTe S2o0Sh112OvWkTo54dOklY6K8YgenVjZw3Tp9S2X+axGbjB8CkieP2n8+0QF9iLS F0SFGmrg1OFd6xTWSSbpFTYXRLPhIULPBvjqJ8irlgeEF0jOrbZpKtGGgQ2ce5VM KZrS3lqHl7jIDA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:26:37 2025 by rpki-client