This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft File: qiIvVnO4KKeuUvmboMYqzXCXSjg.mft (raw, json) Hash identifier: iCJCYmPgUlmVzhoap3Y+TVF6SbiCebBY5zbE5PsVuyM= Subject key identifier: EE:8F:77:E1:F8:DF:DB:21:A8:98:CE:30:9B:A4:04:06:08:22:56:8D Authority key identifier: AA:22:2F:56:73:B8:28:A7:AE:52:F9:9B:A0:C6:2A:CD:70:97:4A:38 Certificate issuer: /CN=aa222f5673b828a7ae52f99ba0c62acd70974a38 Certificate serial: 019B3D59D6510F816A1231EDED1C2A51E092 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft Manifest number: 0483 Signing time: Sat 20 Dec 2025 20:00:56 +0000 Manifest this update: Sat 20 Dec 2025 20:00:56 +0000 Manifest next update: Sun 21 Dec 2025 20:00:56 +0000 Files and hashes: 1: Lh_NKL7D2mWFyhzHGugt5SgY5Oo.roa (hash: DjvsQWCGurUIzxMM5VASKrLIiSf6rVM8+QHojBeXG6I=) 2: qiIvVnO4KKeuUvmboMYqzXCXSjg.crl (hash: R+1LSf/tk59XcP0jWOaeEs+dC/qV0unAadr5kNna3Kg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.crl rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:d6:51:0f:81:6a:12:31:ed:ed:1c:2a:51:e0:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa222f5673b828a7ae52f99ba0c62acd70974a38 Validity Not Before: Dec 20 20:00:56 2025 GMT Not After : Dec 21 20:00:56 2025 GMT Subject: CN=ee8f77e1f8dfdb21a898ce309ba404060822568d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f6:b7:7a:2b:cf:98:1c:d1:6b:50:44:c7:1f: fe:27:36:63:36:ac:a8:71:07:eb:6c:8f:54:2d:1a: 9e:7c:57:5c:b1:85:7c:2e:27:9a:5c:31:d3:3e:03: df:5c:ce:d2:31:01:fa:b4:45:7b:ba:66:08:31:79: eb:de:38:28:47:ef:4c:89:9d:50:7a:59:96:2e:54: 81:4d:89:e7:b8:5d:6d:59:ef:8a:fa:4a:c7:ed:8b: c5:c6:56:a4:bc:03:b8:e5:65:c3:6e:75:a2:7d:1a: 4c:10:f0:87:31:1d:a0:83:e1:b7:00:d4:cb:fa:68: 1f:6f:1d:44:79:57:94:15:61:46:53:2e:d3:94:ed: 0e:f5:e2:94:25:ce:7c:77:37:e5:e1:0e:ea:6d:a0: 36:36:56:6f:2f:78:d7:84:aa:c8:1a:2a:ec:3f:91: ab:23:6c:c0:ea:d5:46:95:09:a3:c0:97:86:cb:55: 20:25:43:a3:f5:c3:b3:37:98:19:f7:3f:39:00:b8: b6:7c:57:b2:02:4e:4e:01:3a:4b:97:25:ea:57:56: 6f:67:3c:b4:7d:53:57:87:6e:4c:41:09:a9:1e:a1: b9:2b:d1:b7:ec:5d:a3:07:f3:45:01:0f:75:51:94: 35:41:dc:be:44:0a:d8:4d:64:65:6d:95:2c:64:b5: b2:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:8F:77:E1:F8:DF:DB:21:A8:98:CE:30:9B:A4:04:06:08:22:56:8D X509v3 Authority Key Identifier: keyid:AA:22:2F:56:73:B8:28:A7:AE:52:F9:9B:A0:C6:2A:CD:70:97:4A:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qiIvVnO4KKeuUvmboMYqzXCXSjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e54636-c998-409a-89bb-2b7b827e718c/1/qiIvVnO4KKeuUvmboMYqzXCXSjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:bc:7b:5f:33:f5:3d:19:ff:fc:0c:df:f9:35:3e:a2:4b:d6: 58:03:96:4a:ae:d4:c3:65:a8:2b:cb:7b:c6:15:fb:90:aa:bb: cd:23:75:8b:aa:08:32:b5:ae:1a:dd:d8:05:9c:b3:9c:8e:5b: 78:b6:4a:aa:b4:92:08:15:7c:77:f1:e0:c8:66:8e:a3:41:85: 02:88:7d:02:8a:72:34:8f:f7:87:38:e8:7d:b0:12:db:70:ea: 6b:ed:e1:6d:7a:b7:89:ef:0d:67:63:e4:76:40:ce:a1:d1:c8: bb:78:45:a7:4f:8f:d7:88:89:3b:23:8f:ae:f9:85:a7:dd:a7: 58:2b:f0:44:4b:dd:77:a9:8d:3e:19:55:0d:ab:c2:22:e8:07: 0c:ed:0e:0e:ff:9b:d1:5c:c1:62:9b:8b:1c:04:11:71:3d:6c: db:8d:1e:1f:b7:6c:05:f4:50:bf:9a:c7:19:1d:c6:dd:c5:8e: 7b:32:6f:d9:b3:f1:d0:78:a9:74:37:c8:30:c4:12:88:7f:66: 79:7c:78:e0:c7:2b:c9:02:16:09:5c:83:30:12:50:22:db:02: fe:33:bb:56:a1:fb:f6:58:fc:73:4d:63:ae:50:a6:37:6f:3a: 3e:7a:fa:f0:4d:43:80:84:5d:92:77:f7:79:7a:5f:41:4f:35: b0:cb:1b:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WdZRD4FqEjHt7RwqUeCSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhMjIyZjU2NzNiODI4YTdhZTUyZjk5YmEwYzYyYWNkNzA5 NzRhMzgwHhcNMjUxMjIwMjAwMDU2WhcNMjUxMjIxMjAwMDU2WjAzMTEwLwYDVQQD EyhlZThmNzdlMWY4ZGZkYjIxYTg5OGNlMzA5YmE0MDQwNjA4MjI1NjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPa3eivPmBzRa1BExx/+JzZjNqyo cQfrbI9ULRqefFdcsYV8LieaXDHTPgPfXM7SMQH6tEV7umYIMXnr3jgoR+9MiZ1Q elmWLlSBTYnnuF1tWe+K+krH7YvFxlakvAO45WXDbnWifRpMEPCHMR2gg+G3ANTL +mgfbx1EeVeUFWFGUy7TlO0O9eKUJc58dzfl4Q7qbaA2NlZvL3jXhKrIGirsP5Gr I2zA6tVGlQmjwJeGy1UgJUOj9cOzN5gZ9z85ALi2fFeyAk5OATpLlyXqV1ZvZzy0 fVNXh25MQQmpHqG5K9G37F2jB/NFAQ91UZQ1Qdy+RArYTWRlbZUsZLWyTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO6Pd+H439shqJjOMJukBAYIIlaNMB8GA1UdIwQY MBaAFKoiL1ZzuCinrlL5m6DGKs1wl0o4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTQ2MzYtYzk5OC00MDlhLTg5YmIt MmI3YjgyN2U3MThjLzEvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lNTQ2MzYtYzk5OC00MDlhLTg5YmItMmI3YjgyN2U3MThj LzEvcWlJdlZuTzRLS2V1VXZtYm9NWXF6WENYU2pnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjrx7XzP1 PRn//Azf+TU+okvWWAOWSq7Uw2WoK8t7xhX7kKq7zSN1i6oIMrWuGt3YBZyznI5b eLZKqrSSCBV8d/HgyGaOo0GFAoh9AopyNI/3hzjofbAS23Dqa+3hbXq3ie8NZ2Pk dkDOodHIu3hFp0+P14iJOyOPrvmFp92nWCvwREvdd6mNPhlVDavCIugHDO0ODv+b 0VzBYpuLHAQRcT1s240eH7dsBfRQv5rHGR3G3cWOezJv2bPx0HipdDfIMMQSiH9m eXx44McryQIWCVyDMBJQItsC/jO7VqH79lj8c01jrlCmN286Pnr68E1DgIRdknf3 eXpfQU81sMsbyA== -----END CERTIFICATE-----Generated at Sun Dec 21 02:04:22 2025 by rpki-client