This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json) Hash identifier: +WUstNpVGcVkd+BvyLdiM3ag479L/Eoh2xf1/HwGTaI= Subject key identifier: DA:92:6F:F8:E3:24:00:3E:A8:5B:A4:71:5F:A2:B6:DE:EF:C0:2C:62 Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e Certificate serial: 019AF0BF1DEC92D8440203B7CE1FC348AA3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft Manifest number: 1763 Signing time: Fri 05 Dec 2025 23:00:48 +0000 Manifest this update: Fri 05 Dec 2025 23:00:48 +0000 Manifest next update: Sat 06 Dec 2025 23:00:48 +0000 Files and hashes: 1: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: Rq4C5zUeONUc5A6u7YTgqaD6X1ZdM8jvPrRWzd3Uajw=) 2: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:1d:ec:92:d8:44:02:03:b7:ce:1f:c3:48:aa:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e Validity Not Before: Dec 5 23:00:48 2025 GMT Not After : Dec 6 23:00:48 2025 GMT Subject: CN=da926ff8e324003ea85ba4715fa2b6deefc02c62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:13:25:d1:27:56:e4:ee:48:9c:8b:f9:e3:07: ff:97:be:e6:52:57:d3:cc:cb:d5:11:33:11:99:35: d1:2b:f2:a7:cd:b5:84:e7:98:ed:fe:1b:1a:45:96: 3c:c9:1c:98:52:ac:ff:72:86:75:18:bf:b6:ce:de: 0f:df:3c:50:5c:56:56:0d:09:d7:8f:d0:a4:02:e2: 8b:dc:00:df:a8:0d:2c:24:1a:53:31:3b:5b:01:23: ff:f2:7b:be:8c:a6:d2:ba:e0:fa:55:20:4f:5b:cf: 7a:9c:08:a8:43:32:51:14:20:60:82:25:c8:ac:6e: 03:36:b1:83:f2:03:eb:15:3b:9d:fd:6d:3c:3c:52: 73:90:97:16:de:33:18:99:bc:db:f3:85:be:35:38: 3f:67:37:b7:d6:64:ae:5f:9c:1f:16:71:63:56:c2: 46:5c:5e:cd:81:50:f4:3a:f5:68:9c:52:64:2c:b8: 63:75:40:65:18:9b:04:b6:02:59:05:f6:2f:fa:ba: 60:a8:2f:4c:8b:ae:1e:b3:47:f3:73:a6:2b:3c:f3: d7:84:3c:8c:17:5c:42:44:8d:52:90:b0:3b:ae:5d: 39:84:02:6f:9e:d8:f9:cf:3f:56:6c:6a:8b:f4:e6: 66:c2:3f:ab:53:09:14:0d:db:93:cc:20:f0:97:0a: 23:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:92:6F:F8:E3:24:00:3E:A8:5B:A4:71:5F:A2:B6:DE:EF:C0:2C:62 X509v3 Authority Key Identifier: keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:a0:6c:46:b2:d8:e7:32:84:20:80:ba:87:f7:6e:f0:31:fa: e7:3b:9b:1e:41:a0:00:50:81:b8:f0:fe:19:51:87:64:d2:79: 50:dd:4e:bc:63:e9:ef:2a:8e:97:d1:7a:c1:65:bf:24:01:d6: df:d1:ee:58:b3:d6:81:a0:e7:83:63:ea:5e:73:d5:ff:b4:9b: 86:e4:b7:85:02:2f:bd:e5:38:3c:c7:3f:a0:83:a6:39:0c:a2: c9:4c:9c:61:96:a4:6b:1e:26:f0:44:4d:5f:6e:12:d1:0f:19: 73:4e:cd:14:a1:83:ee:2d:ba:91:00:b4:8a:43:ac:c7:3a:a2: 91:ab:9d:af:00:ec:bd:ef:e6:78:2b:46:17:17:18:06:37:c6: ec:f0:38:d2:dc:45:3c:ea:24:3f:19:2a:12:de:53:e7:a1:67: 5d:f8:e3:07:62:06:57:0f:83:28:19:02:57:df:d3:2f:a9:5c: 0b:62:76:40:13:e9:aa:1b:56:d1:1f:f4:3b:59:76:c5:83:0d: 5e:d0:f7:66:27:b6:8d:07:6b:90:a1:67:8e:65:b2:26:75:3e: b4:ab:6c:d9:99:b7:aa:9c:a0:60:88:c0:75:89:fc:8a:c4:5f: 82:aa:17:1f:48:83:b0:10:58:28:a5:d6:5f:20:31:2f:d2:75: a3:f3:08:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvx3skthEAgO3zh/DSKo8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4 ZjRhMmUwHhcNMjUxMjA1MjMwMDQ4WhcNMjUxMjA2MjMwMDQ4WjAzMTEwLwYDVQQD EyhkYTkyNmZmOGUzMjQwMDNlYTg1YmE0NzE1ZmEyYjZkZWVmYzAyYzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRMl0SdW5O5InIv54wf/l77mUlfT zMvVETMRmTXRK/KnzbWE55jt/hsaRZY8yRyYUqz/coZ1GL+2zt4P3zxQXFZWDQnX j9CkAuKL3ADfqA0sJBpTMTtbASP/8nu+jKbSuuD6VSBPW896nAioQzJRFCBggiXI rG4DNrGD8gPrFTud/W08PFJzkJcW3jMYmbzb84W+NTg/Zze31mSuX5wfFnFjVsJG XF7NgVD0OvVonFJkLLhjdUBlGJsEtgJZBfYv+rpgqC9Mi64es0fzc6YrPPPXhDyM F1xCRI1SkLA7rl05hAJvntj5zz9WbGqL9OZmwj+rUwkUDduTzCDwlwojLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNqSb/jjJAA+qFukcV+itt7vwCxiMB8GA1UdIwQY MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkaBsRrLY 5zKEIIC6h/du8DH65zubHkGgAFCBuPD+GVGHZNJ5UN1OvGPp7yqOl9F6wWW/JAHW 39HuWLPWgaDng2PqXnPV/7SbhuS3hQIvveU4PMc/oIOmOQyiyUycYZakax4m8ERN X24S0Q8Zc07NFKGD7i26kQC0ikOsxzqikaudrwDsve/meCtGFxcYBjfG7PA40txF POokPxkqEt5T56FnXfjjB2IGVw+DKBkCV9/TL6lcC2J2QBPpqhtW0R/0O1l2xYMN XtD3Zie2jQdrkKFnjmWyJnU+tKts2Zm3qpygYIjAdYn8isRfgqoXH0iDsBBYKKXW XyAxL9J1o/MIfg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:12:56 2025 by rpki-client