This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft File: pqBZBOyBdGoKZtIH9dNvjZeIig0.mft (raw, json) Hash identifier: iqlXeu7V825K65rBFa09bSGgxwDrY52f9E3qOX8xxV0= Subject key identifier: 10:6A:B4:74:BD:91:EB:A3:BA:0A:3F:13:78:9B:3B:4B:47:38:02:36 Authority key identifier: A6:A0:59:04:EC:81:74:6A:0A:66:D2:07:F5:D3:6F:8D:97:88:8A:0D Certificate issuer: /CN=a6a05904ec81746a0a66d207f5d36f8d97888a0d Certificate serial: 019AF31C5F2313FC5881CCA5065BFE3B2F1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft Manifest number: 08C5 Signing time: Sat 06 Dec 2025 10:01:54 +0000 Manifest this update: Sat 06 Dec 2025 10:01:54 +0000 Manifest next update: Sun 07 Dec 2025 10:01:54 +0000 Files and hashes: 1: pqBZBOyBdGoKZtIH9dNvjZeIig0.crl (hash: U+JC8j04whe1ioJ8oTvM7VNz+ChPMf7VoW95UQ3zUaI=) 2: wcWtJWZdHtQ3MB-JGGb4XgtvRZY.roa (hash: uBYBylJRjDgsdsAh3Gf2WJ38oblmNaRqlj9rvalMb+M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.crl rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:5f:23:13:fc:58:81:cc:a5:06:5b:fe:3b:2f:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6a05904ec81746a0a66d207f5d36f8d97888a0d Validity Not Before: Dec 6 10:01:54 2025 GMT Not After : Dec 7 10:01:54 2025 GMT Subject: CN=106ab474bd91eba3ba0a3f13789b3b4b47380236 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c0:d3:3d:6c:10:10:f0:f0:1f:7d:9a:b5:60: de:4e:6e:51:2e:9b:84:18:39:8c:df:d6:87:88:a9: c2:56:d2:e6:92:84:56:c0:94:8f:83:1f:8e:ad:ac: 8c:b6:01:86:fd:43:57:02:1a:ce:4d:45:e1:5e:37: 21:c4:cf:ad:61:b9:42:4f:6c:75:ad:e9:25:7e:f4: f1:d2:4e:ac:2f:31:84:95:4e:04:d7:9d:a7:ed:ab: 4d:17:d3:1f:fa:f3:85:9d:2b:27:63:cf:4a:d2:3a: 8e:56:7c:41:ca:d5:b3:c8:74:e8:63:60:37:40:cf: b2:93:40:7d:d3:90:bf:6e:23:19:ad:c9:fe:7b:90: 18:6d:dd:15:e9:1f:fe:43:44:c8:f1:c9:42:02:f1: fa:7f:a5:f4:63:0f:90:91:1e:db:2d:c0:ac:f8:52: 0b:57:a4:cb:1c:b2:a2:dc:5b:f3:b1:d2:d1:75:df: af:77:ca:cc:1e:40:53:79:cf:2a:5d:75:4e:b5:07: a8:a7:a0:69:5b:85:07:98:7d:87:0b:68:36:99:e1: 70:6e:83:cd:8b:4f:38:a3:ca:fc:c8:0e:83:f2:d6: 26:7d:44:9b:e1:bb:02:6f:3f:4e:9a:99:22:cf:d4: 24:cb:79:5f:15:b4:a7:f8:58:55:21:37:e5:62:a0: 70:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:6A:B4:74:BD:91:EB:A3:BA:0A:3F:13:78:9B:3B:4B:47:38:02:36 X509v3 Authority Key Identifier: keyid:A6:A0:59:04:EC:81:74:6A:0A:66:D2:07:F5:D3:6F:8D:97:88:8A:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqBZBOyBdGoKZtIH9dNvjZeIig0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3b51c9-b37b-4767-88d9-5df6a463035b/1/pqBZBOyBdGoKZtIH9dNvjZeIig0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:ed:ee:ce:12:64:c7:1c:fc:3c:e9:7f:3e:ab:f0:19:59:a9: 87:29:66:15:d9:f4:f6:fa:cf:5e:79:8a:32:22:e3:65:22:54: 11:ed:0d:fd:b7:2e:7d:1c:81:69:cd:52:75:2a:2b:05:81:c4: 1c:ab:13:57:30:72:b8:da:eb:6d:a5:8d:be:84:18:02:8d:48: 29:1d:50:c1:b5:63:67:49:46:4c:8d:a9:b4:57:39:5d:76:98: fd:18:f0:84:bf:25:76:ba:f9:6d:48:0f:ca:c0:3d:4b:35:c5: 77:f6:00:9c:10:af:7d:21:b6:ec:cb:3b:62:3c:23:a1:fc:ce: 62:11:41:1f:eb:34:7c:80:e0:25:43:27:0d:a1:de:e2:2c:e2: 23:29:a4:b9:30:0d:fa:d2:e0:64:82:2c:f3:a5:8a:a7:d4:ca: 32:b3:05:53:bd:8b:a6:ae:6e:2e:2f:c1:73:ee:79:b7:cc:6e: 47:35:2c:db:1b:73:da:d4:ce:af:c6:d6:55:f0:7d:6f:8b:95: 89:f4:3b:24:55:4d:dd:c6:83:13:f5:a6:a2:12:e0:13:23:04: 39:a5:5f:37:90:d6:1a:93:ec:6c:fb:b0:29:c1:e9:5b:e4:8e: 0b:4b:19:ce:aa:aa:74:45:0f:9b:0a:b1:95:ef:d7:57:43:96: 38:83:16:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHF8jE/xYgcylBlv+Oy8fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2YTA1OTA0ZWM4MTc0NmEwYTY2ZDIwN2Y1ZDM2ZjhkOTc4 ODhhMGQwHhcNMjUxMjA2MTAwMTU0WhcNMjUxMjA3MTAwMTU0WjAzMTEwLwYDVQQD EygxMDZhYjQ3NGJkOTFlYmEzYmEwYTNmMTM3ODliM2I0YjQ3MzgwMjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycDTPWwQEPDwH32atWDeTm5RLpuE GDmM39aHiKnCVtLmkoRWwJSPgx+OrayMtgGG/UNXAhrOTUXhXjchxM+tYblCT2x1 reklfvTx0k6sLzGElU4E152n7atNF9Mf+vOFnSsnY89K0jqOVnxBytWzyHToY2A3 QM+yk0B905C/biMZrcn+e5AYbd0V6R/+Q0TI8clCAvH6f6X0Yw+QkR7bLcCs+FIL V6TLHLKi3FvzsdLRdd+vd8rMHkBTec8qXXVOtQeop6BpW4UHmH2HC2g2meFwboPN i084o8r8yA6D8tYmfUSb4bsCbz9Ompkiz9Qky3lfFbSn+FhVITflYqBwCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBBqtHS9keujugo/E3ibO0tHOAI2MB8GA1UdIwQY MBaAFKagWQTsgXRqCmbSB/XTb42XiIoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYjUxYzktYjM3Yi00NzY3LTg4ZDkt NWRmNmE0NjMwMzViLzEvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8zYjUxYzktYjM3Yi00NzY3LTg4ZDktNWRmNmE0NjMwMzVi LzEvcHFCWkJPeUJkR29LWnRJSDlkTnZqWmVJaWcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAe3uzhJk xxz8POl/PqvwGVmphylmFdn09vrPXnmKMiLjZSJUEe0N/bcufRyBac1SdSorBYHE HKsTVzByuNrrbaWNvoQYAo1IKR1QwbVjZ0lGTI2ptFc5XXaY/RjwhL8ldrr5bUgP ysA9SzXFd/YAnBCvfSG27Ms7YjwjofzOYhFBH+s0fIDgJUMnDaHe4iziIymkuTAN +tLgZIIs86WKp9TKMrMFU72Lpq5uLi/Bc+55t8xuRzUs2xtz2tTOr8bWVfB9b4uV ifQ7JFVN3caDE/WmohLgEyMEOaVfN5DWGpPsbPuwKcHpW+SOC0sZzqqqdEUPmwqx le/XV0OWOIMW2g== -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:28 2025 by rpki-client