This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft File: Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft (raw, json) Hash identifier: koSXSItjVpLsHSge6TIYWp2vqwVVfNhF9UOH6fg8uxE= Subject key identifier: 46:96:82:8C:ED:B4:A5:6E:5A:81:87:5E:A2:37:1C:52:C8:F4:95:3C Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7 Certificate issuer: /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7 Certificate serial: 019AF49BE971EE7B72014CB0BE22B36960F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 17:00:49 +0000 Manifest this update: Sat 06 Dec 2025 17:00:49 +0000 Manifest next update: Sun 07 Dec 2025 17:00:49 +0000 Files and hashes: 1: Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl (hash: kLGzKOUJMu5mRDOEyuLNinQNvL8+LNksamuMYBIGJQw=) 2: tBcUVtef6rZ0kSSzgGFNQ0aGmXk.roa (hash: axGcXX34atfoTeccVW4HcK4Aoj164U97BqMvxhWQBsY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:e9:71:ee:7b:72:01:4c:b0:be:22:b3:69:60:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7 Validity Not Before: Dec 6 17:00:49 2025 GMT Not After : Dec 7 17:00:49 2025 GMT Subject: CN=4696828cedb4a56e5a81875ea2371c52c8f4953c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:34:90:da:e2:63:f3:ae:38:6f:a4:0d:3a:a2: 16:48:79:6a:55:63:41:98:1a:fd:22:24:f8:19:20: 2c:d0:ab:25:7b:f4:1c:76:8d:cb:4c:18:c4:4e:a4: 45:21:bc:43:ac:bd:51:39:f7:1e:c0:61:45:6d:a3: b2:70:44:f6:07:f7:73:b4:fb:3a:fc:88:05:60:e1: 74:20:93:95:70:cf:ba:b9:c1:4c:92:d3:3d:03:78: b5:69:da:14:ae:ec:b1:f2:c8:aa:4a:d1:3c:a3:eb: 2a:98:31:79:52:56:06:a8:0b:da:98:e4:61:5b:5e: 1d:ab:d3:7b:ad:6e:4f:4a:3e:3d:d5:5d:a3:d7:eb: 08:d1:53:32:6c:fc:66:97:69:10:60:de:7c:3d:0a: a9:f2:84:e3:eb:91:99:4a:81:42:ac:f5:df:c7:10: 71:80:16:8b:88:68:35:b5:c5:50:1b:83:db:bf:87: bd:f2:16:8d:96:37:2e:61:83:11:57:b7:1c:0b:1f: af:29:d9:db:a4:75:01:34:b2:c5:a9:ec:12:c4:3f: b2:69:aa:bd:3b:33:53:94:54:9d:78:1e:4a:73:7f: 65:e3:6a:f6:73:12:58:97:47:5b:a9:3d:89:48:67: 08:fb:84:13:49:09:0c:8b:a6:3a:a8:99:c4:af:b9: fa:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:96:82:8C:ED:B4:A5:6E:5A:81:87:5E:A2:37:1C:52:C8:F4:95:3C X509v3 Authority Key Identifier: keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:90:42:a6:14:93:d6:3c:fe:fb:05:b7:0d:36:15:5f:b1:93: 8e:ef:1e:84:f7:dc:2b:3e:c6:63:75:5c:78:62:96:bc:6d:dc: c2:47:3f:79:3c:fc:76:fe:19:2d:28:b0:83:b8:78:76:56:8b: 58:f2:55:93:86:c6:45:84:c5:7f:3b:64:1e:57:bf:80:44:2e: 40:cf:92:4d:27:58:f7:78:7c:4d:be:e2:7a:61:03:09:e2:75: b9:a6:89:d9:05:c3:01:88:b7:a3:d7:d5:bc:d1:0c:0c:3e:c1: e8:ca:4c:a1:7c:ad:35:fd:45:6b:42:48:13:aa:aa:ab:58:bb: 47:e7:a9:89:5c:26:88:23:d6:30:b6:ea:65:3c:19:17:e4:0a: c9:4e:87:fb:83:ae:66:20:3f:01:9f:92:0b:3e:91:5c:ef:9f: 5e:f2:c1:16:10:85:91:ea:78:0c:8b:ee:a8:73:7a:7d:b7:ea: 8f:4a:98:cc:a0:d7:32:ba:8f:bd:9c:37:0f:2b:b2:35:7d:6a: 5c:ba:2d:bc:f9:35:ce:f4:24:76:4c:2f:b3:86:74:9f:c8:ad: d9:cc:27:8b:28:1a:23:e0:1b:09:24:09:29:2e:79:47:58:17: fd:8f:aa:fb:a3:f2:5e:87:57:ee:c4:ed:6d:87:ae:57:b3:30: a5:24:61:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m+lx7ntyAUywviKzaWDwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4 YjZjYjcwHhcNMjUxMjA2MTcwMDQ5WhcNMjUxMjA3MTcwMDQ5WjAzMTEwLwYDVQQD Eyg0Njk2ODI4Y2VkYjRhNTZlNWE4MTg3NWVhMjM3MWM1MmM4ZjQ5NTNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszSQ2uJj8644b6QNOqIWSHlqVWNB mBr9IiT4GSAs0Ksle/Qcdo3LTBjETqRFIbxDrL1ROfcewGFFbaOycET2B/dztPs6 /IgFYOF0IJOVcM+6ucFMktM9A3i1adoUruyx8siqStE8o+sqmDF5UlYGqAvamORh W14dq9N7rW5PSj491V2j1+sI0VMybPxml2kQYN58PQqp8oTj65GZSoFCrPXfxxBx gBaLiGg1tcVQG4Pbv4e98haNljcuYYMRV7ccCx+vKdnbpHUBNLLFqewSxD+yaaq9 OzNTlFSdeB5Kc39l42r2cxJYl0dbqT2JSGcI+4QTSQkMi6Y6qJnEr7n6nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEaWgozttKVuWoGHXqI3HFLI9JU8MB8GA1UdIwQY MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt NTM5YjMyOWY5OTVjLzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpBCphST 1jz++wW3DTYVX7GTju8ehPfcKz7GY3VceGKWvG3cwkc/eTz8dv4ZLSiwg7h4dlaL WPJVk4bGRYTFfztkHle/gEQuQM+STSdY93h8Tb7iemEDCeJ1uaaJ2QXDAYi3o9fV vNEMDD7B6MpMoXytNf1Fa0JIE6qqq1i7R+epiVwmiCPWMLbqZTwZF+QKyU6H+4Ou ZiA/AZ+SCz6RXO+fXvLBFhCFkep4DIvuqHN6fbfqj0qYzKDXMrqPvZw3DyuyNX1q XLotvPk1zvQkdkwvs4Z0n8it2cwniygaI+AbCSQJKS55R1gX/Y+q+6PyXodX7sTt bYeuV7MwpSRhgQ== -----END CERTIFICATE-----Generated at Sun Dec 7 02:41:09 2025 by rpki-client