This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft File: qnD7s9sihDfWBXmaxPRZjSLhPhs.mft (raw, json) Hash identifier: 4U/AA+2PtRx9D63gysFpeaPdhLrcTe0RoeSILxfqxXA= Subject key identifier: 0D:2B:17:86:F2:CD:51:D8:2C:8F:36:75:84:48:DE:36:78:79:92:6D Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B Certificate issuer: /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b Certificate serial: 019AF31C14C009470AB9FE04F35C5288B69D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 10:01:35 +0000 Manifest this update: Sat 06 Dec 2025 10:01:35 +0000 Manifest next update: Sun 07 Dec 2025 10:01:35 +0000 Files and hashes: 1: JDPCHXAUbfBXZ-JAE6cFE-tGXMI.roa (hash: bOxTgT+7J9XF4HocPumdm4M3ak6meIWnJq5cg5Hpmfs=) 2: qnD7s9sihDfWBXmaxPRZjSLhPhs.crl (hash: n52wjilnAQgPkGNuox1ks9BK4RIo/n9So8861D7d0po=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:14:c0:09:47:0a:b9:fe:04:f3:5c:52:88:b6:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b Validity Not Before: Dec 6 10:01:35 2025 GMT Not After : Dec 7 10:01:35 2025 GMT Subject: CN=0d2b1786f2cd51d82c8f36758448de367879926d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:3b:0a:18:cd:36:b8:ee:ef:b4:cc:40:c7:bb: 6b:12:2c:d7:49:e8:5c:ba:42:be:d1:e4:33:b2:78: e4:19:f6:a7:5e:24:90:e0:2e:94:a0:14:bb:d2:4f: 00:3e:73:46:9e:85:67:76:a9:d1:38:b3:ba:65:ef: bd:e3:d2:11:04:fc:e2:88:70:17:fa:43:92:ae:9b: 02:49:b7:6b:f7:96:3d:db:43:38:96:20:e6:75:27: e3:34:3e:e5:00:e3:f3:10:f8:a4:78:f8:4a:a0:14: fd:4c:78:84:21:16:d8:01:d7:16:ba:4d:53:30:38: d4:e4:a4:a9:1e:a8:a2:ec:8c:63:c1:90:55:d5:8e: 66:87:e9:e6:59:49:47:65:0a:4c:70:e3:91:4c:7d: f3:37:d7:33:69:25:56:b2:69:f9:8b:4a:61:c9:b0: b5:2d:98:3b:e6:5e:24:86:4b:7e:43:24:5b:bf:30: eb:81:9a:cd:da:a4:df:48:a7:e9:92:d4:7e:8d:a8: 7f:98:3b:f6:6c:d8:e8:e2:db:24:79:cd:cd:e1:07: e1:f6:18:d9:b0:d8:3d:44:00:6b:49:18:3d:8b:7e: 6f:09:ab:85:44:74:24:5c:87:b9:66:74:e9:dd:51: 1e:22:86:c6:46:29:97:47:df:c2:09:f6:26:97:42: 0e:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:2B:17:86:F2:CD:51:D8:2C:8F:36:75:84:48:DE:36:78:79:92:6D X509v3 Authority Key Identifier: keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:0c:cc:ed:eb:78:72:45:07:37:27:f4:ed:16:97:05:72:0b: 9a:6f:3c:48:d2:c8:54:7f:1d:3a:3a:77:fc:92:00:41:90:62: 19:27:d7:bb:a2:cb:ff:dc:f9:34:96:de:38:36:c6:08:f1:d5: 39:ad:9f:11:93:02:55:ad:62:29:fc:2a:38:6e:a7:d4:ee:79: 5e:e0:5b:20:c3:d0:a4:e4:df:e9:50:0d:8c:74:2d:32:08:10: 33:4b:84:be:04:4d:7c:67:8c:3f:04:b9:f3:07:98:cd:27:69: 57:0b:28:43:0a:c3:38:96:f5:f8:50:50:14:5f:a7:c0:78:a9: 86:6e:80:b6:e5:97:f2:b1:eb:4d:a1:4b:b3:02:cd:d0:61:c8: 1d:94:73:1e:1b:8d:4d:63:54:0a:c8:e1:fd:f5:fe:4d:63:59: e3:0b:8b:08:4a:38:74:c0:27:a1:72:2e:5c:3c:fd:c8:be:f0: 49:fe:02:14:48:d8:43:cb:50:28:8b:0d:bd:a3:5d:9c:ff:9d: 32:89:b6:73:b9:3b:c6:87:f6:d9:43:19:49:5d:7a:7f:a3:03: 18:4b:ee:30:4f:74:02:86:ca:58:66:82:63:f7:15:af:a7:9f: 98:33:dd:f4:d9:26:56:a6:e0:32:06:64:f7:ea:08:b3:59:25: 23:60:4f:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHBTACUcKuf4E81xSiLadMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNzBmYmIzZGIyMjg0MzdkNjA1Nzk5YWM0ZjQ1OThkMjJl MTNlMWIwHhcNMjUxMjA2MTAwMTM1WhcNMjUxMjA3MTAwMTM1WjAzMTEwLwYDVQQD EygwZDJiMTc4NmYyY2Q1MWQ4MmM4ZjM2NzU4NDQ4ZGUzNjc4Nzk5MjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TsKGM02uO7vtMxAx7trEizXSehc ukK+0eQzsnjkGfanXiSQ4C6UoBS70k8APnNGnoVndqnROLO6Ze+949IRBPziiHAX +kOSrpsCSbdr95Y920M4liDmdSfjND7lAOPzEPikePhKoBT9THiEIRbYAdcWuk1T MDjU5KSpHqii7IxjwZBV1Y5mh+nmWUlHZQpMcOORTH3zN9czaSVWsmn5i0phybC1 LZg75l4khkt+QyRbvzDrgZrN2qTfSKfpktR+jah/mDv2bNjo4tskec3N4Qfh9hjZ sNg9RABrSRg9i35vCauFRHQkXIe5ZnTp3VEeIobGRimXR9/CCfYml0IOqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA0rF4byzVHYLI82dYRI3jZ4eZJtMB8GA1UdIwQY MBaAFKpw+7PbIoQ31gV5msT0WY0i4T4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMt NWJhNDIzNWNlNjE5LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMtNWJhNDIzNWNlNjE5 LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFgzM7et4 ckUHNyf07RaXBXILmm88SNLIVH8dOjp3/JIAQZBiGSfXu6LL/9z5NJbeODbGCPHV Oa2fEZMCVa1iKfwqOG6n1O55XuBbIMPQpOTf6VANjHQtMggQM0uEvgRNfGeMPwS5 8weYzSdpVwsoQwrDOJb1+FBQFF+nwHiphm6AtuWX8rHrTaFLswLN0GHIHZRzHhuN TWNUCsjh/fX+TWNZ4wuLCEo4dMAnoXIuXDz9yL7wSf4CFEjYQ8tQKIsNvaNdnP+d Mom2c7k7xof22UMZSV16f6MDGEvuME90AobKWGaCY/cVr6efmDPd9NkmVqbgMgZk 9+oIs1klI2BPlw== -----END CERTIFICATE-----Generated at Sat Dec 6 19:56:10 2025 by rpki-client