This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft File: qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json) Hash identifier: ze/YUM0MX1sh3Hw2sOhAPAWD/wt8JeaPjDwN0Mn4uVM= Subject key identifier: D5:54:79:63:E9:84:1F:6C:D3:B1:90:7A:F8:F2:48:93:49:BF:D0:09 Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8 Certificate issuer: /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8 Certificate serial: 019B2BF85BA6E278CCC61D5501711AA509EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft Manifest number: 0483 Signing time: Wed 17 Dec 2025 11:00:55 +0000 Manifest this update: Wed 17 Dec 2025 11:00:55 +0000 Manifest next update: Thu 18 Dec 2025 11:00:55 +0000 Files and hashes: 1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: Z3ssVUAgKgdmhmWw9Q4x2In9uby4w/60v4moJoAi9q8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 11:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:5b:a6:e2:78:cc:c6:1d:55:01:71:1a:a5:09:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8 Validity Not Before: Dec 17 11:00:55 2025 GMT Not After : Dec 18 11:00:55 2025 GMT Subject: CN=d5547963e9841f6cd3b1907af8f2489349bfd009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2a:b1:47:9a:17:18:d4:a2:38:f2:75:9e:86: 35:89:fa:2c:be:6a:3a:0b:6e:db:9a:40:50:ff:9b: fe:aa:c8:52:f6:85:98:2d:2a:cf:f4:a8:f8:89:94: 74:f9:0c:ea:ea:0a:ab:63:db:43:c8:d6:d9:a4:12: a5:c4:1b:eb:b6:ed:ef:cc:31:5c:c6:0d:5d:dc:67: 7f:82:13:60:b7:70:0f:b0:c5:f0:f8:07:e1:93:10: 1f:d6:67:4f:c5:bb:b6:63:4f:28:0e:78:84:a1:65: 4d:ac:85:70:7d:3a:64:0f:b1:1f:ae:f8:14:e4:2a: 94:8b:42:c8:f8:8d:78:e0:4d:aa:71:24:e9:15:00: fc:dc:08:63:42:c1:d9:44:75:6f:55:2e:51:7f:c5: 5e:ab:6a:b4:6a:fe:dd:31:de:5f:12:3d:f7:6a:c4: 85:49:40:49:12:7c:f8:fb:5a:05:a1:e8:14:81:71: 55:28:89:af:cd:e0:33:d8:52:a9:7c:b7:03:e1:ff: c8:d2:3c:ab:36:9d:8d:2a:12:b2:4b:c1:dc:d8:0a: 1d:db:03:8f:da:70:56:50:ae:26:91:35:00:15:3a: d5:38:09:c8:57:96:00:bf:32:f7:93:71:9e:59:ac: ad:9e:70:4c:96:1e:59:3d:80:a5:d2:ad:df:f2:32: c5:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:54:79:63:E9:84:1F:6C:D3:B1:90:7A:F8:F2:48:93:49:BF:D0:09 X509v3 Authority Key Identifier: keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:0e:f9:d8:83:6a:6d:c6:f7:52:d9:05:1f:a7:69:07:97:5e: 65:f5:0c:b9:69:bf:7e:93:df:85:ae:93:f0:d5:c6:18:29:bf: 2f:c0:4f:d4:49:b8:2f:96:ac:2e:47:1b:c9:a1:41:9d:1b:fb: aa:a9:58:29:e4:f9:fb:98:57:d8:ba:0e:4a:3d:2b:18:33:fa: 4c:99:7b:06:22:f2:c4:7b:e3:6c:7b:90:b7:70:c9:01:4e:38: 75:06:a5:7d:e0:fb:8c:41:da:83:45:22:cd:73:7f:d6:f5:8a: 88:d7:f4:be:ba:3a:56:c9:15:c8:4c:ff:d4:1d:3d:f1:de:44: b7:b7:a9:78:ed:73:50:64:db:cf:8f:76:1d:1d:2c:ef:be:8f: a4:91:5f:80:b7:0b:25:88:a0:dc:55:45:23:0b:71:81:49:77: 20:eb:51:a0:78:b6:5f:ef:48:fb:87:1e:93:91:da:f9:5a:cf: 84:3e:4f:2e:6b:b1:d7:0f:7d:27:f8:d7:4b:37:01:7a:05:be: cd:f8:2e:d8:a9:d1:6e:e1:94:c1:ed:db:3f:1e:25:4f:e5:2a: 63:c1:0a:71:d1:67:c1:fa:3f:26:78:cd:fb:02:2f:32:22:f6: c6:9a:7a:a9:a5:9c:fa:1c:0b:07:14:3f:de:d9:e4:65:5d:71: e8:ae:9b:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+Fum4njMxh1VAXEapQnuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj ODg4YzgwHhcNMjUxMjE3MTEwMDU1WhcNMjUxMjE4MTEwMDU1WjAzMTEwLwYDVQQD EyhkNTU0Nzk2M2U5ODQxZjZjZDNiMTkwN2FmOGYyNDg5MzQ5YmZkMDA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiqxR5oXGNSiOPJ1noY1ifosvmo6 C27bmkBQ/5v+qshS9oWYLSrP9Kj4iZR0+Qzq6gqrY9tDyNbZpBKlxBvrtu3vzDFc xg1d3Gd/ghNgt3APsMXw+AfhkxAf1mdPxbu2Y08oDniEoWVNrIVwfTpkD7EfrvgU 5CqUi0LI+I144E2qcSTpFQD83AhjQsHZRHVvVS5Rf8Veq2q0av7dMd5fEj33asSF SUBJEnz4+1oFoegUgXFVKImvzeAz2FKpfLcD4f/I0jyrNp2NKhKyS8Hc2Aod2wOP 2nBWUK4mkTUAFTrVOAnIV5YAvzL3k3GeWaytnnBMlh5ZPYCl0q3f8jLFvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNVUeWPphB9s07GQevjySJNJv9AJMB8GA1UdIwQY MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiA752INq bcb3UtkFH6dpB5deZfUMuWm/fpPfha6T8NXGGCm/L8BP1Em4L5asLkcbyaFBnRv7 qqlYKeT5+5hX2LoOSj0rGDP6TJl7BiLyxHvjbHuQt3DJAU44dQalfeD7jEHag0Ui zXN/1vWKiNf0vro6VskVyEz/1B098d5Et7epeO1zUGTbz492HR0s776PpJFfgLcL JYig3FVFIwtxgUl3IOtRoHi2X+9I+4cek5Ha+VrPhD5PLmux1w99J/jXSzcBegW+ zfgu2KnRbuGUwe3bPx4lT+UqY8EKcdFnwfo/JnjN+wIvMiL2xpp6qaWc+hwLBxQ/ 3tnkZV1x6K6bfg== -----END CERTIFICATE-----Generated at Wed Dec 17 21:07:08 2025 by rpki-client