This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft File: qJ3jcDei8quO2_asHfHCmZfIiMg.mft (raw, json) Hash identifier: D6j+jpmParZhOFkifR81o+NNFt9EkYwoOrqfG6yB4QU= Subject key identifier: 8E:3A:43:47:96:48:CC:1C:3F:7B:73:B3:DB:B6:45:C0:86:43:E2:0D Authority key identifier: A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8 Certificate issuer: /CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8 Certificate serial: 019AF209411F4F30E80033FB5C38F86B8D6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft Manifest number: 0465 Signing time: Sat 06 Dec 2025 05:01:23 +0000 Manifest this update: Sat 06 Dec 2025 05:01:23 +0000 Manifest next update: Sun 07 Dec 2025 05:01:23 +0000 Files and hashes: 1: qJ3jcDei8quO2_asHfHCmZfIiMg.crl (hash: vbHvss58JEFBPqdpvx1nf9cc566NtPh5qyb8Dq+V3sc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:41:1f:4f:30:e8:00:33:fb:5c:38:f8:6b:8d:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a89de37037a2f2ab8edbf6ac1df1c29997c888c8 Validity Not Before: Dec 6 05:01:23 2025 GMT Not After : Dec 7 05:01:23 2025 GMT Subject: CN=8e3a43479648cc1c3f7b73b3dbb645c08643e20d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ea:9d:ec:01:a3:26:e7:41:27:94:e1:c7:b9: 82:a2:c7:b1:81:13:16:63:ba:a9:b5:2f:bd:f0:6e: fa:39:16:bf:71:1b:2b:89:ec:80:b6:2e:49:07:c7: 77:6f:0c:f4:26:c0:75:2a:39:58:0a:29:eb:16:ec: b4:cb:37:7c:2e:b9:3b:84:0a:1f:7f:f8:0d:3e:dd: a3:1c:e5:46:fe:76:6e:0c:1f:38:39:3e:41:d4:57: cd:18:5c:ed:f1:b6:7a:7f:6d:36:ee:63:bb:63:d7: 84:65:81:fd:35:ab:8f:45:f7:e1:a5:ca:69:23:08: 05:65:af:fd:3d:d3:32:36:25:c4:cc:ba:d6:02:32: ea:84:62:9e:4a:f5:c8:72:29:78:49:16:32:ed:98: 19:ee:aa:26:18:ff:18:20:8e:18:d4:a6:35:a9:0e: 67:8d:ab:92:2c:2f:40:14:66:20:4a:8d:04:9f:2b: 5d:e2:31:40:28:ee:14:f6:bc:ea:bb:d9:ac:37:43: 14:e7:5e:8b:d6:b0:db:33:a4:30:25:04:56:0e:c4: d4:85:0c:3f:84:17:1b:b5:3c:a3:1a:a9:fd:ba:6b: e9:b8:7c:c0:1d:23:81:3e:11:e1:a0:f5:17:2c:89: ff:1e:78:3e:3c:78:3d:78:b7:dc:c5:94:ec:7c:19: 92:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:3A:43:47:96:48:CC:1C:3F:7B:73:B3:DB:B6:45:C0:86:43:E2:0D X509v3 Authority Key Identifier: keyid:A8:9D:E3:70:37:A2:F2:AB:8E:DB:F6:AC:1D:F1:C2:99:97:C8:88:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJ3jcDei8quO2_asHfHCmZfIiMg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d40407-5d13-4ed2-90dd-ffb6707c61b3/1/qJ3jcDei8quO2_asHfHCmZfIiMg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:eb:6c:a5:ea:09:c5:c2:c2:eb:e0:41:1d:2a:a5:78:13:25: e4:ca:7c:09:59:97:aa:37:2d:cb:9f:64:c3:25:8e:4d:86:42: ad:2b:b3:22:a0:a3:11:ac:8f:56:58:b0:68:fa:56:d3:29:df: e0:56:8f:4a:4b:1b:03:77:a3:d8:4e:b5:a1:ac:7b:b3:b9:78: dc:ba:3c:28:bc:2f:a2:ef:44:55:b2:a9:f6:50:78:ff:8b:81: 48:b8:37:c5:68:6f:13:8c:68:a4:16:55:56:a9:6e:eb:11:46: cc:13:aa:75:30:e7:cf:1e:48:a3:19:7b:93:b6:a8:67:58:db: 8e:80:1d:fb:32:5d:65:7b:a2:f0:1d:4f:a3:42:3a:fd:70:d5: df:c5:4e:63:c1:d8:82:11:d2:2e:4b:e2:d8:23:fe:e1:08:22: 8f:0e:10:05:46:d2:ea:ea:e5:81:ba:f9:99:1d:20:d7:a4:c0: 6b:f7:7c:46:c3:a7:1e:38:4f:0b:4f:69:bc:3b:f9:86:05:98: d6:f7:c7:bc:ce:fc:98:fb:e4:47:85:8d:75:a1:e7:85:d2:e3: c1:30:4c:b4:bc:aa:1c:38:cb:82:4b:24:a1:a9:ed:43:36:cd: fc:17:cd:3c:51:09:1f:d3:0c:97:85:6e:56:15:82:f0:cf:cb: c0:d0:0e:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCUEfTzDoADP7XDj4a41uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4OWRlMzcwMzdhMmYyYWI4ZWRiZjZhYzFkZjFjMjk5OTdj ODg4YzgwHhcNMjUxMjA2MDUwMTIzWhcNMjUxMjA3MDUwMTIzWjAzMTEwLwYDVQQD Eyg4ZTNhNDM0Nzk2NDhjYzFjM2Y3YjczYjNkYmI2NDVjMDg2NDNlMjBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+qd7AGjJudBJ5Thx7mCosexgRMW Y7qptS+98G76ORa/cRsrieyAti5JB8d3bwz0JsB1KjlYCinrFuy0yzd8Lrk7hAof f/gNPt2jHOVG/nZuDB84OT5B1FfNGFzt8bZ6f2027mO7Y9eEZYH9NauPRffhpcpp IwgFZa/9PdMyNiXEzLrWAjLqhGKeSvXIcil4SRYy7ZgZ7qomGP8YII4Y1KY1qQ5n jauSLC9AFGYgSo0Enytd4jFAKO4U9rzqu9msN0MU516L1rDbM6QwJQRWDsTUhQw/ hBcbtTyjGqn9umvpuHzAHSOBPhHhoPUXLIn/Hng+PHg9eLfcxZTsfBmSOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI46Q0eWSMwcP3tzs9u2RcCGQ+INMB8GA1UdIwQY MBaAFKid43A3ovKrjtv2rB3xwpmXyIjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQt ZmZiNjcwN2M2MWIzLzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9kNDA0MDctNWQxMy00ZWQyLTkwZGQtZmZiNjcwN2M2MWIz LzEvcUozamNEZWk4cXVPMl9hc0hmSENtWmZJaU1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOetspeoJ xcLC6+BBHSqleBMl5Mp8CVmXqjcty59kwyWOTYZCrSuzIqCjEayPVliwaPpW0ynf 4FaPSksbA3ej2E61oax7s7l43Lo8KLwvou9EVbKp9lB4/4uBSLg3xWhvE4xopBZV Vqlu6xFGzBOqdTDnzx5Ioxl7k7aoZ1jbjoAd+zJdZXui8B1Po0I6/XDV38VOY8HY ghHSLkvi2CP+4Qgijw4QBUbS6urlgbr5mR0g16TAa/d8RsOnHjhPC09pvDv5hgWY 1vfHvM78mPvkR4WNdaHnhdLjwTBMtLyqHDjLgkskoantQzbN/BfNPFEJH9MMl4Vu VhWC8M/LwNAOhQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:25:04 2025 by rpki-client