This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft File: Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json) Hash identifier: WlDb7vQD5DYcckVmAwmzMi/qoiS6iO+L0vwLL4QTASQ= Subject key identifier: 2E:4D:03:00:1B:86:0A:30:96:A3:56:E0:B6:82:E2:89:E7:02:0F:D8 Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB Certificate issuer: /CN=43de183f14a3f24f9b86d044f877298680b512bb Certificate serial: 019AF541235FE102911B2D428C806A1C92E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft Manifest number: 05CC Signing time: Sat 06 Dec 2025 20:01:18 +0000 Manifest this update: Sat 06 Dec 2025 20:01:18 +0000 Manifest next update: Sun 07 Dec 2025 20:01:18 +0000 Files and hashes: 1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: FYY0+hZsDGWhOGUe/fe4EhmMv3+pwVpUXua/8QtFjhg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 20:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:41:23:5f:e1:02:91:1b:2d:42:8c:80:6a:1c:92:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb Validity Not Before: Dec 6 20:01:18 2025 GMT Not After : Dec 7 20:01:18 2025 GMT Subject: CN=2e4d03001b860a3096a356e0b682e289e7020fd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d2:e1:ed:7b:13:1f:44:b8:d0:42:11:a2:55: 60:86:1e:fc:7c:25:d8:98:25:24:42:1b:c1:7b:4d: b3:aa:1f:d5:92:5f:a9:ef:5a:1a:02:b2:d5:d2:3e: bb:24:fe:6b:59:be:91:05:7e:8e:15:f1:64:9b:e8: 21:9e:3e:16:cb:3f:e4:ea:7d:5c:41:16:86:18:cf: b7:a0:fb:ce:f6:fc:7a:58:1b:b4:4c:06:09:6b:98: 5c:51:8b:db:9f:13:74:de:02:13:6b:b4:80:68:fb: 0a:fa:52:1b:f7:58:11:6f:23:59:80:03:61:7c:b7: 30:7f:84:e3:0b:e7:8f:ae:a9:0a:38:75:e2:0b:0b: 63:99:c1:51:e3:9c:36:51:0b:6a:df:c0:c2:1a:58: 6b:f5:cd:1d:30:32:1f:a2:cd:98:ef:ae:e3:8f:fc: 0b:6d:17:2d:ab:c6:60:d9:a0:85:a2:95:93:fd:25: f6:43:10:c4:0c:7b:be:1e:f3:17:ee:33:2a:78:eb: 02:ba:0c:07:fc:2a:9d:70:50:6b:98:f2:3b:fa:88: 65:33:8c:56:d4:e1:52:bf:ee:d3:36:64:8d:df:10: 8c:12:14:0a:2f:e4:8a:68:87:91:df:a6:1b:5f:b0: d8:fb:5a:bf:45:38:2c:78:63:0a:7f:6b:b2:52:49: 21:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:4D:03:00:1B:86:0A:30:96:A3:56:E0:B6:82:E2:89:E7:02:0F:D8 X509v3 Authority Key Identifier: keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:46:47:aa:5b:0a:0e:d4:ba:54:ec:54:1c:46:47:6d:a4:c3: de:1e:cb:05:b6:58:72:ef:72:e2:a9:f7:ab:cd:f2:64:d8:22: 61:4b:df:49:da:84:51:d2:1c:d4:81:e3:a6:b2:33:db:f7:fd: ba:aa:13:05:a6:ac:75:48:e8:07:2d:72:8b:8d:08:01:c1:65: 4d:f1:82:3e:8d:37:e9:06:73:74:0b:76:6e:ee:36:55:9b:c9: eb:c4:58:97:e2:1c:35:3e:f3:f2:68:71:95:1c:57:c9:95:d8: b0:40:fb:e7:61:fc:0e:5b:c8:28:93:78:8d:5f:0d:dd:b6:83: 70:07:b4:c5:8b:89:eb:72:39:32:82:07:6b:1a:4b:ac:3b:7a: 7c:32:2f:31:9e:f7:c9:e4:32:30:38:17:81:62:65:38:e7:b4: f1:b2:e0:b4:b3:63:22:7c:79:fc:ee:d8:00:82:72:0b:f0:c6: 7c:4f:71:00:ab:5d:97:b6:16:54:8a:d7:88:c6:d0:b8:87:8c: 44:36:c4:18:f7:12:b5:e3:08:43:09:5a:33:90:f1:22:73:14: 64:d3:3a:85:b5:74:20:db:e6:8b:a3:fc:51:68:70:e4:c3:11: e1:4f:75:c5:6c:38:2d:5f:66:a2:8b:27:8e:24:a8:4d:f5:5e: de:b3:df:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QSNf4QKRGy1CjIBqHJLoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi NTEyYmIwHhcNMjUxMjA2MjAwMTE4WhcNMjUxMjA3MjAwMTE4WjAzMTEwLwYDVQQD EygyZTRkMDMwMDFiODYwYTMwOTZhMzU2ZTBiNjgyZTI4OWU3MDIwZmQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNLh7XsTH0S40EIRolVghh78fCXY mCUkQhvBe02zqh/Vkl+p71oaArLV0j67JP5rWb6RBX6OFfFkm+ghnj4Wyz/k6n1c QRaGGM+3oPvO9vx6WBu0TAYJa5hcUYvbnxN03gITa7SAaPsK+lIb91gRbyNZgANh fLcwf4TjC+ePrqkKOHXiCwtjmcFR45w2UQtq38DCGlhr9c0dMDIfos2Y767jj/wL bRctq8Zg2aCFopWT/SX2QxDEDHu+HvMX7jMqeOsCugwH/CqdcFBrmPI7+ohlM4xW 1OFSv+7TNmSN3xCMEhQKL+SKaIeR36YbX7DY+1q/RTgseGMKf2uyUkkhoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC5NAwAbhgowlqNW4LaC4onnAg/YMB8GA1UdIwQY MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4 LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhUZHqlsK DtS6VOxUHEZHbaTD3h7LBbZYcu9y4qn3q83yZNgiYUvfSdqEUdIc1IHjprIz2/f9 uqoTBaasdUjoBy1yi40IAcFlTfGCPo036QZzdAt2bu42VZvJ68RYl+IcNT7z8mhx lRxXyZXYsED752H8DlvIKJN4jV8N3baDcAe0xYuJ63I5MoIHaxpLrDt6fDIvMZ73 yeQyMDgXgWJlOOe08bLgtLNjInx5/O7YAIJyC/DGfE9xAKtdl7YWVIrXiMbQuIeM RDbEGPcSteMIQwlaM5DxInMUZNM6hbV0INvmi6P8UWhw5MMR4U91xWw4LV9moosn jiSoTfVe3rPfFw== -----END CERTIFICATE-----Generated at Sun Dec 7 04:13:54 2025 by rpki-client