This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft File: qsIj-xlCEV5IqXVCByktAKCC7N8.mft (raw, json) Hash identifier: i31iBqrBE5q/5Jr+CATrwfLyoSZBu5zKVuMLa2hwNVM= Subject key identifier: 00:96:A7:CE:EA:8F:E1:CA:D4:5B:83:14:95:F0:D6:A9:72:AC:F9:AF Authority key identifier: AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF Certificate issuer: /CN=aac223fb1942115e48a9754207292d00a082ecdf Certificate serial: 019AF1648A7AF459EDF4DB6B628A846857B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft Manifest number: 09B2 Signing time: Sat 06 Dec 2025 02:01:29 +0000 Manifest this update: Sat 06 Dec 2025 02:01:29 +0000 Manifest next update: Sun 07 Dec 2025 02:01:29 +0000 Files and hashes: 1: f7H4NvJn5XG9ZEVLvo3rzyryem0.roa (hash: FIvnUTIH/WyzVRn7SNngTErOpdYKzvrkMjSyoAbXEio=) 2: qsIj-xlCEV5IqXVCByktAKCC7N8.crl (hash: D5q/AW8yjDdLyliY5oDXvK9gzjxrkucLqpBW7s0Q0Dw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:8a:7a:f4:59:ed:f4:db:6b:62:8a:84:68:57:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aac223fb1942115e48a9754207292d00a082ecdf Validity Not Before: Dec 6 02:01:29 2025 GMT Not After : Dec 7 02:01:29 2025 GMT Subject: CN=0096a7ceea8fe1cad45b831495f0d6a972acf9af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:af:1a:d1:a3:d6:7c:2a:92:57:8f:f3:dd:73: 63:b9:10:62:84:82:7f:77:39:c9:86:ca:56:b7:34: cd:d6:76:57:d4:92:6c:70:29:5e:3e:ae:78:3d:30: ae:b1:29:37:f0:2c:0b:7b:50:62:62:93:ef:df:33: 83:c5:76:69:31:0d:71:34:1f:af:d4:3d:07:40:49: 6e:6d:51:2e:b8:24:4f:d1:5f:bd:85:8c:c7:e8:e4: 64:9e:3b:b2:71:3e:e0:5a:38:58:58:4e:a2:27:94: b8:95:69:c8:26:86:bb:56:02:bf:d9:3c:d1:c7:b4: 4a:4d:2b:17:05:56:9a:0f:9c:33:81:25:6c:e8:5a: ac:d1:d8:80:2c:d3:30:a1:3e:6b:dc:01:27:72:a5: 2f:7c:cd:35:e8:d7:27:93:d2:6b:38:cc:17:e1:11: b5:59:cf:65:c2:27:0f:85:8e:00:68:77:98:2b:0a: 17:6b:39:94:21:f5:22:c8:92:05:63:00:79:8b:6c: aa:f8:06:5d:76:59:c8:29:fb:39:4d:72:84:71:08: f2:0d:b5:4b:2c:26:5a:92:df:04:93:36:87:58:9d: 4c:09:9e:23:51:20:e9:e6:92:d7:b1:90:24:23:e5: 99:23:5f:fd:60:b6:b1:63:f0:b4:50:fd:9a:41:de: 90:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:96:A7:CE:EA:8F:E1:CA:D4:5B:83:14:95:F0:D6:A9:72:AC:F9:AF X509v3 Authority Key Identifier: keyid:AA:C2:23:FB:19:42:11:5E:48:A9:75:42:07:29:2D:00:A0:82:EC:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsIj-xlCEV5IqXVCByktAKCC7N8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/60eb48-279d-4afe-8d8a-1daa951c71b7/1/qsIj-xlCEV5IqXVCByktAKCC7N8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:01:ef:35:55:de:06:49:e0:01:77:ae:1f:4d:3e:be:36:0c: 2e:55:6d:01:62:c5:fb:4e:e8:4d:19:49:f6:34:b3:af:25:fe: 10:6e:ea:67:e9:f2:44:0e:b6:14:5a:41:e2:b8:01:b5:56:a0: 03:1a:3d:4f:26:58:bd:32:6f:c0:b1:d8:af:26:81:ac:3d:67: ea:b8:f9:3e:66:a2:35:3b:4b:28:18:22:35:24:c4:6e:d6:4d: ce:8f:19:0f:77:18:1b:64:7e:1b:5c:78:91:69:4f:5d:16:16: c7:a1:21:69:0f:4f:cd:99:c4:d9:62:d9:b8:02:27:78:b6:d6: 97:8f:3c:d0:c0:55:4a:07:02:02:8d:8d:54:85:e1:f8:cc:c3: f2:09:40:78:71:6f:66:a1:a1:d6:65:96:60:5f:e9:3f:a8:66: ac:c8:da:8d:f0:4f:7f:5c:c7:a2:b2:44:ca:f6:64:e6:72:f7: 2b:c7:69:c8:22:1f:d2:38:4b:7d:11:a9:90:35:f6:e6:c1:a4: 66:be:7a:0c:03:44:68:a9:bd:21:09:ec:67:8d:d8:bc:44:63: 57:bb:6d:95:bb:fe:f4:da:06:37:7b:dc:ce:a9:06:90:46:3a: 0f:49:f7:d4:4d:f9:17:43:c4:d7:c1:de:3c:6d:96:19:a0:07: 65:af:4b:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZIp69Fnt9NtrYoqEaFeyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhYzIyM2ZiMTk0MjExNWU0OGE5NzU0MjA3MjkyZDAwYTA4 MmVjZGYwHhcNMjUxMjA2MDIwMTI5WhcNMjUxMjA3MDIwMTI5WjAzMTEwLwYDVQQD EygwMDk2YTdjZWVhOGZlMWNhZDQ1YjgzMTQ5NWYwZDZhOTcyYWNmOWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv68a0aPWfCqSV4/z3XNjuRBihIJ/ dznJhspWtzTN1nZX1JJscClePq54PTCusSk38CwLe1BiYpPv3zODxXZpMQ1xNB+v 1D0HQElubVEuuCRP0V+9hYzH6ORknjuycT7gWjhYWE6iJ5S4lWnIJoa7VgK/2TzR x7RKTSsXBVaaD5wzgSVs6Fqs0diALNMwoT5r3AEncqUvfM016Ncnk9JrOMwX4RG1 Wc9lwicPhY4AaHeYKwoXazmUIfUiyJIFYwB5i2yq+AZddlnIKfs5TXKEcQjyDbVL LCZakt8EkzaHWJ1MCZ4jUSDp5pLXsZAkI+WZI1/9YLaxY/C0UP2aQd6QhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFACWp87qj+HK1FuDFJXw1qlyrPmvMB8GA1UdIwQY MBaAFKrCI/sZQhFeSKl1QgcpLQCgguzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEt MWRhYTk1MWM3MWI3LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy82MGViNDgtMjc5ZC00YWZlLThkOGEtMWRhYTk1MWM3MWI3 LzEvcXNJai14bENFVjVJcVhWQ0J5a3RBS0NDN044LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJgHvNVXe BkngAXeuH00+vjYMLlVtAWLF+07oTRlJ9jSzryX+EG7qZ+nyRA62FFpB4rgBtVag Axo9TyZYvTJvwLHYryaBrD1n6rj5PmaiNTtLKBgiNSTEbtZNzo8ZD3cYG2R+G1x4 kWlPXRYWx6EhaQ9PzZnE2WLZuAIneLbWl4880MBVSgcCAo2NVIXh+MzD8glAeHFv ZqGh1mWWYF/pP6hmrMjajfBPf1zHorJEyvZk5nL3K8dpyCIf0jhLfRGpkDX25sGk Zr56DANEaKm9IQnsZ43YvERjV7ttlbv+9NoGN3vczqkGkEY6D0n31E35F0PE18He PG2WGaAHZa9L/A== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:44 2025 by rpki-client