This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft File: 0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json) Hash identifier: 3yB5gYVGS3iwYvwT5kgi9Edmz8dfxlXhtsYorRhJIKM= Subject key identifier: 90:35:A5:65:32:7E:69:5E:A3:48:57:A9:40:B5:8F:B1:3A:F3:83:43 Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72 Certificate issuer: /CN=d2a2462f7208b097013b5f216d63437fa401fb72 Certificate serial: 019B2B8B01298B24DD565AB75A706D7DA2C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft Manifest number: 0AF2 Signing time: Wed 17 Dec 2025 09:01:28 +0000 Manifest this update: Wed 17 Dec 2025 09:01:28 +0000 Manifest next update: Thu 18 Dec 2025 09:01:28 +0000 Files and hashes: 1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: 0G82QsEZm5e+N6F9Yj6195/+/WI5tpwO+zXIn3lMcVc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8b:01:29:8b:24:dd:56:5a:b7:5a:70:6d:7d:a2:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72 Validity Not Before: Dec 17 09:01:28 2025 GMT Not After : Dec 18 09:01:28 2025 GMT Subject: CN=9035a565327e695ea34857a940b58fb13af38343 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:e1:9a:5e:b5:40:33:2e:06:8d:1d:6b:bd:c4: fe:63:b8:7d:16:a2:cb:f8:41:e5:35:0d:20:bb:85: de:8f:1e:66:17:69:0e:63:55:24:98:84:c5:f2:f2: 31:71:88:24:00:fd:4b:b6:3a:0c:f0:e5:c4:9f:96: 80:72:94:43:b9:96:71:49:e8:a1:a3:c3:a7:fd:77: 11:00:4d:fa:bd:c6:bf:cf:ca:85:ea:17:d9:c7:4c: 3e:b8:54:eb:c8:6a:23:53:f4:ba:e5:14:60:e3:0f: ff:0c:15:c1:cd:97:25:6f:a9:b6:f9:d7:6b:75:6e: 07:90:f0:45:3d:5b:b3:91:b1:78:cb:5f:2e:6f:78: 7d:9b:10:24:bf:10:50:9c:bd:25:31:33:ff:41:5b: 77:3e:58:e1:90:5a:b6:5d:a7:12:4b:41:63:8b:43: 05:52:af:fd:90:3a:c3:38:4a:e4:7e:8b:c2:16:3c: af:7c:e8:b1:90:8d:4d:7f:9c:3e:21:88:f9:a4:55: 9f:a4:23:ee:5f:18:b8:0a:56:b0:e8:ca:9a:ea:4d: 64:34:af:71:78:10:d6:1e:1a:cb:bf:39:be:23:5f: bf:95:cd:d7:c7:83:30:3a:2d:0e:dd:2a:1e:92:81: c9:21:4a:9f:dc:ef:d5:51:d9:a3:bf:95:82:82:05: aa:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:35:A5:65:32:7E:69:5E:A3:48:57:A9:40:B5:8F:B1:3A:F3:83:43 X509v3 Authority Key Identifier: keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:35:f0:fd:80:a4:cc:27:99:c0:ba:43:73:2b:d7:d2:b1:32: 67:91:a6:47:aa:8e:67:f8:57:0f:1b:86:c0:ab:57:19:84:f5: fe:6a:39:f0:5e:78:ce:16:02:25:68:c4:5e:7f:cc:95:d3:ae: 0d:83:cd:e2:63:7d:8d:c4:36:b3:6f:16:bf:75:f0:0e:e7:63: d6:19:8b:75:b8:75:f3:a8:50:29:5a:ff:3a:4d:3c:7f:66:6f: d8:62:78:a5:8c:19:c7:90:8e:55:ea:fe:a3:8b:1a:0d:71:0f: 1d:11:f7:55:cc:4f:21:90:05:20:5d:90:5b:92:a8:13:4d:16: 0b:ca:a4:47:55:9e:57:e8:74:1e:9c:f3:b1:cd:a5:29:eb:ef: 91:b1:29:47:6a:78:00:40:f9:da:2c:10:06:5f:5d:41:af:6d: 3a:00:f3:a8:a8:9b:97:11:95:fc:b2:aa:2e:c2:6e:9d:55:85: 6f:cb:ab:b9:6f:2d:e8:c0:e0:c1:a2:0b:10:75:47:86:44:58: ab:aa:a5:95:6a:ba:77:36:40:9e:57:38:14:36:81:ff:47:c9: e1:c5:b5:81:7a:a1:fc:ad:a5:25:a6:f7:c8:10:fe:ef:cc:68: 40:7f:65:b0:b2:14:cc:5b:7e:0d:25:0a:71:5e:08:05:50:a2: e9:83:87:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsriwEpiyTdVlq3WnBtfaLCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw MWZiNzIwHhcNMjUxMjE3MDkwMTI4WhcNMjUxMjE4MDkwMTI4WjAzMTEwLwYDVQQD Eyg5MDM1YTU2NTMyN2U2OTVlYTM0ODU3YTk0MGI1OGZiMTNhZjM4MzQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleGaXrVAMy4GjR1rvcT+Y7h9FqLL +EHlNQ0gu4Xejx5mF2kOY1UkmITF8vIxcYgkAP1LtjoM8OXEn5aAcpRDuZZxSeih o8On/XcRAE36vca/z8qF6hfZx0w+uFTryGojU/S65RRg4w//DBXBzZclb6m2+ddr dW4HkPBFPVuzkbF4y18ub3h9mxAkvxBQnL0lMTP/QVt3PljhkFq2XacSS0Fji0MF Uq/9kDrDOErkfovCFjyvfOixkI1Nf5w+IYj5pFWfpCPuXxi4Claw6Mqa6k1kNK9x eBDWHhrLvzm+I1+/lc3Xx4MwOi0O3SoekoHJIUqf3O/VUdmjv5WCggWqZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJA1pWUyfmleo0hXqUC1j7E684NDMB8GA1UdIwQY MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeTXw/YCk zCeZwLpDcyvX0rEyZ5GmR6qOZ/hXDxuGwKtXGYT1/mo58F54zhYCJWjEXn/MldOu DYPN4mN9jcQ2s28Wv3XwDudj1hmLdbh186hQKVr/Ok08f2Zv2GJ4pYwZx5COVer+ o4saDXEPHRH3VcxPIZAFIF2QW5KoE00WC8qkR1WeV+h0Hpzzsc2lKevvkbEpR2p4 AED52iwQBl9dQa9tOgDzqKiblxGV/LKqLsJunVWFb8uruW8t6MDgwaILEHVHhkRY q6qllWq6dzZAnlc4FDaB/0fJ4cW1gXqh/K2lJab3yBD+78xoQH9lsLIUzFt+DSUK cV4IBVCi6YOH1Q== -----END CERTIFICATE-----Generated at Wed Dec 17 17:02:18 2025 by rpki-client