This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft File: qKI6ziwGf44hL_NZ2pbCBYtks-o.mft (raw, json) Hash identifier: +MqyXojt5rCp/l+tkZhdfGuZ9DO1m+skfudyCOtmvzM= Subject key identifier: 73:82:30:15:EB:49:FB:C1:49:FC:51:FD:01:5B:D5:1E:2F:8D:24:06 Authority key identifier: A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA Certificate issuer: /CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea Certificate serial: 019B337B54259E46B60770958798E068BDC0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft Manifest number: 07B6 Signing time: Thu 18 Dec 2025 22:01:18 +0000 Manifest this update: Thu 18 Dec 2025 22:01:18 +0000 Manifest next update: Fri 19 Dec 2025 22:01:18 +0000 Files and hashes: 1: qKI6ziwGf44hL_NZ2pbCBYtks-o.crl (hash: gH8rxbREBYQqorFbhzRMdMTrIp4qTFDqh2+UDHxDEPQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:54:25:9e:46:b6:07:70:95:87:98:e0:68:bd:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea Validity Not Before: Dec 18 22:01:18 2025 GMT Not After : Dec 19 22:01:18 2025 GMT Subject: CN=73823015eb49fbc149fc51fd015bd51e2f8d2406 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ab:c9:65:16:e9:27:67:c4:67:09:3f:9c:85: a7:7b:ec:27:bc:4d:b7:b2:fd:b6:ab:75:fd:47:7d: 97:59:3b:d1:fc:f0:7a:d8:b2:1f:05:c8:dd:fc:9d: c9:51:88:62:92:0c:4e:e3:4a:2c:9d:66:1d:47:11: 16:eb:9f:f3:43:0f:cf:05:31:98:16:65:ad:a7:34: 34:dd:0b:5b:be:45:e1:0b:42:cf:45:e6:be:e9:e6: 7e:6c:7c:06:c9:fb:c2:9c:a2:cd:ce:30:85:aa:9d: 30:11:22:84:c6:cf:a3:69:ed:14:cd:a8:7c:7c:7e: 3d:90:89:10:c7:cb:fe:89:0f:ad:97:81:55:80:84: 53:dd:91:6b:d4:86:80:ed:16:0a:1d:7f:7a:0d:ba: f1:8d:d9:69:f8:e8:06:15:ff:29:8c:73:21:05:e3: ef:33:c6:a4:7e:ec:e9:6b:83:38:0a:08:04:74:8f: f1:87:8f:df:6c:46:51:7b:c1:8c:8e:89:ee:55:d6: 4d:83:ef:7a:95:5c:3e:62:2b:3a:59:0a:be:46:cc: d5:ea:15:f2:5e:22:80:c6:fd:c3:47:8e:46:8a:56: c6:24:e7:93:e2:ab:76:72:52:ea:b0:e9:49:a7:c0: da:60:3c:0a:c7:e2:1b:e7:e8:93:16:84:d0:8b:79: 31:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:82:30:15:EB:49:FB:C1:49:FC:51:FD:01:5B:D5:1E:2F:8D:24:06 X509v3 Authority Key Identifier: keyid:A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:6c:aa:e1:b4:4e:e4:44:bb:57:57:d1:58:cc:86:34:e7:81: 70:66:ba:62:5b:99:9a:18:d7:fa:20:7e:98:b0:21:21:38:7c: 07:87:4e:e2:2a:43:b2:35:ac:94:be:09:7c:6f:0d:54:2d:fd: 5c:30:b3:da:59:ef:dd:5f:0d:f1:04:ac:a0:ff:9e:c6:7e:08: 73:c8:7b:0c:5b:3a:7d:24:90:4d:38:6b:e7:48:fa:30:73:c8: bf:b3:cb:ac:cd:dd:04:4a:ab:36:b4:bf:2a:9d:2f:e4:20:48: ed:a5:14:52:5b:38:2a:22:06:b7:a8:29:78:7d:c1:5d:5e:d6: d8:09:b5:79:4c:47:17:24:ca:e2:7e:b6:24:ce:68:f6:31:5f: 6d:69:ab:c8:c0:64:7a:15:2d:4b:c6:e8:c3:aa:ea:7d:77:f2: 03:4f:a8:ac:6f:ad:fd:50:89:17:8d:dd:f7:45:e0:49:23:31: 35:c7:da:cf:e8:fb:56:c2:64:49:90:1b:8c:97:fb:25:00:77: 8f:88:b3:ec:28:15:0e:ac:de:d0:76:da:4a:41:9f:c2:27:64: ef:66:b0:b8:12:01:c9:7f:91:9d:d2:f3:6a:75:26:10:f0:75: c9:be:6c:52:e4:33:d3:42:ff:47:a4:4b:3f:96:a6:2c:1a:9f: ff:00:0b:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsze1Qlnka2B3CVh5jgaL3AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4YTIzYWNlMmMwNjdmOGUyMTJmZjM1OWRhOTZjMjA1OGI2 NGIzZWEwHhcNMjUxMjE4MjIwMTE4WhcNMjUxMjE5MjIwMTE4WjAzMTEwLwYDVQQD Eyg3MzgyMzAxNWViNDlmYmMxNDlmYzUxZmQwMTViZDUxZTJmOGQyNDA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKvJZRbpJ2fEZwk/nIWne+wnvE23 sv22q3X9R32XWTvR/PB62LIfBcjd/J3JUYhikgxO40osnWYdRxEW65/zQw/PBTGY FmWtpzQ03QtbvkXhC0LPRea+6eZ+bHwGyfvCnKLNzjCFqp0wESKExs+jae0Uzah8 fH49kIkQx8v+iQ+tl4FVgIRT3ZFr1IaA7RYKHX96Dbrxjdlp+OgGFf8pjHMhBePv M8akfuzpa4M4CggEdI/xh4/fbEZRe8GMjonuVdZNg+96lVw+Yis6WQq+RszV6hXy XiKAxv3DR45GilbGJOeT4qt2clLqsOlJp8DaYDwKx+Ib5+iTFoTQi3kxEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHOCMBXrSfvBSfxR/QFb1R4vjSQGMB8GA1UdIwQY MBaAFKiiOs4sBn+OIS/zWdqWwgWLZLPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGIt NzUyZDVkZTBhOTBlLzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGItNzUyZDVkZTBhOTBl LzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGyq4bRO 5ES7V1fRWMyGNOeBcGa6YluZmhjX+iB+mLAhITh8B4dO4ipDsjWslL4JfG8NVC39 XDCz2lnv3V8N8QSsoP+exn4Ic8h7DFs6fSSQTThr50j6MHPIv7PLrM3dBEqrNrS/ Kp0v5CBI7aUUUls4KiIGt6gpeH3BXV7W2Am1eUxHFyTK4n62JM5o9jFfbWmryMBk ehUtS8bow6rqfXfyA0+orG+t/VCJF43d90XgSSMxNcfaz+j7VsJkSZAbjJf7JQB3 j4iz7CgVDqze0HbaSkGfwidk72awuBIByX+RndLzanUmEPB1yb5sUuQz00L/R6RL P5amLBqf/wALaQ== -----END CERTIFICATE-----Generated at Thu Dec 18 23:43:03 2025 by rpki-client