This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft File: qKI6ziwGf44hL_NZ2pbCBYtks-o.mft (raw, json) Hash identifier: wDATbPgan+gNovaS2L4tl2ICcCLZ0443dX/zgH68sRI= Subject key identifier: 7C:EC:9D:58:67:06:E2:71:BB:1F:15:87:E6:C2:04:1E:4B:CA:D6:BD Authority key identifier: A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA Certificate issuer: /CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea Certificate serial: 019AF1D2019FCAA21631C0946C74FF83A701 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft Manifest number: 0794 Signing time: Sat 06 Dec 2025 04:01:03 +0000 Manifest this update: Sat 06 Dec 2025 04:01:03 +0000 Manifest next update: Sun 07 Dec 2025 04:01:03 +0000 Files and hashes: 1: qKI6ziwGf44hL_NZ2pbCBYtks-o.crl (hash: cXilSIQCjHcBrajF3wFLVwnW+Knr01+baLGkiN3LnFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:01:9f:ca:a2:16:31:c0:94:6c:74:ff:83:a7:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8a23ace2c067f8e212ff359da96c2058b64b3ea Validity Not Before: Dec 6 04:01:03 2025 GMT Not After : Dec 7 04:01:03 2025 GMT Subject: CN=7cec9d586706e271bb1f1587e6c2041e4bcad6bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:11:33:6e:c3:2f:05:18:4b:42:bd:5b:e5:b9: 5b:1e:12:e2:ac:b8:c8:a8:8c:29:2c:bf:dd:c4:75: 2f:3c:d4:17:b4:91:7c:5a:a0:41:fb:ce:5f:ad:37: 99:2a:f6:2b:c4:b4:23:8c:93:64:a5:8c:c0:2b:aa: 88:5d:5d:b9:c8:67:8b:65:e1:5f:12:0d:8e:db:04: 71:cd:2a:00:f0:12:65:8a:38:d7:88:e9:90:97:fc: 23:ac:70:07:55:21:35:2c:3d:89:f0:e2:af:82:49: 52:fb:00:5c:15:e1:f2:02:bf:61:57:ee:40:f3:88: 00:1f:c3:b8:1f:7f:0c:73:a3:38:2e:83:db:ce:cf: 69:3e:8f:c9:a3:13:75:b7:11:57:79:75:72:72:3b: c7:2c:68:f0:64:ef:c3:8b:45:22:63:bd:6d:74:96: 22:53:73:15:f9:e2:1b:58:62:1d:de:5b:e2:c3:39: cf:59:6c:a9:fb:95:62:08:07:d4:13:dc:ac:28:7b: b7:3c:47:ce:e3:09:1e:c8:49:34:fe:b3:78:be:52: 78:d8:fa:98:b8:ad:a5:f3:50:ec:fd:45:0f:61:e5: dc:64:3e:74:3d:8d:c7:72:c6:b8:eb:ba:fa:fe:a6: e5:3c:bd:b5:8d:66:d1:4c:c4:f0:26:4d:d5:77:f8: 33:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:EC:9D:58:67:06:E2:71:BB:1F:15:87:E6:C2:04:1E:4B:CA:D6:BD X509v3 Authority Key Identifier: keyid:A8:A2:3A:CE:2C:06:7F:8E:21:2F:F3:59:DA:96:C2:05:8B:64:B3:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qKI6ziwGf44hL_NZ2pbCBYtks-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1e0bb6-e456-4a8d-b60b-752d5de0a90e/1/qKI6ziwGf44hL_NZ2pbCBYtks-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:28:34:03:4a:14:a0:83:e2:3a:63:e9:02:43:81:1a:c1:df: f4:e8:2a:61:b9:b2:8c:32:c4:83:d1:68:c7:8b:6c:9b:3f:19: 1e:b4:19:cb:79:67:ee:e0:e1:25:9c:82:4c:15:f3:25:4f:ef: 9b:22:bb:31:e1:cf:14:55:e0:88:d0:1f:fe:24:87:40:95:38: 8d:99:d0:f1:cc:4c:64:90:41:f5:ef:5c:a1:40:21:2a:88:f2: 76:31:2c:f5:7b:ba:75:1a:eb:34:44:26:a8:1a:0a:e1:7e:69: 1b:3d:a4:2f:77:8e:c9:d1:9b:a8:56:a9:ec:b8:66:d1:07:b3: 3c:ae:d0:51:c1:d3:f8:46:be:4c:9f:fa:fd:42:6d:af:05:ab: 55:e1:b2:41:b7:ee:54:f1:29:09:9b:ab:a9:35:2c:73:e5:1c: bc:9f:a5:79:99:f0:0e:a6:3b:15:20:37:a9:3c:f0:6d:9c:bf: 08:48:42:3f:e0:ec:a3:1a:38:b1:b5:89:ae:14:1e:48:76:fb: 22:35:10:11:6b:f0:f9:f3:77:3a:b0:e1:2f:86:aa:30:59:d3: 52:f7:7d:0d:35:da:63:c3:8b:a8:15:cc:21:92:c0:f4:53:b1: e9:14:25:b3:de:46:ba:2e:16:f7:53:73:f5:b4:9c:8d:8c:54: c3:00:2b:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0gGfyqIWMcCUbHT/g6cBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4YTIzYWNlMmMwNjdmOGUyMTJmZjM1OWRhOTZjMjA1OGI2 NGIzZWEwHhcNMjUxMjA2MDQwMTAzWhcNMjUxMjA3MDQwMTAzWjAzMTEwLwYDVQQD Eyg3Y2VjOWQ1ODY3MDZlMjcxYmIxZjE1ODdlNmMyMDQxZTRiY2FkNmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvREzbsMvBRhLQr1b5blbHhLirLjI qIwpLL/dxHUvPNQXtJF8WqBB+85frTeZKvYrxLQjjJNkpYzAK6qIXV25yGeLZeFf Eg2O2wRxzSoA8BJlijjXiOmQl/wjrHAHVSE1LD2J8OKvgklS+wBcFeHyAr9hV+5A 84gAH8O4H38Mc6M4LoPbzs9pPo/JoxN1txFXeXVycjvHLGjwZO/Di0UiY71tdJYi U3MV+eIbWGId3lviwznPWWyp+5ViCAfUE9ysKHu3PEfO4wkeyEk0/rN4vlJ42PqY uK2l81Ds/UUPYeXcZD50PY3Hcsa467r6/qblPL21jWbRTMTwJk3Vd/gzPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzsnVhnBuJxux8Vh+bCBB5Lyta9MB8GA1UdIwQY MBaAFKiiOs4sBn+OIS/zWdqWwgWLZLPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGIt NzUyZDVkZTBhOTBlLzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC8xZTBiYjYtZTQ1Ni00YThkLWI2MGItNzUyZDVkZTBhOTBl LzEvcUtJNnppd0dmNDRoTF9OWjJwYkNCWXRrcy1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACig0A0oU oIPiOmPpAkOBGsHf9OgqYbmyjDLEg9Fox4tsmz8ZHrQZy3ln7uDhJZyCTBXzJU/v myK7MeHPFFXgiNAf/iSHQJU4jZnQ8cxMZJBB9e9coUAhKojydjEs9Xu6dRrrNEQm qBoK4X5pGz2kL3eOydGbqFap7Lhm0QezPK7QUcHT+Ea+TJ/6/UJtrwWrVeGyQbfu VPEpCZurqTUsc+UcvJ+leZnwDqY7FSA3qTzwbZy/CEhCP+Dsoxo4sbWJrhQeSHb7 IjUQEWvw+fN3OrDhL4aqMFnTUvd9DTXaY8OLqBXMIZLA9FOx6RQls95Gui4W91Nz 9bScjYxUwwArtw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:11:12 2025 by rpki-client