This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft File: q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json) Hash identifier: zRN7RAFFe7X6VmRDgApPcuIfn/K8DqgX3tcLdK6Ka78= Subject key identifier: A0:18:DE:FF:8F:86:1F:83:7E:C7:6B:74:75:7B:10:5D:87:6E:59:7F Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D Certificate issuer: /CN=abb94449d4d2462771773bc08a624507da512b0d Certificate serial: 019AF208E5A55B58125C140C9F2EC541179D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft Manifest number: 0846 Signing time: Sat 06 Dec 2025 05:01:00 +0000 Manifest this update: Sat 06 Dec 2025 05:01:00 +0000 Manifest next update: Sun 07 Dec 2025 05:01:00 +0000 Files and hashes: 1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: gHBgWdRcqhq2BTY2Pf2m/ewIurpyCGEqau2TifHya8U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:e5:a5:5b:58:12:5c:14:0c:9f:2e:c5:41:17:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d Validity Not Before: Dec 6 05:01:00 2025 GMT Not After : Dec 7 05:01:00 2025 GMT Subject: CN=a018deff8f861f837ec76b74757b105d876e597f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0d:e9:5a:fe:3f:a3:1f:b2:46:97:20:a9:59: 20:f1:1a:bc:3a:b2:fc:19:1f:6a:76:9c:ed:aa:1a: 88:01:68:0b:ce:f8:60:69:0e:4e:ce:a9:1e:fd:8a: 63:59:86:0e:7a:fe:74:ec:a2:40:1e:4c:cd:75:ab: db:ce:80:01:38:62:ab:3b:cc:be:71:f2:46:4b:d0: 09:4f:52:87:1c:3d:d4:0a:43:13:18:e0:20:56:56: 73:6a:5a:99:a6:d5:7c:04:29:e6:35:73:99:d1:c6: 8b:21:bf:a0:b6:07:b6:38:78:db:c5:7e:57:88:74: 38:52:10:e1:af:d0:65:f1:c5:35:79:87:84:17:08: 6d:9f:3f:b2:3c:3a:bb:7e:71:bc:ec:f8:3f:90:45: aa:df:0a:90:56:e9:fa:ae:e6:38:27:b2:ca:5b:bc: 74:a3:be:67:eb:df:cf:2c:c9:d8:7f:1d:21:52:b1: f9:81:81:3f:85:ec:23:56:8d:91:82:22:ac:ac:ba: e5:fe:88:c8:f6:12:79:04:8d:72:f6:9f:aa:ad:66: a3:2f:d3:fa:da:0b:39:69:60:ef:03:97:7c:e6:d6: 4f:d5:05:2c:38:5e:95:14:93:15:ce:33:07:02:25: 1a:24:16:f2:31:b8:6e:dd:9e:59:30:57:4f:c3:24: 78:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:18:DE:FF:8F:86:1F:83:7E:C7:6B:74:75:7B:10:5D:87:6E:59:7F X509v3 Authority Key Identifier: keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:b8:84:bf:13:a8:11:1f:a0:19:23:6f:90:87:ba:7a:79:03: 7b:8c:a9:6e:ed:e4:6a:6b:56:29:4b:c5:9c:f8:59:b2:f2:6e: f4:c3:bb:7c:d7:be:9c:02:e3:1f:f4:95:66:27:00:35:dd:32: e0:7f:29:8a:8c:7a:24:ae:0c:06:4d:0b:79:8c:b7:28:00:af: 0f:6a:bf:15:d4:91:ea:dd:e6:78:c6:25:52:32:bb:a6:27:69: 04:2f:91:70:f2:aa:3e:73:3c:25:f9:73:a3:e7:16:98:98:b2: e6:50:86:1b:26:f4:d9:7e:98:e1:d3:cd:0a:ce:41:11:ff:06: e4:21:de:3e:32:97:cf:df:ea:7c:55:86:5f:24:69:88:a1:14: 9a:31:82:45:23:ab:87:bc:cd:0c:63:56:c3:ad:37:6f:12:74: 09:96:31:1a:a1:8c:be:48:e2:e3:7f:64:5f:65:ee:a9:93:3f: 2c:bb:6f:47:de:86:18:27:52:d9:31:a3:a5:a1:1c:26:e0:e6: 7e:4c:74:96:72:49:1c:f8:f7:98:6f:5e:d9:1f:fe:a5:40:4b: 80:1a:54:ca:a2:ff:93:53:3a:6b:da:1a:8c:00:f2:45:1d:0c: 83:2d:3d:77:b9:0d:c8:cf:50:ab:16:5f:44:fc:57:70:13:45: 6c:f9:18:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCOWlW1gSXBQMny7FQRedMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1 MTJiMGQwHhcNMjUxMjA2MDUwMTAwWhcNMjUxMjA3MDUwMTAwWjAzMTEwLwYDVQQD EyhhMDE4ZGVmZjhmODYxZjgzN2VjNzZiNzQ3NTdiMTA1ZDg3NmU1OTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ3pWv4/ox+yRpcgqVkg8Rq8OrL8 GR9qdpztqhqIAWgLzvhgaQ5Ozqke/YpjWYYOev507KJAHkzNdavbzoABOGKrO8y+ cfJGS9AJT1KHHD3UCkMTGOAgVlZzalqZptV8BCnmNXOZ0caLIb+gtge2OHjbxX5X iHQ4UhDhr9Bl8cU1eYeEFwhtnz+yPDq7fnG87Pg/kEWq3wqQVun6ruY4J7LKW7x0 o75n69/PLMnYfx0hUrH5gYE/hewjVo2RgiKsrLrl/ojI9hJ5BI1y9p+qrWajL9P6 2gs5aWDvA5d85tZP1QUsOF6VFJMVzjMHAiUaJBbyMbhu3Z5ZMFdPwyR4OwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKAY3v+Phh+DfsdrdHV7EF2Hbll/MB8GA1UdIwQY MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLiEvxOo ER+gGSNvkIe6enkDe4ypbu3kamtWKUvFnPhZsvJu9MO7fNe+nALjH/SVZicANd0y 4H8piox6JK4MBk0LeYy3KACvD2q/FdSR6t3meMYlUjK7pidpBC+RcPKqPnM8Jflz o+cWmJiy5lCGGyb02X6Y4dPNCs5BEf8G5CHePjKXz9/qfFWGXyRpiKEUmjGCRSOr h7zNDGNWw603bxJ0CZYxGqGMvkji439kX2XuqZM/LLtvR96GGCdS2TGjpaEcJuDm fkx0lnJJHPj3mG9e2R/+pUBLgBpUyqL/k1M6a9oajADyRR0Mgy09d7kNyM9QqxZf RPxXcBNFbPkYdQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:36:15 2025 by rpki-client