This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.mft File: _Q7wQPukW857BxY0lc316FB3kZ0.mft (raw, json) Hash identifier: H2QXuYtNdS80klZTsCkHON0bHwofCJlrkdrjLc9jETk= Subject key identifier: 43:8E:BA:A9:B9:93:42:C6:73:22:A9:CD:A3:49:27:60:45:3B:C9:ED Authority key identifier: FD:0E:F0:40:FB:A4:5B:CE:7B:07:16:34:95:CD:F5:E8:50:77:91:9D Certificate issuer: /CN=fd0ef040fba45bce7b07163495cdf5e85077919d Certificate serial: 019AF2AD3CC0A1B4FEB033856E73C7914AEE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.mft Manifest number: 0DF8 Signing time: Sat 06 Dec 2025 08:00:30 +0000 Manifest this update: Sat 06 Dec 2025 08:00:30 +0000 Manifest next update: Sun 07 Dec 2025 08:00:30 +0000 Files and hashes: 1: BrNhX11GN3gzWV-434wlzWriATQ.roa (hash: e/gkiYTr4M+ZdV4GBEAw4FBFr5Cgb0NfH0gUAD5dMJY=) 2: _Q7wQPukW857BxY0lc316FB3kZ0.crl (hash: 4cl/QtvyrJXe7FQB7CxYonFvpIU5BdKbUdM6ii2hKLg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.mft rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:3c:c0:a1:b4:fe:b0:33:85:6e:73:c7:91:4a:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fd0ef040fba45bce7b07163495cdf5e85077919d Validity Not Before: Dec 6 08:00:30 2025 GMT Not After : Dec 7 08:00:30 2025 GMT Subject: CN=438ebaa9b99342c67322a9cda3492760453bc9ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:70:37:45:37:a8:ea:e0:e8:88:91:85:41:3f: e6:2b:7c:f3:f5:9f:c5:7a:51:2a:9b:d5:b4:80:2b: f5:56:a1:d6:58:c9:90:95:e5:63:e3:8a:28:09:f3: f5:52:fe:f4:b1:59:24:9a:e4:1b:1c:49:42:eb:58: 6f:9b:2d:8d:20:b7:c0:bf:18:43:e8:ed:31:9f:0e: 12:ff:a6:fd:ce:4c:08:da:17:85:6b:c0:0f:0e:90: e3:19:37:c4:87:4c:e8:9a:74:a9:17:0a:ff:b8:35: b6:a7:6b:5e:29:4e:dd:3a:4d:b0:d5:24:53:ea:8c: 1a:d2:ae:ef:17:8e:cb:62:22:87:1d:ed:83:84:58: 3e:ee:c3:f8:fa:d5:c4:ce:a9:b6:99:b8:d0:b9:20: 08:95:99:5f:4f:1f:a6:54:33:3f:38:1d:a1:dc:71: 83:7d:b3:36:83:58:7b:59:33:64:0b:9d:63:bd:a2: e7:a7:9b:74:65:3b:58:b7:d0:bf:6d:44:5b:84:32: 6a:ea:b7:58:b4:76:d4:da:82:74:26:87:ac:a7:87: 62:ca:b8:56:17:08:1d:61:a3:c5:1e:06:dc:fc:9d: 87:1b:08:97:3e:aa:e1:1c:01:6e:1e:b9:6c:d3:55: ae:eb:63:ad:12:4e:b9:8c:9d:ce:67:67:ae:65:62: f1:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:8E:BA:A9:B9:93:42:C6:73:22:A9:CD:A3:49:27:60:45:3B:C9:ED X509v3 Authority Key Identifier: keyid:FD:0E:F0:40:FB:A4:5B:CE:7B:07:16:34:95:CD:F5:E8:50:77:91:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Q7wQPukW857BxY0lc316FB3kZ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d77168-133f-4553-b19d-56c94f326dc2/1/_Q7wQPukW857BxY0lc316FB3kZ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:23:7d:80:8e:34:ef:85:50:66:b6:ec:19:9c:24:10:b2:ab: c4:4f:0a:71:50:b8:b2:93:f8:5b:df:00:ea:ad:88:17:e0:d2: f4:cf:04:a5:e6:c8:f8:58:e8:ec:ca:21:e7:a9:a0:08:26:0b: 44:0e:a5:d3:9a:7e:ce:35:61:28:b1:af:68:bf:59:d7:d6:0a: 55:ee:4b:b6:91:32:e6:27:3c:a5:98:68:08:87:26:e8:ac:b6: 35:a0:1b:a7:da:4a:4e:8e:e8:7b:56:a0:cf:e2:e4:a8:ab:17: de:b5:14:0c:bf:e1:bc:66:aa:a0:12:ec:b1:c3:9a:de:09:32: 05:94:97:70:9f:5f:9c:f6:bb:5a:32:41:85:03:a8:de:0e:13: de:f6:2a:66:88:09:be:76:e8:a1:50:95:c3:8d:de:f3:cf:23: e8:60:11:ac:3f:8b:e9:92:9b:ba:c9:d5:88:4f:41:ab:e6:6a: a6:1c:2e:36:19:40:fd:d8:67:f0:c8:f9:7b:99:e9:23:ba:57: 3b:30:23:c7:8b:64:34:2a:84:c2:fc:32:e6:4b:6a:c8:dc:47: 5a:1a:0d:c2:af:d5:37:62:8e:0c:ea:44:6b:a1:34:6c:fe:c6: e6:5c:fb:49:7c:3f:7d:5e:85:1f:06:b7:f9:54:08:41:77:07: f1:c5:9e:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrTzAobT+sDOFbnPHkUruMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkMGVmMDQwZmJhNDViY2U3YjA3MTYzNDk1Y2RmNWU4NTA3 NzkxOWQwHhcNMjUxMjA2MDgwMDMwWhcNMjUxMjA3MDgwMDMwWjAzMTEwLwYDVQQD Eyg0MzhlYmFhOWI5OTM0MmM2NzMyMmE5Y2RhMzQ5Mjc2MDQ1M2JjOWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXA3RTeo6uDoiJGFQT/mK3zz9Z/F elEqm9W0gCv1VqHWWMmQleVj44ooCfP1Uv70sVkkmuQbHElC61hvmy2NILfAvxhD 6O0xnw4S/6b9zkwI2heFa8APDpDjGTfEh0zomnSpFwr/uDW2p2teKU7dOk2w1SRT 6owa0q7vF47LYiKHHe2DhFg+7sP4+tXEzqm2mbjQuSAIlZlfTx+mVDM/OB2h3HGD fbM2g1h7WTNkC51jvaLnp5t0ZTtYt9C/bURbhDJq6rdYtHbU2oJ0Joesp4diyrhW FwgdYaPFHgbc/J2HGwiXPqrhHAFuHrls01Wu62OtEk65jJ3OZ2euZWLxrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEOOuqm5k0LGcyKpzaNJJ2BFO8ntMB8GA1UdIwQY MBaAFP0O8ED7pFvOewcWNJXN9ehQd5GdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNzcxNjgtMTMzZi00NTUzLWIxOWQt NTZjOTRmMzI2ZGMyLzEvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS9kNzcxNjgtMTMzZi00NTUzLWIxOWQtNTZjOTRmMzI2ZGMy LzEvX1E3d1FQdWtXODU3QnhZMGxjMzE2RkIza1owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANiN9gI40 74VQZrbsGZwkELKrxE8KcVC4spP4W98A6q2IF+DS9M8EpebI+Fjo7Moh56mgCCYL RA6l05p+zjVhKLGvaL9Z19YKVe5LtpEy5ic8pZhoCIcm6Ky2NaAbp9pKTo7oe1ag z+LkqKsX3rUUDL/hvGaqoBLsscOa3gkyBZSXcJ9fnPa7WjJBhQOo3g4T3vYqZogJ vnbooVCVw43e888j6GARrD+L6ZKbusnViE9Bq+ZqphwuNhlA/dhn8Mj5e5npI7pX OzAjx4tkNCqEwvwy5ktqyNxHWhoNwq/VN2KODOpEa6E0bP7G5lz7SXw/fV6FHwa3 +VQIQXcH8cWeAA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:58:15 2025 by rpki-client