This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.mft File: qGBXhZ0WYOjYcpee5tamssQzowU.mft (raw, json) Hash identifier: jIl89VWknJwmfLgLf/SDd/FP3yzzvciCEDYw7hhnhv4= Subject key identifier: 19:3E:34:3C:45:13:A6:48:DF:05:1C:1F:D8:45:62:74:4B:94:D8:56 Authority key identifier: A8:60:57:85:9D:16:60:E8:D8:72:97:9E:E6:D6:A6:B2:C4:33:A3:05 Certificate issuer: /CN=a86057859d1660e8d872979ee6d6a6b2c433a305 Certificate serial: 019AF35285280285E0BEBDA2B48D94ACD5FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGBXhZ0WYOjYcpee5tamssQzowU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 11:01:02 +0000 Manifest this update: Sat 06 Dec 2025 11:01:02 +0000 Manifest next update: Sun 07 Dec 2025 11:01:02 +0000 Files and hashes: 1: PW17_Y421OHbEdWMpqGOAItDAMQ.roa (hash: L2gpot5aAwJ9/O+fD4LlOhf1tqLhMij+IcuFZyDR7dA=) 2: qGBXhZ0WYOjYcpee5tamssQzowU.crl (hash: zk/ogwiP1cFBNnJwluzV1vCgx4WWxqcaCdMSGTkieLY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.crl rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.mft rsync://rpki.ripe.net/repository/DEFAULT/qGBXhZ0WYOjYcpee5tamssQzowU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:85:28:02:85:e0:be:bd:a2:b4:8d:94:ac:d5:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a86057859d1660e8d872979ee6d6a6b2c433a305 Validity Not Before: Dec 6 11:01:02 2025 GMT Not After : Dec 7 11:01:02 2025 GMT Subject: CN=193e343c4513a648df051c1fd84562744b94d856 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ba:e8:06:fc:34:10:1d:0e:a6:f3:bb:05:36: f4:9c:58:a9:84:60:c2:ba:6d:2b:b5:58:6c:1a:d3: 42:f1:08:2c:98:07:d5:6e:ec:64:ce:12:77:c0:ff: 4f:57:26:93:64:e1:a8:7d:70:6f:19:ce:23:d1:17: 69:3e:89:de:01:fe:bc:3d:8a:6d:c6:ec:68:13:ca: a3:4d:f5:99:79:40:dc:0b:94:58:10:4e:1c:44:78: 96:b0:0e:14:32:96:c8:cf:5d:fd:a6:45:8c:dc:3b: 58:b9:b6:00:aa:0c:cb:80:f8:ab:8f:e9:3e:dc:be: b3:59:61:28:82:7a:4f:40:52:09:b9:67:d0:af:43: 8f:0d:f0:05:09:b3:1a:cd:66:6a:97:f5:bc:ae:57: 37:f7:cb:3c:02:39:10:f6:a7:dd:78:12:f4:05:1e: 3c:60:2e:ba:1e:91:64:ab:c5:c0:66:46:55:56:8d: 53:26:cd:b6:47:a9:b9:de:bf:aa:8f:f6:51:5a:3f: 86:68:d7:07:7f:f0:c4:82:4d:b5:0d:3e:4d:b1:a8: ef:22:10:7e:7b:70:67:ca:5d:d4:18:ff:6b:c5:f4: e5:20:84:36:4f:8a:9e:45:fc:9e:80:6e:34:f3:b9: 5f:cf:5b:1a:77:d6:42:fc:53:80:1d:e6:26:52:79: 3e:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:3E:34:3C:45:13:A6:48:DF:05:1C:1F:D8:45:62:74:4B:94:D8:56 X509v3 Authority Key Identifier: keyid:A8:60:57:85:9D:16:60:E8:D8:72:97:9E:E6:D6:A6:B2:C4:33:A3:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGBXhZ0WYOjYcpee5tamssQzowU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:53:94:d3:cf:b5:91:8b:e8:ac:7e:27:66:55:09:26:80:74: 3a:f6:eb:9b:74:7a:e1:bf:76:49:8a:16:1c:5d:06:96:f9:8f: 6e:62:8d:be:c9:5e:81:e0:83:7e:ba:8d:dc:61:b4:31:28:15: ba:64:7e:21:7f:9b:4b:6b:cc:36:c1:ba:bf:2c:77:d0:74:e9: b8:4d:79:00:f3:cc:82:05:b8:b8:04:56:80:f1:5c:69:df:72: 02:ed:e2:27:d9:34:48:ed:98:f9:5d:38:b1:5d:4f:80:66:d2: 60:41:7a:d1:08:1a:f4:2e:4e:97:1a:62:86:4b:1e:c1:e3:c0: 8e:73:80:1d:43:89:d5:39:63:d8:ee:2f:72:04:8e:dc:e2:a6: 9e:4d:93:58:78:8e:e6:bd:ba:c7:92:58:e3:92:09:1c:d4:3a: d4:77:55:f0:1e:78:08:71:53:0e:88:eb:e2:a2:63:7e:92:51: 37:85:04:a3:7b:1d:79:13:50:17:b2:70:9c:3b:b6:3f:e4:33: b5:e2:1c:a6:85:ac:6f:34:8d:cd:b7:5e:01:25:79:6e:a4:81: 54:61:18:90:15:71:01:85:94:ad:00:ac:5d:0b:ed:9e:fe:39: 5a:a6:db:9d:ee:26:28:35:74:83:e2:db:83:90:9d:e5:1a:7d: e2:18:45:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUoUoAoXgvr2itI2UrNX/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4NjA1Nzg1OWQxNjYwZThkODcyOTc5ZWU2ZDZhNmIyYzQz M2EzMDUwHhcNMjUxMjA2MTEwMTAyWhcNMjUxMjA3MTEwMTAyWjAzMTEwLwYDVQQD EygxOTNlMzQzYzQ1MTNhNjQ4ZGYwNTFjMWZkODQ1NjI3NDRiOTRkODU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7roBvw0EB0OpvO7BTb0nFiphGDC um0rtVhsGtNC8QgsmAfVbuxkzhJ3wP9PVyaTZOGofXBvGc4j0RdpPoneAf68PYpt xuxoE8qjTfWZeUDcC5RYEE4cRHiWsA4UMpbIz139pkWM3DtYubYAqgzLgPirj+k+ 3L6zWWEognpPQFIJuWfQr0OPDfAFCbMazWZql/W8rlc398s8AjkQ9qfdeBL0BR48 YC66HpFkq8XAZkZVVo1TJs22R6m53r+qj/ZRWj+GaNcHf/DEgk21DT5NsajvIhB+ e3Bnyl3UGP9rxfTlIIQ2T4qeRfyegG4087lfz1sad9ZC/FOAHeYmUnk+3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBk+NDxFE6ZI3wUcH9hFYnRLlNhWMB8GA1UdIwQY MBaAFKhgV4WdFmDo2HKXnubWprLEM6MFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUdCWGhaMFdZT2pZY3BlZTV0YW1zc1F6b3dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yMTM0NWItNGRlNy00MDg2LTlhYmYt ZDRlZGMyMGNjMWFjLzEvcUdCWGhaMFdZT2pZY3BlZTV0YW1zc1F6b3dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS8yMTM0NWItNGRlNy00MDg2LTlhYmYtZDRlZGMyMGNjMWFj LzEvcUdCWGhaMFdZT2pZY3BlZTV0YW1zc1F6b3dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL1OU08+1 kYvorH4nZlUJJoB0Ovbrm3R64b92SYoWHF0GlvmPbmKNvslegeCDfrqN3GG0MSgV umR+IX+bS2vMNsG6vyx30HTpuE15APPMggW4uARWgPFcad9yAu3iJ9k0SO2Y+V04 sV1PgGbSYEF60Qga9C5OlxpihksewePAjnOAHUOJ1Tlj2O4vcgSO3OKmnk2TWHiO 5r26x5JY45IJHNQ61HdV8B54CHFTDojr4qJjfpJRN4UEo3sdeRNQF7JwnDu2P+Qz teIcpoWsbzSNzbdeASV5bqSBVGEYkBVxAYWUrQCsXQvtnv45Wqbbne4mKDV0g+Lb g5Cd5Rp94hhFuQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:24:47 2025 by rpki-client