This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft File: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft (raw, json) Hash identifier: OMS0f/voMK2ybi25wYxT5Nv/omQ/+2OxSaq1duv56Ps= Subject key identifier: 38:B8:A2:7E:82:79:30:E5:02:82:25:72:10:84:CA:C2:AC:AB:22:AE Authority key identifier: 43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24 Certificate issuer: /CN=43cf416193a1c2ed3056b647e5a46503148e3824 Certificate serial: 019AF1D260AF43DF2B7F14C45E35ED621DCB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft Manifest number: 0821 Signing time: Sat 06 Dec 2025 04:01:27 +0000 Manifest this update: Sat 06 Dec 2025 04:01:27 +0000 Manifest next update: Sun 07 Dec 2025 04:01:27 +0000 Files and hashes: 1: EVfs3Ty5us2kONM9lNbKxeOpQy4.roa (hash: XNAy20rJW1bN/SCZtyAydEWkC3qMnBorsPnV2qCqZ6A=) 2: Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl (hash: 15m1CivpNUR1xnx6DyMFZdRHLf+4QYMIDmeEN5eQdKs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:60:af:43:df:2b:7f:14:c4:5e:35:ed:62:1d:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43cf416193a1c2ed3056b647e5a46503148e3824 Validity Not Before: Dec 6 04:01:27 2025 GMT Not After : Dec 7 04:01:27 2025 GMT Subject: CN=38b8a27e827930e5028225721084cac2acab22ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c4:4a:4f:00:76:21:04:c7:ea:4f:3e:d5:8c: 12:f7:26:a4:cc:c3:3e:d6:ad:0f:6e:af:7c:7c:43: c4:9d:5b:76:2d:b9:f7:ce:e7:11:27:0d:3b:0e:87: 3b:b3:d6:17:49:f2:6d:f9:af:cc:25:f5:53:c4:48: 75:40:71:f9:18:fc:1a:d3:59:20:82:18:6e:1b:ad: c5:e0:75:d9:ca:22:c9:c9:ff:db:cb:a8:39:d1:fe: e4:b8:ee:cb:83:3d:ec:d3:9a:c8:2c:6d:79:94:93: 66:a3:c8:ea:26:40:6e:59:6f:35:85:77:6e:4f:1a: 3e:df:5a:5a:cc:ff:2c:80:f9:9e:55:da:fa:d3:73: a9:34:fa:21:d2:e9:ff:c3:6f:53:18:cd:00:d8:06: c4:43:2b:9e:67:75:b7:e3:ae:dd:d4:17:b4:5c:06: 76:70:4a:d1:3a:38:6a:56:66:32:43:f4:af:36:6a: 35:80:31:f5:d5:50:25:ef:44:41:f5:89:ce:73:31: 8f:f0:86:64:cf:c2:bd:ff:71:a8:d0:5b:b6:2a:2c: 5a:94:fc:a5:87:3a:ca:64:12:78:0b:27:9c:a0:f4: 1b:2b:07:dc:f2:99:52:b9:8a:35:60:3a:27:90:48: 82:f9:ef:d8:24:f0:93:63:ed:51:58:70:f5:71:ee: 66:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:B8:A2:7E:82:79:30:E5:02:82:25:72:10:84:CA:C2:AC:AB:22:AE X509v3 Authority Key Identifier: keyid:43:CF:41:61:93:A1:C2:ED:30:56:B6:47:E5:A4:65:03:14:8E:38:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aa31cf-bb31-497c-a577-09b969d160fe/1/Q89BYZOhwu0wVrZH5aRlAxSOOCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:11:99:1f:d1:77:00:c3:c1:0e:f7:7c:87:a3:1b:d5:91:09: 29:37:10:3f:4d:f6:65:20:69:cf:3d:15:38:d4:f3:ec:2d:e6: 0c:ad:5b:9b:94:c1:0f:65:30:42:f7:21:85:b2:e9:fe:1c:9e: 74:ea:39:72:76:19:00:55:0f:a0:c7:cf:47:90:d3:a1:ef:e0: b3:97:8e:64:48:0a:c2:50:d4:4e:24:d6:58:25:53:49:26:8c: 41:14:1b:ff:eb:4c:e3:01:47:41:ec:5d:da:59:db:30:f2:4b: 93:49:76:20:17:eb:18:bf:84:6b:7c:23:3e:13:5d:e8:37:34: 2a:c6:80:f8:1e:f7:a0:69:73:58:9d:b4:8f:3f:41:61:3e:6f: 28:2d:e2:43:c5:85:81:5b:82:fd:e9:8e:4e:85:03:a2:c8:b5: 89:a1:80:41:75:b9:28:fb:a1:49:c1:bd:b4:29:2f:1f:e7:f0: bc:34:30:9d:e0:03:af:57:dc:38:2b:12:a0:07:28:cc:54:96: af:5a:f7:54:e6:bc:24:a8:c7:7d:34:a9:ea:ad:ef:62:e3:43: 54:fd:a6:8c:54:78:c9:61:ad:b4:3d:a3:f3:79:6e:22:9d:da: bf:51:bb:6b:35:5f:6a:06:7b:6c:9c:72:51:cb:7b:80:03:1b: 2f:4a:b6:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0mCvQ98rfxTEXjXtYh3LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzY2Y0MTYxOTNhMWMyZWQzMDU2YjY0N2U1YTQ2NTAzMTQ4 ZTM4MjQwHhcNMjUxMjA2MDQwMTI3WhcNMjUxMjA3MDQwMTI3WjAzMTEwLwYDVQQD EygzOGI4YTI3ZTgyNzkzMGU1MDI4MjI1NzIxMDg0Y2FjMmFjYWIyMmFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcRKTwB2IQTH6k8+1YwS9yakzMM+ 1q0Pbq98fEPEnVt2Lbn3zucRJw07Doc7s9YXSfJt+a/MJfVTxEh1QHH5GPwa01kg ghhuG63F4HXZyiLJyf/by6g50f7kuO7Lgz3s05rILG15lJNmo8jqJkBuWW81hXdu Txo+31pazP8sgPmeVdr603OpNPoh0un/w29TGM0A2AbEQyueZ3W3467d1Be0XAZ2 cErROjhqVmYyQ/SvNmo1gDH11VAl70RB9YnOczGP8IZkz8K9/3Go0Fu2KixalPyl hzrKZBJ4CyecoPQbKwfc8plSuYo1YDonkEiC+e/YJPCTY+1RWHD1ce5mwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDi4on6CeTDlAoIlchCEysKsqyKuMB8GA1UdIwQY MBaAFEPPQWGTocLtMFa2R+WkZQMUjjgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1Nzct MDliOTY5ZDE2MGZlLzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS9hYTMxY2YtYmIzMS00OTdjLWE1NzctMDliOTY5ZDE2MGZl LzEvUTg5QllaT2h3dTB3VnJaSDVhUmxBeFNPT0NRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRGZH9F3 AMPBDvd8h6Mb1ZEJKTcQP032ZSBpzz0VONTz7C3mDK1bm5TBD2UwQvchhbLp/hye dOo5cnYZAFUPoMfPR5DToe/gs5eOZEgKwlDUTiTWWCVTSSaMQRQb/+tM4wFHQexd 2lnbMPJLk0l2IBfrGL+Ea3wjPhNd6Dc0KsaA+B73oGlzWJ20jz9BYT5vKC3iQ8WF gVuC/emOToUDosi1iaGAQXW5KPuhScG9tCkvH+fwvDQwneADr1fcOCsSoAcozFSW r1r3VOa8JKjHfTSp6q3vYuNDVP2mjFR4yWGttD2j83luIp3av1G7azVfagZ7bJxy Uct7gAMbL0q2mw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:29:35 2025 by rpki-client