This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft File: q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft (raw, json) Hash identifier: zC6uf3Tagid3T8WRCbci+M5p5pD90k42i8qisTrlat0= Subject key identifier: 0B:67:B5:40:18:D9:9F:34:EC:84:95:29:51:09:A0:47:C3:04:1F:97 Authority key identifier: AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9 Certificate issuer: /CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9 Certificate serial: 019AF1D1A4F13FCB1334AFC1F1538E11060C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft Manifest number: 0F55 Signing time: Sat 06 Dec 2025 04:00:39 +0000 Manifest this update: Sat 06 Dec 2025 04:00:39 +0000 Manifest next update: Sun 07 Dec 2025 04:00:39 +0000 Files and hashes: 1: FBn1v2zB1JVjcRcZbhGPjhIQq-4.roa (hash: mVYwRlVF+pwgFuj92Y5wG2kGfxiuhyd+s7VwHmVtegc=) 2: q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl (hash: R3Dg+BCio5k/Hq4OUaefjBTfwjWRUmDFcCEGca4J5VU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a4:f1:3f:cb:13:34:af:c1:f1:53:8e:11:06:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9 Validity Not Before: Dec 6 04:00:39 2025 GMT Not After : Dec 7 04:00:39 2025 GMT Subject: CN=0b67b54018d99f34ec8495295109a047c3041f97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:5c:66:67:d4:e9:ae:a3:7f:7b:c7:fc:f2:8a: 71:b5:f9:0f:a5:a4:c9:58:7b:25:d2:da:6a:61:5b: 24:1a:77:40:ff:c7:db:85:c8:4c:d5:ff:c6:94:de: 15:e0:af:96:1d:76:a6:d9:d0:7e:7c:9f:af:f8:aa: 6a:3e:89:8d:04:dc:4f:42:b2:e6:73:4b:7f:3e:70: 0b:1c:e4:42:50:40:9f:d7:72:d9:5a:e0:3f:d0:e6: 2e:a5:6e:92:a6:9d:57:eb:05:51:2d:1a:11:8f:50: 5a:a1:f0:08:50:f5:e6:47:09:da:ef:b2:92:34:4e: e4:ab:f3:1b:5b:9c:98:12:d9:94:14:d5:fa:da:50: 4b:52:32:f4:86:16:46:72:72:8f:65:e8:96:ba:1d: 7c:77:c9:a1:fb:3b:c0:5f:7d:36:33:24:4b:3a:eb: be:f9:f9:50:51:f7:16:30:5e:1e:5e:a1:3a:a8:2e: 09:bb:70:6c:3c:6a:c5:2a:a1:28:2f:91:80:5b:1a: 26:da:19:b0:79:d5:f1:93:0a:c7:6a:f2:2c:ac:e9: be:f2:9d:66:3b:51:cc:4f:5e:7f:c5:d2:2f:61:4d: 63:42:5b:7f:3b:b2:4b:34:21:42:0f:4f:4a:1d:98: 98:35:09:ce:2d:e4:52:4b:46:13:a3:5f:b3:85:1b: 71:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:67:B5:40:18:D9:9F:34:EC:84:95:29:51:09:A0:47:C3:04:1F:97 X509v3 Authority Key Identifier: keyid:AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:80:71:78:7c:77:8b:b5:1c:e1:c2:59:ed:b3:47:1a:ef:68: ab:bb:a7:0e:91:71:e4:31:75:bb:12:fb:6c:3b:89:5e:a9:87: 10:25:8e:97:bb:b2:90:0a:72:f8:89:b8:26:fd:8f:e9:b6:fd: 14:59:87:98:ca:29:e2:54:83:91:d0:cc:73:66:13:74:93:4f: d7:32:24:cb:e8:38:db:b1:a8:b1:ae:b1:21:ca:12:26:1d:5b: 4a:36:29:15:16:38:a7:cb:0a:37:ff:f0:7d:5c:f1:23:4b:2e: cf:32:70:1f:95:06:49:fd:f5:7c:b4:87:c5:d4:da:18:b9:42: 30:c2:7c:cf:2f:5c:e0:02:6a:9f:d9:85:d4:53:07:f7:9a:ad: 81:04:41:e7:b0:cc:3b:c6:fc:a8:33:70:cb:8d:29:16:25:8b: 78:fc:e6:c5:39:84:06:64:e6:83:2a:a2:c7:e7:d6:40:72:ec: 27:7b:ce:6c:6e:1a:51:f2:0c:a2:f6:0b:e9:2b:91:d5:15:93: fc:7e:5a:26:19:16:86:a6:48:f5:e1:d6:b4:8f:ad:84:04:1b: 37:f9:d9:ad:b5:dd:ee:31:c5:c6:0f:3d:ab:0e:15:f6:ed:42: 10:66:3f:fa:c1:89:45:13:dc:c0:57:82:4e:c4:02:ae:4b:20: 12:01:9b:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0aTxP8sTNK/B8VOOEQYMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNjg0ZTUwZTMzZjNhMDAxNWM4Zjg5OWM4OGJjYjEzN2Jj ZmI1ZjkwHhcNMjUxMjA2MDQwMDM5WhcNMjUxMjA3MDQwMDM5WjAzMTEwLwYDVQQD EygwYjY3YjU0MDE4ZDk5ZjM0ZWM4NDk1Mjk1MTA5YTA0N2MzMDQxZjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFxmZ9TprqN/e8f88opxtfkPpaTJ WHsl0tpqYVskGndA/8fbhchM1f/GlN4V4K+WHXam2dB+fJ+v+KpqPomNBNxPQrLm c0t/PnALHORCUECf13LZWuA/0OYupW6Spp1X6wVRLRoRj1BaofAIUPXmRwna77KS NE7kq/MbW5yYEtmUFNX62lBLUjL0hhZGcnKPZeiWuh18d8mh+zvAX302MyRLOuu+ +flQUfcWMF4eXqE6qC4Ju3BsPGrFKqEoL5GAWxom2hmwedXxkwrHavIsrOm+8p1m O1HMT15/xdIvYU1jQlt/O7JLNCFCD09KHZiYNQnOLeRSS0YTo1+zhRtxjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAtntUAY2Z807ISVKVEJoEfDBB+XMB8GA1UdIwQY MBaAFKtoTlDjPzoAFcj4mciLyxN7z7X5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjIt ODBlNWQ1M2VkYjQxLzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjItODBlNWQ1M2VkYjQx LzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP4BxeHx3 i7Uc4cJZ7bNHGu9oq7unDpFx5DF1uxL7bDuJXqmHECWOl7uykApy+Im4Jv2P6bb9 FFmHmMop4lSDkdDMc2YTdJNP1zIky+g427Gosa6xIcoSJh1bSjYpFRY4p8sKN//w fVzxI0suzzJwH5UGSf31fLSHxdTaGLlCMMJ8zy9c4AJqn9mF1FMH95qtgQRB57DM O8b8qDNwy40pFiWLePzmxTmEBmTmgyqix+fWQHLsJ3vObG4aUfIMovYL6SuR1RWT /H5aJhkWhqZI9eHWtI+thAQbN/nZrbXd7jHFxg89qw4V9u1CEGY/+sGJRRPcwFeC TsQCrksgEgGbFQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:24:46 2025 by rpki-client