This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft File: Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft (raw, json) Hash identifier: wt7oyt9n/xr15DIcyIIu7WUeebuEFoAL6hk/xK5nsDg= Subject key identifier: 86:AF:9C:30:5B:AC:B5:E3:9C:DF:E2:19:C4:6E:91:44:D2:E4:D4:75 Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c Certificate serial: 019AF5AF0B41CB19918963955BC8F2AF79D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft Manifest number: 0AD7 Signing time: Sat 06 Dec 2025 22:01:20 +0000 Manifest this update: Sat 06 Dec 2025 22:01:20 +0000 Manifest next update: Sun 07 Dec 2025 22:01:20 +0000 Files and hashes: 1: Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl (hash: pUTjW6J43exWhEHnPWCoSc/EWz8QIFF4K8xAcNTH8Uc=) 2: xzcqcrFf-ra6k9gJVEfYsUOL7r0.roa (hash: tLEmQ4Ip0nJAlYr4VF0AY9UERYkLlEbUUc3k5bIYBQM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:af:0b:41:cb:19:91:89:63:95:5b:c8:f2:af:79:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c Validity Not Before: Dec 6 22:01:20 2025 GMT Not After : Dec 7 22:01:20 2025 GMT Subject: CN=86af9c305bacb5e39cdfe219c46e9144d2e4d475 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:25:10:62:80:5c:f2:b6:ff:97:00:b8:57:30: 4e:a3:9e:c1:85:aa:af:4f:45:d5:5e:c1:77:41:07: 5f:e0:57:85:a8:58:c8:7e:77:92:1f:47:9b:7d:5d: e0:84:8f:e3:8f:1e:0e:72:0d:0e:58:23:9f:96:a0: d3:64:90:8a:6b:eb:c7:e0:7e:5d:47:94:c5:bf:80: 6c:44:49:1b:1a:bc:6c:8f:e3:11:00:6a:aa:63:32: 78:1b:3f:6b:a5:0e:da:66:f9:4c:ea:11:0e:0c:68: 2c:77:05:4e:e5:ee:b0:15:36:5e:4d:42:3f:04:76: 12:65:9b:26:c4:ed:d9:19:b5:37:55:cb:a5:97:61: 2a:49:76:4b:1b:2e:8b:97:e7:28:fb:fa:e8:89:80: 82:ab:2c:b5:af:12:fd:43:a0:00:36:91:99:6e:55: 54:e1:3a:24:94:a8:8a:c7:70:ea:b8:5a:d0:2f:ad: 25:d3:5f:62:7d:1b:21:6a:0d:2a:94:0d:a7:93:ae: 31:32:cf:3e:99:7b:b7:fa:4a:57:af:f9:18:ed:42: 8e:8c:92:7a:ee:00:07:ce:26:9b:be:a3:46:16:94: fe:19:68:1e:b3:07:97:7d:bf:c9:10:e7:09:11:8a: 2f:2a:7f:e1:cd:3a:79:0d:16:2e:44:51:26:83:1b: 50:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:AF:9C:30:5B:AC:B5:E3:9C:DF:E2:19:C4:6E:91:44:D2:E4:D4:75 X509v3 Authority Key Identifier: keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:51:3c:88:a5:eb:b3:39:35:4c:50:f9:99:3f:5c:f4:6a:ed: 55:1e:54:18:3f:f0:10:e8:95:f8:93:ec:54:6b:f2:cf:91:1d: 1b:ac:81:16:aa:6f:d2:c7:91:fd:89:73:75:3c:26:79:08:bf: b8:e0:9e:b8:58:6c:4a:88:cc:cc:0d:65:80:5d:3f:af:3b:40: 30:75:62:ff:64:99:4a:bc:61:57:e9:48:3b:61:70:69:97:34: b5:50:8d:48:cf:62:2b:1f:e7:49:05:39:bc:27:30:72:f2:de: fa:4f:c8:7f:e1:ec:35:46:17:79:17:1c:f6:70:28:c7:43:71: 88:45:aa:96:25:ec:1f:6e:63:c0:eb:c9:a2:39:38:40:19:50: c4:ad:e2:a5:8a:25:ea:6a:98:c9:e3:51:fa:2c:17:ea:63:eb: f5:cf:2d:35:32:24:52:1e:31:a7:06:8f:68:3e:ee:dc:14:19: 79:a6:6a:40:bd:af:7a:86:c8:61:6d:f2:17:1d:bd:56:21:15: 43:f9:3f:66:02:71:b7:11:bd:00:f1:28:78:2f:46:26:03:e8: 9d:53:38:3d:d1:f1:e9:9b:f7:fa:5a:1c:f7:6f:96:b3:eb:54: 8a:30:2d:e1:ab:fd:71:3e:b4:93:75:b4:33:02:3f:9a:0e:cc: 88:96:f0:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rwtByxmRiWOVW8jyr3nQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0 NTI2OGMwHhcNMjUxMjA2MjIwMTIwWhcNMjUxMjA3MjIwMTIwWjAzMTEwLwYDVQQD Eyg4NmFmOWMzMDViYWNiNWUzOWNkZmUyMTljNDZlOTE0NGQyZTRkNDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiUQYoBc8rb/lwC4VzBOo57Bhaqv T0XVXsF3QQdf4FeFqFjIfneSH0ebfV3ghI/jjx4Ocg0OWCOflqDTZJCKa+vH4H5d R5TFv4BsREkbGrxsj+MRAGqqYzJ4Gz9rpQ7aZvlM6hEODGgsdwVO5e6wFTZeTUI/ BHYSZZsmxO3ZGbU3Vcull2EqSXZLGy6Ll+co+/roiYCCqyy1rxL9Q6AANpGZblVU 4ToklKiKx3DquFrQL60l019ifRshag0qlA2nk64xMs8+mXu3+kpXr/kY7UKOjJJ6 7gAHziabvqNGFpT+GWgesweXfb/JEOcJEYovKn/hzTp5DRYuRFEmgxtQcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIavnDBbrLXjnN/iGcRukUTS5NR1MB8GA1UdIwQY MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt Njg4ZDUxYTQ0NDQ4LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4 LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJVE8iKXr szk1TFD5mT9c9GrtVR5UGD/wEOiV+JPsVGvyz5EdG6yBFqpv0seR/YlzdTwmeQi/ uOCeuFhsSojMzA1lgF0/rztAMHVi/2SZSrxhV+lIO2FwaZc0tVCNSM9iKx/nSQU5 vCcwcvLe+k/If+HsNUYXeRcc9nAox0NxiEWqliXsH25jwOvJojk4QBlQxK3ipYol 6mqYyeNR+iwX6mPr9c8tNTIkUh4xpwaPaD7u3BQZeaZqQL2veobIYW3yFx29ViEV Q/k/ZgJxtxG9APEoeC9GJgPonVM4PdHx6Zv3+loc92+Ws+tUijAt4av9cT60k3W0 MwI/mg7MiJbwHQ== -----END CERTIFICATE-----Generated at Sun Dec 7 04:45:05 2025 by rpki-client