This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft File: qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft (raw, json) Hash identifier: 6NYkgwpar+SrdP/ZFJy2gGa2cf2m1jtOtfodOIzOBcQ= Subject key identifier: FF:BD:4A:A4:FC:B9:0D:82:D1:B8:54:BD:2A:C8:26:E2:F5:BD:3F:68 Authority key identifier: A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D Certificate issuer: /CN=a9a073b31d888e4439e272e007c9532fc305c80d Certificate serial: 019AF0BF83202A42FE06E1852923274EA08B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft Manifest number: 0E23 Signing time: Fri 05 Dec 2025 23:01:13 +0000 Manifest this update: Fri 05 Dec 2025 23:01:13 +0000 Manifest next update: Sat 06 Dec 2025 23:01:13 +0000 Files and hashes: 1: Q8xFmFvAPSn77NIvkdeBwz67ukY.roa (hash: 6n/TW9WGi0M+VK+cZnP9o3jAKXvSHj5b/AFgad9Qy1Y=) 2: qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl (hash: hrdEzXN1vUCjQNLKMUwTIPSmXsOSnkKibLo/iSnw27k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:83:20:2a:42:fe:06:e1:85:29:23:27:4e:a0:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a9a073b31d888e4439e272e007c9532fc305c80d Validity Not Before: Dec 5 23:01:13 2025 GMT Not After : Dec 6 23:01:13 2025 GMT Subject: CN=ffbd4aa4fcb90d82d1b854bd2ac826e2f5bd3f68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b5:72:51:84:c6:15:ba:f9:49:49:ec:12:a0: d0:2d:35:a8:37:fb:79:59:4f:49:1b:e5:07:71:4a: b6:6b:42:9e:41:7b:a3:8e:16:5b:ff:df:80:31:5b: 25:ca:9e:27:cc:30:86:74:ee:00:41:70:a1:1a:73: 79:f7:fb:a3:7c:13:63:2b:c2:bd:53:5b:38:32:0b: c1:12:33:13:2e:e7:09:0b:db:f3:4d:25:30:7d:0e: 55:40:dd:d2:b5:ce:75:0b:c4:65:27:93:37:02:c3: 6e:e3:af:41:8c:ab:16:25:21:5f:22:1e:bc:9b:74: ef:52:e2:e5:e1:bb:e3:03:57:e7:78:ea:51:51:a3: d1:99:3f:c3:b8:90:b4:8c:e5:d0:06:60:d9:8d:97: 28:32:77:79:e9:0e:db:59:cb:58:6b:6e:cb:20:dd: 83:72:39:29:30:aa:fd:64:43:75:b9:a6:8f:a3:34: 40:43:60:e0:ae:b9:9b:47:0b:66:15:5f:78:88:cc: 85:fe:24:97:65:a0:60:f2:0c:3d:a1:67:59:c1:65: 68:ec:de:50:d8:be:b1:38:8a:75:74:85:d5:c0:d7: 65:d9:e3:58:ed:fa:85:c8:7e:76:5b:5d:04:43:4a: 65:ca:e4:84:6e:3f:21:d9:f5:de:68:b3:54:f6:4f: 95:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:BD:4A:A4:FC:B9:0D:82:D1:B8:54:BD:2A:C8:26:E2:F5:BD:3F:68 X509v3 Authority Key Identifier: keyid:A9:A0:73:B3:1D:88:8E:44:39:E2:72:E0:07:C9:53:2F:C3:05:C8:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qaBzsx2IjkQ54nLgB8lTL8MFyA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ba3b2f-a289-404e-aef8-4e737e06d290/1/qaBzsx2IjkQ54nLgB8lTL8MFyA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:9b:8d:8d:49:fa:b7:22:2a:32:00:ac:3f:04:e9:fe:d6:93: b9:08:58:b6:3b:70:b9:fd:b7:6f:b7:8f:1f:77:f4:af:d5:de: b4:36:cb:b7:f3:92:72:37:1e:1e:00:2a:db:dc:ad:71:b6:4b: 96:2a:4d:ef:bf:3b:21:ad:e1:16:ca:e3:79:2d:c0:07:37:92: 6b:0b:fd:5a:c1:d5:98:5a:52:5e:eb:3a:d6:0b:ce:2c:10:53: ce:43:60:4c:58:34:e8:1f:a1:00:17:e5:33:10:4e:70:ab:d1: 4d:d6:37:6f:9c:bb:ae:ed:d2:f9:56:d7:da:e3:dd:42:d2:e5: 2a:ac:4f:aa:82:e9:86:67:cb:16:19:76:4c:78:d0:f1:4b:41: e8:76:74:bb:03:e8:eb:98:25:2c:da:0e:c2:39:42:ce:8b:0e: fa:0e:a6:13:3f:d8:6b:7d:83:10:72:e8:76:77:f3:a4:a3:fe: a9:ac:b9:dc:1c:51:e7:c8:19:5c:8d:6b:65:ca:4c:c0:6a:4b: 5c:2d:81:d5:9e:c4:27:9a:18:fa:16:bf:50:a4:8c:ed:4b:6b: 5a:77:a7:84:06:5b:ac:7e:72:d2:3c:72:81:73:9e:a2:c3:3c: a8:53:0d:69:f5:8d:e5:1a:0d:f7:42:22:9b:61:bd:f7:d0:1a: 61:f5:b6:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv4MgKkL+BuGFKSMnTqCLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5YTA3M2IzMWQ4ODhlNDQzOWUyNzJlMDA3Yzk1MzJmYzMw NWM4MGQwHhcNMjUxMjA1MjMwMTEzWhcNMjUxMjA2MjMwMTEzWjAzMTEwLwYDVQQD EyhmZmJkNGFhNGZjYjkwZDgyZDFiODU0YmQyYWM4MjZlMmY1YmQzZjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrVyUYTGFbr5SUnsEqDQLTWoN/t5 WU9JG+UHcUq2a0KeQXujjhZb/9+AMVslyp4nzDCGdO4AQXChGnN59/ujfBNjK8K9 U1s4MgvBEjMTLucJC9vzTSUwfQ5VQN3Stc51C8RlJ5M3AsNu469BjKsWJSFfIh68 m3TvUuLl4bvjA1fneOpRUaPRmT/DuJC0jOXQBmDZjZcoMnd56Q7bWctYa27LIN2D cjkpMKr9ZEN1uaaPozRAQ2DgrrmbRwtmFV94iMyF/iSXZaBg8gw9oWdZwWVo7N5Q 2L6xOIp1dIXVwNdl2eNY7fqFyH52W10EQ0plyuSEbj8h2fXeaLNU9k+VzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP+9SqT8uQ2C0bhUvSrIJuL1vT9oMB8GA1UdIwQY MBaAFKmgc7MdiI5EOeJy4AfJUy/DBcgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgt NGU3MzdlMDZkMjkwLzEvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS9iYTNiMmYtYTI4OS00MDRlLWFlZjgtNGU3MzdlMDZkMjkw LzEvcWFCenN4Mklqa1E1NG5MZ0I4bFRMOE1GeUEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkZuNjUn6 tyIqMgCsPwTp/taTuQhYtjtwuf23b7ePH3f0r9XetDbLt/OScjceHgAq29ytcbZL lipN7787Ia3hFsrjeS3ABzeSawv9WsHVmFpSXus61gvOLBBTzkNgTFg06B+hABfl MxBOcKvRTdY3b5y7ru3S+VbX2uPdQtLlKqxPqoLphmfLFhl2THjQ8UtB6HZ0uwPo 65glLNoOwjlCzosO+g6mEz/Ya32DEHLodnfzpKP+qay53BxR58gZXI1rZcpMwGpL XC2B1Z7EJ5oY+ha/UKSM7UtrWnenhAZbrH5y0jxygXOeosM8qFMNafWN5RoN90Ii m2G999AaYfW2BQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:39 2025 by rpki-client