This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.mft File: q0U2TkncOhW-_yacOjKzwFQci2Y.mft (raw, json) Hash identifier: 43B4VZgfCklPIvWD3lu+k6l5m/sNKqfIRv/KSJyJW4Q= Subject key identifier: 58:F9:94:60:33:A2:02:85:15:93:BA:47:43:7B:8C:E3:FC:80:7B:77 Authority key identifier: AB:45:36:4E:49:DC:3A:15:BE:FF:26:9C:3A:32:B3:C0:54:1C:8B:66 Certificate issuer: /CN=ab45364e49dc3a15beff269c3a32b3c0541c8b66 Certificate serial: 019AF3521A9598C14F2B2D13BE0D01350E78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q0U2TkncOhW-_yacOjKzwFQci2Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 11:00:35 +0000 Manifest this update: Sat 06 Dec 2025 11:00:35 +0000 Manifest next update: Sun 07 Dec 2025 11:00:35 +0000 Files and hashes: 1: Diq6O5ga68_B8MEC7x3IDqn6lbc.roa (hash: r+Ep1MU6KZ691K575NCgrIa7fSiICzMjhV/0OlU71vU=) 2: q0U2TkncOhW-_yacOjKzwFQci2Y.crl (hash: 8m0wJSU5VicV+/UVEBn6GosojtM5pG8wnpzEpZSPKh4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.crl rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.mft rsync://rpki.ripe.net/repository/DEFAULT/q0U2TkncOhW-_yacOjKzwFQci2Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:1a:95:98:c1:4f:2b:2d:13:be:0d:01:35:0e:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab45364e49dc3a15beff269c3a32b3c0541c8b66 Validity Not Before: Dec 6 11:00:35 2025 GMT Not After : Dec 7 11:00:35 2025 GMT Subject: CN=58f9946033a202851593ba47437b8ce3fc807b77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ca:50:99:c5:c8:d8:07:7d:32:d1:54:3f:41: 00:46:95:44:2b:ef:42:cb:76:03:18:73:7d:e6:e6: 45:a4:c2:7d:45:e9:0a:ed:9e:69:13:95:ab:f5:6a: d3:88:01:97:7d:c7:e3:19:5a:18:99:d9:a3:9e:c4: fd:1f:c2:0f:7e:99:2b:ea:21:2d:6e:de:19:81:02: f9:38:6c:cc:58:b9:1b:0b:ed:1f:2e:f0:5e:c0:63: 85:51:6b:5c:fe:99:96:52:5d:81:36:d3:bc:c4:1f: 89:6e:2e:a3:8a:70:57:a6:21:e6:19:be:2f:f0:15: 20:01:3b:0f:26:23:08:17:03:a0:c3:59:ee:d0:a2: 70:03:e6:31:cd:64:c2:94:44:de:63:dd:fc:e6:2a: 57:8f:29:0d:3f:21:16:e2:10:5a:ad:f1:69:2e:a3: 29:af:7f:e7:b0:12:cd:5e:15:60:cd:c5:03:dd:c1: 47:4c:f1:ba:9a:aa:bb:d4:79:a8:91:cd:ae:b0:8f: de:7c:3e:7b:bf:9c:be:3f:4c:7b:c1:7f:c5:a6:09: a4:66:f7:c3:ae:db:e4:2c:65:7c:8e:5e:93:9d:a9: 17:76:b6:d2:3c:e0:76:58:e5:9d:5e:60:2d:be:e6: 00:b6:f0:f0:7c:c8:ec:0d:64:63:ed:5b:84:ff:6d: 11:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:F9:94:60:33:A2:02:85:15:93:BA:47:43:7B:8C:E3:FC:80:7B:77 X509v3 Authority Key Identifier: keyid:AB:45:36:4E:49:DC:3A:15:BE:FF:26:9C:3A:32:B3:C0:54:1C:8B:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q0U2TkncOhW-_yacOjKzwFQci2Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/5aaf25-9748-4592-a497-f8bd250454eb/1/q0U2TkncOhW-_yacOjKzwFQci2Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:83:ad:d9:4f:43:54:33:96:9d:b0:ba:b3:f7:6a:22:71:10: 70:de:91:be:26:ef:ef:d5:f5:68:c2:68:5b:12:ad:04:c2:b4: 96:03:eb:6e:f1:a2:0a:27:37:e5:76:b3:f4:bb:50:55:81:d9: 46:96:57:f8:fb:41:f7:c9:0f:11:f9:a9:b8:9a:ec:db:a0:62: 16:6c:ec:5b:b1:42:e7:f9:bb:8d:7f:87:42:35:f3:aa:93:f2: ea:54:52:62:ff:84:20:3a:7a:a3:b2:5e:f7:be:95:a7:1b:8e: e9:60:2a:b4:ff:90:f2:94:c3:c8:f5:28:f5:96:2a:3b:95:a4: 9e:92:e7:01:04:2a:6a:90:57:e5:2d:e2:6c:86:72:85:57:68: 55:31:c8:23:d8:5a:93:db:3a:60:f1:ce:ff:42:49:8d:dd:47: a7:e2:f1:cd:26:24:c1:a1:07:62:89:a8:74:44:05:0f:7f:5e: fe:df:b7:a3:2a:f3:43:1d:7c:a0:44:4a:2e:02:1a:f1:c9:fb: c6:f6:4b:09:ba:8b:4e:81:a4:23:d4:4f:ff:4f:30:e7:54:4b: b5:f5:8b:ba:92:11:a1:3d:8e:1d:54:70:47:a8:2e:d8:1a:54: 35:87:23:c6:c8:08:34:c6:d2:b1:88:39:39:85:41:b8:40:db: 00:23:50:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUhqVmMFPKy0Tvg0BNQ54MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNDUzNjRlNDlkYzNhMTViZWZmMjY5YzNhMzJiM2MwNTQx YzhiNjYwHhcNMjUxMjA2MTEwMDM1WhcNMjUxMjA3MTEwMDM1WjAzMTEwLwYDVQQD Eyg1OGY5OTQ2MDMzYTIwMjg1MTU5M2JhNDc0MzdiOGNlM2ZjODA3Yjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8pQmcXI2Ad9MtFUP0EARpVEK+9C y3YDGHN95uZFpMJ9RekK7Z5pE5Wr9WrTiAGXfcfjGVoYmdmjnsT9H8IPfpkr6iEt bt4ZgQL5OGzMWLkbC+0fLvBewGOFUWtc/pmWUl2BNtO8xB+Jbi6jinBXpiHmGb4v 8BUgATsPJiMIFwOgw1nu0KJwA+YxzWTClETeY9385ipXjykNPyEW4hBarfFpLqMp r3/nsBLNXhVgzcUD3cFHTPG6mqq71Hmokc2usI/efD57v5y+P0x7wX/FpgmkZvfD rtvkLGV8jl6TnakXdrbSPOB2WOWdXmAtvuYAtvDwfMjsDWRj7VuE/20ROQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFj5lGAzogKFFZO6R0N7jOP8gHt3MB8GA1UdIwQY MBaAFKtFNk5J3DoVvv8mnDoys8BUHItmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTBVMlRrbmNPaFctX3lhY09qS3p3RlFjaTJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny81YWFmMjUtOTc0OC00NTkyLWE0OTct ZjhiZDI1MDQ1NGViLzEvcTBVMlRrbmNPaFctX3lhY09qS3p3RlFjaTJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny81YWFmMjUtOTc0OC00NTkyLWE0OTctZjhiZDI1MDQ1NGVi LzEvcTBVMlRrbmNPaFctX3lhY09qS3p3RlFjaTJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc4Ot2U9D VDOWnbC6s/dqInEQcN6Rvibv79X1aMJoWxKtBMK0lgPrbvGiCic35Xaz9LtQVYHZ RpZX+PtB98kPEfmpuJrs26BiFmzsW7FC5/m7jX+HQjXzqpPy6lRSYv+EIDp6o7Je 976VpxuO6WAqtP+Q8pTDyPUo9ZYqO5WknpLnAQQqapBX5S3ibIZyhVdoVTHII9ha k9s6YPHO/0JJjd1Hp+LxzSYkwaEHYomodEQFD39e/t+3oyrzQx18oERKLgIa8cn7 xvZLCbqLToGkI9RP/08w51RLtfWLupIRoT2OHVRwR6gu2BpUNYcjxsgINMbSsYg5 OYVBuEDbACNQBQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:37:19 2025 by rpki-client