This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft File: q33wfyEEN2kvd-7DRpuaSCuW0ao.mft (raw, json) Hash identifier: USvuWvZXNxVy1sqlsxRB3cD3c2qUBo02CU7zhoxv1JY= Subject key identifier: 0A:82:5A:93:E3:30:8C:B6:25:95:BE:A4:F5:4A:1A:F7:7C:C0:83:A7 Authority key identifier: AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA Certificate issuer: /CN=ab7df07f210437692f77eec3469b9a482b96d1aa Certificate serial: 019AF23F762387A2ECE27EB8D4A86B07BDAE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft Manifest number: 06F6 Signing time: Sat 06 Dec 2025 06:00:36 +0000 Manifest this update: Sat 06 Dec 2025 06:00:36 +0000 Manifest next update: Sun 07 Dec 2025 06:00:36 +0000 Files and hashes: 1: q33wfyEEN2kvd-7DRpuaSCuW0ao.crl (hash: 1MyQqhXAjix96Xaj3YXdgytPpN5+jXu5YUnKBSsDbHI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:76:23:87:a2:ec:e2:7e:b8:d4:a8:6b:07:bd:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab7df07f210437692f77eec3469b9a482b96d1aa Validity Not Before: Dec 6 06:00:36 2025 GMT Not After : Dec 7 06:00:36 2025 GMT Subject: CN=0a825a93e3308cb62595bea4f54a1af77cc083a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:33:da:02:09:3e:70:42:51:65:bd:0f:2e:80: 91:9a:5e:63:7b:e0:e9:7b:bd:84:cb:c8:49:24:07: 94:94:b9:bd:82:ea:c7:15:e6:07:d3:ff:95:cc:0b: 01:48:e0:b7:e6:8b:5d:c1:7f:0b:6a:0d:0a:a9:20: 91:a3:2c:e5:e3:f5:8d:bb:09:c1:5d:3c:e7:d5:b1: 31:04:f4:04:65:d8:3b:02:f9:ea:12:4f:0f:08:14: 66:db:fd:f3:4e:5c:96:40:d0:74:66:f9:93:3a:ec: 6c:1a:dd:37:9a:d6:25:55:a9:ee:60:e2:75:2b:f0: dd:69:83:9c:45:f7:86:b2:ad:dd:a6:2e:11:fb:00: 71:2a:89:cb:12:52:20:68:8c:3d:b4:33:61:70:8d: be:95:87:2c:b0:23:fc:0f:02:20:f4:5f:bf:de:ea: 32:68:8b:d5:d6:ea:d2:ee:4f:88:4d:47:22:45:28: 39:a7:3e:5f:61:6a:c8:6f:b3:77:99:36:d7:58:82: 18:6a:58:61:26:24:f8:65:b0:bb:d9:af:d1:6c:d8: 66:ae:5e:9f:de:ad:a7:c9:4f:83:66:da:bb:52:bd: 28:1e:54:19:10:30:6c:67:0b:ea:46:a2:30:a1:43: 22:e6:6e:74:06:8f:b4:aa:f6:85:ec:93:39:be:ea: 50:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:82:5A:93:E3:30:8C:B6:25:95:BE:A4:F5:4A:1A:F7:7C:C0:83:A7 X509v3 Authority Key Identifier: keyid:AB:7D:F0:7F:21:04:37:69:2F:77:EE:C3:46:9B:9A:48:2B:96:D1:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q33wfyEEN2kvd-7DRpuaSCuW0ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/287870-0e1b-4cd2-8f24-6710e96a1b6f/1/q33wfyEEN2kvd-7DRpuaSCuW0ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:f7:f6:62:f7:63:92:19:d5:00:6e:be:56:f6:36:7c:e5:4b: dd:0a:49:12:68:e8:89:53:4a:6a:3f:95:6b:12:46:65:38:92: c0:5c:eb:97:29:ab:73:bc:79:a3:14:36:08:54:09:7a:fa:a4: 33:c6:5f:c8:76:c1:0e:a9:32:f8:8c:db:d1:59:dc:e0:b2:d0: 72:38:f2:ee:c2:9a:a9:f8:c1:df:e2:64:9d:cb:1d:30:8c:6a: 7d:87:e5:cc:ee:bc:3b:f9:99:06:05:a6:95:5b:e6:96:b0:f1: b0:4b:5b:e4:bc:0e:c3:02:ea:ae:c3:f4:99:10:d4:3f:a7:7a: 17:43:fc:36:9a:8c:0a:5c:2b:48:74:90:d9:d2:d6:c0:69:9c: 07:a2:28:1a:02:b9:f4:d8:39:79:9d:b4:d9:ab:3b:77:d0:89: ad:20:01:1a:57:31:52:ee:66:b4:03:58:37:39:a3:1c:b6:69: f8:ad:3b:04:9c:01:70:88:e5:9f:99:b6:c4:d2:47:82:77:a7: 04:fe:1f:df:43:97:87:bb:85:8a:7d:c9:2d:b0:96:3a:2c:15: e1:ed:9d:8d:85:47:f0:f5:ef:2b:b3:a2:db:fa:30:63:3c:83: 11:3b:5f:f1:70:63:c1:ad:f4:55:b7:cf:26:b6:e4:97:4e:4d: f6:03:c5:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP3Yjh6Ls4n641KhrB72uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiN2RmMDdmMjEwNDM3NjkyZjc3ZWVjMzQ2OWI5YTQ4MmI5 NmQxYWEwHhcNMjUxMjA2MDYwMDM2WhcNMjUxMjA3MDYwMDM2WjAzMTEwLwYDVQQD EygwYTgyNWE5M2UzMzA4Y2I2MjU5NWJlYTRmNTRhMWFmNzdjYzA4M2E3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjPaAgk+cEJRZb0PLoCRml5je+Dp e72Ey8hJJAeUlLm9gurHFeYH0/+VzAsBSOC35otdwX8Lag0KqSCRoyzl4/WNuwnB XTzn1bExBPQEZdg7AvnqEk8PCBRm2/3zTlyWQNB0ZvmTOuxsGt03mtYlVanuYOJ1 K/DdaYOcRfeGsq3dpi4R+wBxKonLElIgaIw9tDNhcI2+lYcssCP8DwIg9F+/3uoy aIvV1urS7k+ITUciRSg5pz5fYWrIb7N3mTbXWIIYalhhJiT4ZbC72a/RbNhmrl6f 3q2nyU+DZtq7Ur0oHlQZEDBsZwvqRqIwoUMi5m50Bo+0qvaF7JM5vupQOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAqCWpPjMIy2JZW+pPVKGvd8wIOnMB8GA1UdIwQY MBaAFKt98H8hBDdpL3fuw0abmkgrltGqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQt NjcxMGU5NmExYjZmLzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS8yODc4NzAtMGUxYi00Y2QyLThmMjQtNjcxMGU5NmExYjZm LzEvcTMzd2Z5RUVOMmt2ZC03RFJwdWFTQ3VXMGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGff2Yvdj khnVAG6+VvY2fOVL3QpJEmjoiVNKaj+VaxJGZTiSwFzrlymrc7x5oxQ2CFQJevqk M8ZfyHbBDqky+Izb0Vnc4LLQcjjy7sKaqfjB3+JkncsdMIxqfYflzO68O/mZBgWm lVvmlrDxsEtb5LwOwwLqrsP0mRDUP6d6F0P8NpqMClwrSHSQ2dLWwGmcB6IoGgK5 9Ng5eZ202as7d9CJrSABGlcxUu5mtANYNzmjHLZp+K07BJwBcIjln5m2xNJHgnen BP4f30OXh7uFin3JLbCWOiwV4e2djYVH8PXvK7Oi2/owYzyDETtf8XBjwa30VbfP Jrbkl05N9gPF2A== -----END CERTIFICATE-----Generated at Sat Dec 6 13:26:27 2025 by rpki-client