This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft File: qvHI3UCIS0nwiAZNPBANKhiahHQ.mft (raw, json) Hash identifier: DdrNqaxlbsmPcmp8o5uBZiBVbONpQN1CisSnJA0ZtBg= Subject key identifier: 7D:9F:E0:8F:E6:41:8E:E3:76:EE:DC:D4:0F:20:4D:3A:8F:6A:39:3D Authority key identifier: AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74 Certificate issuer: /CN=aaf1c8dd40884b49f088064d3c100d2a189a8474 Certificate serial: 019AF2ADC3C99EAC2DDA451155F285442A64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft Manifest number: 03BE Signing time: Sat 06 Dec 2025 08:01:05 +0000 Manifest this update: Sat 06 Dec 2025 08:01:05 +0000 Manifest next update: Sun 07 Dec 2025 08:01:05 +0000 Files and hashes: 1: UGApytPJPEIPFbzs4L0oU_KIdHM.roa (hash: cf5ZtJTmEf4eW9FhhtNmIkoS04da9/P7WQkJtlas3+0=) 2: qvHI3UCIS0nwiAZNPBANKhiahHQ.crl (hash: sTztmItXybnDJIkS71G0Re2NzVDdS/XimHdfgdvMgvE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:c3:c9:9e:ac:2d:da:45:11:55:f2:85:44:2a:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aaf1c8dd40884b49f088064d3c100d2a189a8474 Validity Not Before: Dec 6 08:01:05 2025 GMT Not After : Dec 7 08:01:05 2025 GMT Subject: CN=7d9fe08fe6418ee376eedcd40f204d3a8f6a393d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:1f:39:cd:09:90:06:37:6e:5a:23:26:d4:1c: 1d:66:cf:3b:20:13:a4:d2:1f:5f:53:1a:8d:0a:4e: 30:72:72:cc:28:08:55:10:01:4e:41:5c:b1:48:be: f9:11:62:3c:8e:4b:c2:f4:3a:8c:32:bf:18:2c:53: 51:02:52:f6:93:b8:b0:34:19:d7:b5:fb:57:89:36: 25:58:8a:02:50:9c:89:7a:f3:e4:8d:97:bb:a3:be: 8c:c5:1f:de:8c:99:d6:44:dc:32:b9:2d:06:b5:d5: 6d:1f:20:7d:26:a3:75:ff:41:d1:33:7b:71:c2:58: 9f:ed:40:dc:44:a6:aa:20:fa:53:81:fc:7d:cd:e7: e4:04:2d:53:64:f3:0a:be:aa:57:88:43:c8:c3:0a: 98:32:c7:77:45:53:e2:37:13:07:7b:65:21:01:07: 16:70:8b:56:37:28:74:a0:7a:6a:a5:31:4f:33:73: 85:a7:03:7e:a3:7c:4f:9c:86:1f:63:50:b0:49:90: 0c:7c:04:c2:e4:e7:85:36:83:4f:0e:99:6a:af:f2: 91:3c:68:b2:81:8d:4e:7f:af:79:ca:55:be:47:8e: 96:02:a1:b3:ad:88:49:17:ee:60:2c:c8:8d:a9:c8: e1:22:74:97:18:68:a2:b0:32:c5:85:7f:70:73:bd: 00:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:9F:E0:8F:E6:41:8E:E3:76:EE:DC:D4:0F:20:4D:3A:8F:6A:39:3D X509v3 Authority Key Identifier: keyid:AA:F1:C8:DD:40:88:4B:49:F0:88:06:4D:3C:10:0D:2A:18:9A:84:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvHI3UCIS0nwiAZNPBANKhiahHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/33900c-e6ce-444e-bc96-3b339d081f83/1/qvHI3UCIS0nwiAZNPBANKhiahHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:12:91:b8:05:09:ad:f5:64:ce:a9:6a:5b:f7:ae:16:a2:b6: 41:86:0a:3b:a2:fb:3e:69:c4:b5:dd:fb:77:25:93:92:88:37: a3:8f:37:ea:4e:86:45:df:a6:10:5f:1e:ca:24:8f:05:ef:04: 80:33:cc:65:45:05:e1:24:7c:77:3c:c4:e5:05:7a:fe:2b:e8: ea:f0:de:d6:8a:e8:a9:26:2e:5a:60:26:b6:cc:7e:a3:22:eb: 10:fa:21:c2:fd:bf:0e:57:29:7a:22:0e:f6:bb:36:0a:a5:eb: 63:a8:1d:2c:e9:54:7d:94:08:21:c7:4c:12:cb:0c:12:1f:e4: 0c:6f:d7:f9:ab:d5:36:0c:00:22:2e:52:fd:1c:3a:17:10:80: fd:a7:eb:66:5d:4f:74:56:f4:53:d6:a4:10:0f:19:a0:a0:c1: 31:f9:b5:ed:ee:00:44:43:f3:1b:bf:4e:4d:1f:a2:72:02:2f: 49:a0:2e:d1:04:fe:93:18:a6:8e:16:a4:c7:21:d2:3e:c6:a1: 9b:27:72:15:b1:97:fc:85:1f:74:47:51:8d:0c:f8:d2:82:f1: e7:79:cf:f5:4f:1f:b8:dc:78:f0:48:22:26:4c:f7:8a:32:f9: 08:2c:0a:e9:f9:db:77:57:97:32:cd:c0:4d:3a:d0:f3:3e:59: c4:01:4a:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrcPJnqwt2kURVfKFRCpkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZjFjOGRkNDA4ODRiNDlmMDg4MDY0ZDNjMTAwZDJhMTg5 YTg0NzQwHhcNMjUxMjA2MDgwMTA1WhcNMjUxMjA3MDgwMTA1WjAzMTEwLwYDVQQD Eyg3ZDlmZTA4ZmU2NDE4ZWUzNzZlZWRjZDQwZjIwNGQzYThmNmEzOTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB85zQmQBjduWiMm1BwdZs87IBOk 0h9fUxqNCk4wcnLMKAhVEAFOQVyxSL75EWI8jkvC9DqMMr8YLFNRAlL2k7iwNBnX tftXiTYlWIoCUJyJevPkjZe7o76MxR/ejJnWRNwyuS0GtdVtHyB9JqN1/0HRM3tx wlif7UDcRKaqIPpTgfx9zefkBC1TZPMKvqpXiEPIwwqYMsd3RVPiNxMHe2UhAQcW cItWNyh0oHpqpTFPM3OFpwN+o3xPnIYfY1CwSZAMfATC5OeFNoNPDplqr/KRPGiy gY1Of695ylW+R46WAqGzrYhJF+5gLMiNqcjhInSXGGiisDLFhX9wc70AGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH2f4I/mQY7jdu7c1A8gTTqPajk9MB8GA1UdIwQY MBaAFKrxyN1AiEtJ8IgGTTwQDSoYmoR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYt M2IzMzlkMDgxZjgzLzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi8zMzkwMGMtZTZjZS00NDRlLWJjOTYtM2IzMzlkMDgxZjgz LzEvcXZISTNVQ0lTMG53aUFaTlBCQU5LaGlhaEhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtxKRuAUJ rfVkzqlqW/euFqK2QYYKO6L7PmnEtd37dyWTkog3o4836k6GRd+mEF8eyiSPBe8E gDPMZUUF4SR8dzzE5QV6/ivo6vDe1oroqSYuWmAmtsx+oyLrEPohwv2/DlcpeiIO 9rs2CqXrY6gdLOlUfZQIIcdMEssMEh/kDG/X+avVNgwAIi5S/Rw6FxCA/afrZl1P dFb0U9akEA8ZoKDBMfm17e4AREPzG79OTR+icgIvSaAu0QT+kximjhakxyHSPsah mydyFbGX/IUfdEdRjQz40oLx53nP9U8fuNx48EgiJkz3ijL5CCwK6fnbd1eXMs3A TTrQ8z5ZxAFKTg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:14:44 2025 by rpki-client