This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft File: 0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft (raw, json) Hash identifier: YxTBOCRHsUzRMo5kF4Zh9nc+o9L0kRbHoFtn+JXWpTI= Subject key identifier: 7A:C8:50:05:80:95:B2:21:B3:9D:78:2E:5B:24:38:80:A6:8D:F6:CE Authority key identifier: D2:A4:01:D1:FC:11:D2:2C:83:D5:D3:F5:6E:DD:48:E9:49:89:CC:17 Certificate issuer: /CN=d2a401d1fc11d22c83d5d3f56edd48e94989cc17 Certificate serial: 019AF0F5D3C6ADE582CB309C6AFA253E45BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qQB0fwR0iyD1dP1bt1I6UmJzBc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft Manifest number: 9A Signing time: Sat 06 Dec 2025 00:00:33 +0000 Manifest this update: Sat 06 Dec 2025 00:00:33 +0000 Manifest next update: Sun 07 Dec 2025 00:00:33 +0000 Files and hashes: 1: 0qQB0fwR0iyD1dP1bt1I6UmJzBc.crl (hash: SJ+I4vEoar04CXKQuA9XgO9q5E0F2TMFNQIoVMbqRgg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft rsync://rpki.ripe.net/repository/DEFAULT/0qQB0fwR0iyD1dP1bt1I6UmJzBc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:d3:c6:ad:e5:82:cb:30:9c:6a:fa:25:3e:45:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2a401d1fc11d22c83d5d3f56edd48e94989cc17 Validity Not Before: Dec 6 00:00:33 2025 GMT Not After : Dec 7 00:00:33 2025 GMT Subject: CN=7ac850058095b221b39d782e5b243880a68df6ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:3f:24:bd:80:dd:33:9a:05:90:35:73:f7:da: 28:48:0e:24:16:57:1f:34:58:9d:7d:a1:19:67:73: 15:f9:58:e5:ed:e5:88:49:6d:3f:eb:16:5e:a7:2a: 94:24:29:71:5c:45:f5:46:f4:9f:9e:22:82:a5:51: bd:a0:36:72:0f:fa:9a:38:e9:2b:2a:63:a0:e6:5a: b0:1a:ab:da:b9:52:8a:35:91:5f:34:d1:78:05:90: 6d:05:3b:b6:e2:17:84:7a:87:75:79:9f:96:2c:90: ae:f6:a7:79:c7:fb:05:e2:0c:41:2e:50:49:8d:c2: ec:f7:15:23:90:94:83:51:96:09:47:f2:d4:51:a7: a9:fa:37:b9:e7:2d:e4:61:6e:4c:c1:7b:5e:4c:83: f0:da:1c:8d:c5:bf:10:c8:cc:10:5f:a3:28:c8:b6: 6b:26:c7:d9:75:80:8e:68:7a:d9:f1:b2:48:af:36: a2:a3:c3:62:b7:bd:9a:ed:a1:49:c3:b9:b9:fb:78: b7:3e:4b:5a:51:25:df:f8:79:ac:74:d4:76:e3:d2: 05:71:fc:ef:7a:5b:3e:91:71:ae:13:fc:8b:7c:58: fc:c3:55:e1:ac:9d:da:3a:d2:dd:18:da:81:c3:89: fd:3d:43:f6:f6:0e:03:cd:b0:f7:fa:5b:74:14:82: 10:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:C8:50:05:80:95:B2:21:B3:9D:78:2E:5B:24:38:80:A6:8D:F6:CE X509v3 Authority Key Identifier: keyid:D2:A4:01:D1:FC:11:D2:2C:83:D5:D3:F5:6E:DD:48:E9:49:89:CC:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qQB0fwR0iyD1dP1bt1I6UmJzBc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/9ed3e2-90e5-422b-8f35-4482415c626d/1/0qQB0fwR0iyD1dP1bt1I6UmJzBc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:aa:a1:b1:77:d3:1d:a1:44:7e:91:44:69:e5:0a:5d:90:48: 65:87:7a:75:8c:3e:cd:25:c4:9e:6d:bf:5d:d3:19:a1:36:e7: 01:90:74:fc:f8:3c:0d:00:45:43:96:f1:ac:c6:7b:33:34:3d: 79:e8:f8:18:e9:7b:5f:41:2e:da:25:51:35:fe:47:83:74:d0: 90:46:42:4d:32:87:d0:98:55:a2:11:0a:c4:6d:32:98:ae:77: 8f:66:6c:ee:3a:2e:d8:9e:f1:35:23:31:4f:1a:41:9d:ea:03: ee:bd:68:a0:83:c5:52:68:1d:b7:54:38:37:29:96:bf:94:ad: 41:8a:a1:a0:d1:8b:66:31:b7:0c:43:54:09:e4:a8:4c:8a:3f: 4d:7e:65:c4:e1:ef:48:8d:21:78:ed:62:4c:a3:e3:0a:95:82: 55:4a:e6:f7:2d:b3:cf:d5:76:2e:42:4c:3c:89:a1:cb:d4:f8: 13:a5:3c:f9:21:cf:3a:2a:b5:5f:a6:b0:29:a7:08:47:e5:39: 80:81:e8:9a:d3:85:ba:67:02:6d:40:84:73:5c:a9:55:67:7a: a2:ed:b8:aa:08:97:7e:9c:5d:20:ad:0e:16:57:6e:1a:e1:a7: 01:91:33:ae:be:6b:01:d9:11:b8:2e:76:a7:fa:0f:2b:ff:d7: 64:18:54:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9dPGreWCyzCcavolPkW+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYTQwMWQxZmMxMWQyMmM4M2Q1ZDNmNTZlZGQ0OGU5NDk4 OWNjMTcwHhcNMjUxMjA2MDAwMDMzWhcNMjUxMjA3MDAwMDMzWjAzMTEwLwYDVQQD Eyg3YWM4NTAwNTgwOTViMjIxYjM5ZDc4MmU1YjI0Mzg4MGE2OGRmNmNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT8kvYDdM5oFkDVz99ooSA4kFlcf NFidfaEZZ3MV+Vjl7eWISW0/6xZepyqUJClxXEX1RvSfniKCpVG9oDZyD/qaOOkr KmOg5lqwGqvauVKKNZFfNNF4BZBtBTu24heEeod1eZ+WLJCu9qd5x/sF4gxBLlBJ jcLs9xUjkJSDUZYJR/LUUaep+je55y3kYW5MwXteTIPw2hyNxb8QyMwQX6MoyLZr JsfZdYCOaHrZ8bJIrzaio8Nit72a7aFJw7m5+3i3PktaUSXf+HmsdNR249IFcfzv els+kXGuE/yLfFj8w1XhrJ3aOtLdGNqBw4n9PUP29g4DzbD3+lt0FIIQNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHrIUAWAlbIhs514LlskOICmjfbOMB8GA1UdIwQY MBaAFNKkAdH8EdIsg9XT9W7dSOlJicwXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHFRQjBmd1IwaXlEMWRQMWJ0MUk2VW1KekJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85ZWQzZTItOTBlNS00MjJiLThmMzUt NDQ4MjQxNWM2MjZkLzEvMHFRQjBmd1IwaXlEMWRQMWJ0MUk2VW1KekJjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC85ZWQzZTItOTBlNS00MjJiLThmMzUtNDQ4MjQxNWM2MjZk LzEvMHFRQjBmd1IwaXlEMWRQMWJ0MUk2VW1KekJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqqqhsXfT HaFEfpFEaeUKXZBIZYd6dYw+zSXEnm2/XdMZoTbnAZB0/Pg8DQBFQ5bxrMZ7MzQ9 eej4GOl7X0Eu2iVRNf5Hg3TQkEZCTTKH0JhVohEKxG0ymK53j2Zs7jou2J7xNSMx TxpBneoD7r1ooIPFUmgdt1Q4NymWv5StQYqhoNGLZjG3DENUCeSoTIo/TX5lxOHv SI0heO1iTKPjCpWCVUrm9y2zz9V2LkJMPImhy9T4E6U8+SHPOiq1X6awKacIR+U5 gIHomtOFumcCbUCEc1ypVWd6ou24qgiXfpxdIK0OFlduGuGnAZEzrr5rAdkRuC52 p/oPK//XZBhUBQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:23:14 2025 by rpki-client