This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json) Hash identifier: JdrKLta8GpLqWHET6My65VrBgxjavdI/MrgvrrqS7Ow= Subject key identifier: E3:58:4D:18:7C:57:9A:A2:28:DD:7A:1D:82:87:B9:A0:F9:58:EF:83 Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90 Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90 Certificate serial: 019AF276E85F8EAEE459BC6848CE145EEA0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft Manifest number: 0D7E Signing time: Sat 06 Dec 2025 07:01:10 +0000 Manifest this update: Sat 06 Dec 2025 07:01:10 +0000 Manifest next update: Sun 07 Dec 2025 07:01:10 +0000 Files and hashes: 1: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: 9/dIgdh3vn+utFX4Zz8J43/fxJ9m9jFMyWheHBtV9GM=) 2: u25_l7rqpA4jc9Mn9X_nn6jE1D8.roa (hash: XxkiW8kKfa52GpQHHiGBtUNZJLczRvJy5PTfiodYsrs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:e8:5f:8e:ae:e4:59:bc:68:48:ce:14:5e:ea:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90 Validity Not Before: Dec 6 07:01:10 2025 GMT Not After : Dec 7 07:01:10 2025 GMT Subject: CN=e3584d187c579aa228dd7a1d8287b9a0f958ef83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:55:98:81:94:c6:ee:ff:28:5e:8b:73:7c:65: 8e:a4:6c:31:a7:63:2d:9b:a4:6e:3d:cc:b6:06:f8: d1:b1:1d:92:eb:c8:15:ed:81:5d:e1:b4:a3:6b:a7: c9:42:17:97:6e:63:b5:12:f2:c4:ba:4d:8f:ef:b1: 00:a0:f9:68:8e:bb:10:7d:42:37:a7:35:5f:3d:ca: e5:a4:d3:33:ea:f3:7d:4a:a2:bd:ae:b5:9f:96:42: 08:23:66:55:b8:73:f8:94:e0:48:da:54:f7:48:d4: 76:ec:03:69:2e:0d:39:a6:a6:ba:b6:b4:68:d0:0e: 6c:71:93:97:b5:99:3d:1b:11:32:12:7d:b3:e6:5c: 42:01:cf:0c:15:a7:6f:a1:8c:34:91:d1:10:1b:5c: 67:27:72:d8:75:28:3c:46:90:27:a3:69:c6:5a:32: fc:cf:c3:36:7a:ad:d5:a9:23:96:fa:cf:9b:92:a6: 00:93:8e:89:95:64:c9:89:64:f9:66:67:c7:cf:11: 9b:ae:08:da:b1:82:7d:42:7c:fd:f2:45:13:20:b1: 34:d8:2e:ed:ba:32:6c:71:70:96:74:a3:fe:38:7b: 7e:e5:20:b8:1a:12:fa:7f:03:7e:84:a8:f6:42:6f: 4e:6d:01:01:71:cb:e4:bd:70:71:44:bc:86:e9:1c: 01:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:58:4D:18:7C:57:9A:A2:28:DD:7A:1D:82:87:B9:A0:F9:58:EF:83 X509v3 Authority Key Identifier: keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:a5:d6:26:8e:e1:c8:3f:81:bf:59:b9:11:8d:95:6b:bb:06: bc:4b:07:59:dd:c3:eb:bb:04:ca:1b:00:c6:46:89:b1:26:b6: 14:51:da:02:a2:0a:82:9d:d0:ab:1c:d8:c7:1d:7a:c5:f8:fa: d4:e6:7c:75:e5:67:9c:81:59:cd:5b:8e:5e:02:f0:00:06:c2: cb:01:b5:2b:14:0a:b2:52:ab:d8:04:7b:2a:80:73:85:e3:ee: df:1f:d9:bf:3f:24:98:35:2c:2c:26:a7:3e:74:cc:6a:88:d7: 96:5b:8b:4d:17:6e:9c:fa:b7:f0:a3:5b:4c:ae:2a:27:6d:e7: b1:1e:a4:2b:9e:cc:4e:9d:f6:49:e8:7d:50:70:ba:b8:94:82: f4:34:e9:3b:a4:be:10:de:7e:bf:7b:ba:fd:c8:8b:d1:d8:97: 1c:eb:9a:e2:60:5c:47:6e:ad:02:24:0f:81:d2:23:4c:b4:43: 33:7f:c1:54:07:05:dd:3e:eb:bf:9c:33:02:4f:49:52:06:5b: e2:19:ed:cf:dd:e3:27:e1:44:2b:4c:11:a8:ca:aa:c2:fa:c8: d2:85:bd:55:23:48:06:b3:6a:5a:f5:39:20:5f:88:bd:46:58: df:da:7b:56:46:65:9f:0c:04:09:d1:73:93:b8:0a:2b:ff:05: c6:4d:f1:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryduhfjq7kWbxoSM4UXuoNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4 NjllOTAwHhcNMjUxMjA2MDcwMTEwWhcNMjUxMjA3MDcwMTEwWjAzMTEwLwYDVQQD EyhlMzU4NGQxODdjNTc5YWEyMjhkZDdhMWQ4Mjg3YjlhMGY5NThlZjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VWYgZTG7v8oXotzfGWOpGwxp2Mt m6RuPcy2BvjRsR2S68gV7YFd4bSja6fJQheXbmO1EvLEuk2P77EAoPlojrsQfUI3 pzVfPcrlpNMz6vN9SqK9rrWflkIII2ZVuHP4lOBI2lT3SNR27ANpLg05pqa6trRo 0A5scZOXtZk9GxEyEn2z5lxCAc8MFadvoYw0kdEQG1xnJ3LYdSg8RpAno2nGWjL8 z8M2eq3VqSOW+s+bkqYAk46JlWTJiWT5ZmfHzxGbrgjasYJ9Qnz98kUTILE02C7t ujJscXCWdKP+OHt+5SC4GhL6fwN+hKj2Qm9ObQEBccvkvXBxRLyG6RwBSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFONYTRh8V5qiKN16HYKHuaD5WO+DMB8GA1UdIwQY MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2 LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKXWJo7h yD+Bv1m5EY2Va7sGvEsHWd3D67sEyhsAxkaJsSa2FFHaAqIKgp3QqxzYxx16xfj6 1OZ8deVnnIFZzVuOXgLwAAbCywG1KxQKslKr2AR7KoBzhePu3x/Zvz8kmDUsLCan PnTMaojXlluLTRdunPq38KNbTK4qJ23nsR6kK57MTp32Seh9UHC6uJSC9DTpO6S+ EN5+v3u6/ciL0diXHOua4mBcR26tAiQPgdIjTLRDM3/BVAcF3T7rv5wzAk9JUgZb 4hntz93jJ+FEK0wRqMqqwvrI0oW9VSNIBrNqWvU5IF+IvUZY39p7VkZlnwwECdFz k7gKK/8Fxk3x7w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:19:20 2025 by rpki-client