This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft File: WqKpJUebz8vBloipUqJDAfTnaDk.mft (raw, json) Hash identifier: J9dokxGEjoXwz3RiZdCOpzmgnAE83RoDGH9gWPB6bkE= Subject key identifier: 99:8F:02:27:44:6D:9A:0E:DC:E7:22:F1:80:D3:27:C9:63:2C:3B:92 Authority key identifier: 5A:A2:A9:25:47:9B:CF:CB:C1:96:88:A9:52:A2:43:01:F4:E7:68:39 Certificate issuer: /CN=5aa2a925479bcfcbc19688a952a24301f4e76839 Certificate serial: 019B269AE871AC2C4B44D670E00CDC8E24F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft Manifest number: 08D4 Signing time: Tue 16 Dec 2025 10:00:44 +0000 Manifest this update: Tue 16 Dec 2025 10:00:44 +0000 Manifest next update: Wed 17 Dec 2025 10:00:44 +0000 Files and hashes: 1: WqKpJUebz8vBloipUqJDAfTnaDk.crl (hash: ocd+MJSSNHq8065wDZbOGTQrZe6mPJIklxPWaadFYnI=) 2: jYQY-U25B3NSBy3Axt-DvgoJjdQ.roa (hash: zP4WnXpWxsW1++MaE9e5/n5ALBQb36qRJjvWEAaaUiU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 10:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:9a:e8:71:ac:2c:4b:44:d6:70:e0:0c:dc:8e:24:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5aa2a925479bcfcbc19688a952a24301f4e76839 Validity Not Before: Dec 16 10:00:44 2025 GMT Not After : Dec 17 10:00:44 2025 GMT Subject: CN=998f0227446d9a0edce722f180d327c9632c3b92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:61:9f:5c:60:e9:b0:66:aa:59:68:4c:97:05: 3c:b3:b9:0a:39:5d:ff:41:90:ba:7a:9f:03:da:bd: 2e:f8:f4:b2:b5:f5:51:b0:40:90:7b:3e:5b:cf:89: 8e:16:8d:d2:d8:99:f2:d7:1c:b8:fd:d0:5e:7a:82: 7b:52:55:32:75:d9:f4:51:0a:15:b0:1e:29:2a:59: 0d:77:89:45:6c:74:bc:04:3e:83:c3:a6:ad:f8:33: c0:bd:de:97:6f:ee:f1:b2:9d:6c:dd:6f:a7:94:77: fd:69:7d:cc:37:b4:ee:33:c5:61:2f:31:9d:95:ef: 11:74:45:eb:50:45:a8:2b:4a:08:c0:37:bf:34:df: ba:c3:cb:2f:62:46:8e:07:12:96:63:25:ac:23:b4: f7:83:98:1a:c8:88:9e:38:06:40:31:83:a7:34:a0: 5d:61:2f:18:48:e0:a7:91:56:9d:dc:b9:a0:50:87: a1:08:06:2a:31:51:8a:87:d2:ab:36:1a:ee:d5:1e: 0a:35:53:c0:e3:f2:99:94:fe:fb:90:64:25:d0:11: 98:b9:53:99:64:70:a0:59:32:77:90:d0:a0:1e:0d: 5b:f7:da:46:ae:97:b5:3f:50:1e:45:fc:59:75:20: 76:e0:ce:27:1b:22:56:01:6c:e9:6d:31:ed:0b:33: 17:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:8F:02:27:44:6D:9A:0E:DC:E7:22:F1:80:D3:27:C9:63:2C:3B:92 X509v3 Authority Key Identifier: keyid:5A:A2:A9:25:47:9B:CF:CB:C1:96:88:A9:52:A2:43:01:F4:E7:68:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqKpJUebz8vBloipUqJDAfTnaDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0a030f-abb5-4e37-96a3-b4f120122922/1/WqKpJUebz8vBloipUqJDAfTnaDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:94:b4:73:33:a5:d9:db:2c:d1:e5:e6:0c:a2:99:c7:e8:95: b3:bb:cd:60:77:b2:9d:b4:e2:58:ed:ca:3f:01:cd:40:e6:13: 69:24:cc:4c:5b:76:0b:21:f7:4f:67:fb:02:09:3e:24:0f:ed: 98:a5:fd:03:02:0b:83:67:e0:2e:c6:1f:d3:ca:8f:4b:50:17: 0e:a6:bb:e4:d0:e1:48:3e:9a:de:93:fc:0d:98:da:93:72:78: 20:50:44:e4:34:2e:40:35:45:7f:ac:3a:e6:a9:6f:57:23:12: 76:ec:19:ff:7b:ad:d8:c0:2e:08:62:2d:9e:7e:5c:94:79:b4: 3a:00:88:91:f2:a7:60:e7:07:de:c5:36:85:43:e7:63:10:43: c3:46:5c:88:82:45:37:a0:88:51:82:66:4c:b2:aa:5f:06:d5: 18:2f:14:fb:37:df:8c:4d:88:c1:76:6e:8d:f3:48:f0:2f:4d: 05:70:84:14:75:cf:89:4d:34:04:a6:1a:68:d3:f9:f2:77:5c: a0:97:ad:6b:e9:70:50:e7:56:68:8b:11:85:69:1b:5d:7e:1c: 1b:0d:03:33:fa:75:d0:60:35:77:d7:01:0a:2d:a2:8a:4e:e9: 73:13:3b:63:ee:e8:24:56:4e:a3:bb:d7:41:d1:49:81:f5:fa: ed:10:67:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmmuhxrCxLRNZw4AzcjiTyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhYTJhOTI1NDc5YmNmY2JjMTk2ODhhOTUyYTI0MzAxZjRl NzY4MzkwHhcNMjUxMjE2MTAwMDQ0WhcNMjUxMjE3MTAwMDQ0WjAzMTEwLwYDVQQD Eyg5OThmMDIyNzQ0NmQ5YTBlZGNlNzIyZjE4MGQzMjdjOTYzMmMzYjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGGfXGDpsGaqWWhMlwU8s7kKOV3/ QZC6ep8D2r0u+PSytfVRsECQez5bz4mOFo3S2Jny1xy4/dBeeoJ7UlUyddn0UQoV sB4pKlkNd4lFbHS8BD6Dw6at+DPAvd6Xb+7xsp1s3W+nlHf9aX3MN7TuM8VhLzGd le8RdEXrUEWoK0oIwDe/NN+6w8svYkaOBxKWYyWsI7T3g5gayIieOAZAMYOnNKBd YS8YSOCnkVad3LmgUIehCAYqMVGKh9KrNhru1R4KNVPA4/KZlP77kGQl0BGYuVOZ ZHCgWTJ3kNCgHg1b99pGrpe1P1AeRfxZdSB24M4nGyJWAWzpbTHtCzMXHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJmPAidEbZoO3Oci8YDTJ8ljLDuSMB8GA1UdIwQY MBaAFFqiqSVHm8/LwZaIqVKiQwH052g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYTAzMGYtYWJiNS00ZTM3LTk2YTMt YjRmMTIwMTIyOTIyLzEvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS8wYTAzMGYtYWJiNS00ZTM3LTk2YTMtYjRmMTIwMTIyOTIy LzEvV3FLcEpVZWJ6OHZCbG9pcFVxSkRBZlRuYURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf5S0czOl 2dss0eXmDKKZx+iVs7vNYHeynbTiWO3KPwHNQOYTaSTMTFt2CyH3T2f7Agk+JA/t mKX9AwILg2fgLsYf08qPS1AXDqa75NDhSD6a3pP8DZjak3J4IFBE5DQuQDVFf6w6 5qlvVyMSduwZ/3ut2MAuCGItnn5clHm0OgCIkfKnYOcH3sU2hUPnYxBDw0ZciIJF N6CIUYJmTLKqXwbVGC8U+zffjE2IwXZujfNI8C9NBXCEFHXPiU00BKYaaNP58ndc oJeta+lwUOdWaIsRhWkbXX4cGw0DM/p10GA1d9cBCi2iik7pcxM7Y+7oJFZOo7vX QdFJgfX67RBnAA== -----END CERTIFICATE-----Generated at Tue Dec 16 19:11:41 2025 by rpki-client