This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft File: q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft (raw, json) Hash identifier: 8edB8EtlaCoyYJ6zSQW+5mcOFCwdyvldDc67cRf6dnk= Subject key identifier: B1:15:44:37:FA:5D:E3:B9:35:E4:39:98:68:C2:9E:DA:FD:3F:86:18 Authority key identifier: AB:85:20:EC:83:E3:0E:B7:93:8B:80:02:F4:70:F0:D1:C5:05:C4:51 Certificate issuer: /CN=ab8520ec83e30eb7938b8002f470f0d1c505c451 Certificate serial: 019AF38A17C0ABE380AF36D8E30C6AF4748C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft Manifest number: 0D55 Signing time: Sat 06 Dec 2025 12:01:44 +0000 Manifest this update: Sat 06 Dec 2025 12:01:44 +0000 Manifest next update: Sun 07 Dec 2025 12:01:44 +0000 Files and hashes: 1: 0SSsSk3JYtZfVKoUdIXep-skUls.roa (hash: lo1rRlcKmSiP/o5fsPXMsNzyze1q/0lfZDjTXaH15HI=) 2: q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl (hash: ZwaYb5NsYkbNXkfwee8Ve8EP93aEpk7xxF1FBP5KdK8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:8a:17:c0:ab:e3:80:af:36:d8:e3:0c:6a:f4:74:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab8520ec83e30eb7938b8002f470f0d1c505c451 Validity Not Before: Dec 6 12:01:44 2025 GMT Not After : Dec 7 12:01:44 2025 GMT Subject: CN=b1154437fa5de3b935e4399868c29edafd3f8618 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:71:1c:67:49:0d:82:2d:5e:74:5e:a1:3c:a0: 96:44:90:6a:0a:57:7b:28:b3:77:be:32:a2:64:3c: 43:9e:bb:b3:f4:22:80:44:74:b3:64:e6:dc:c0:01: 9b:13:b9:47:78:47:89:b6:93:d0:02:3a:1d:33:c6: c2:31:8c:70:70:cb:d3:53:f4:f3:59:6a:26:9f:7f: ec:51:9b:a8:ac:05:90:fc:44:fd:a6:f9:3a:1b:43: 69:93:80:3c:6a:d8:df:9d:81:49:4a:0d:f7:b9:a7: a8:6d:c0:65:3f:d0:75:7c:59:81:66:44:f4:6c:4e: ad:58:d5:57:d6:c7:b0:3c:70:77:97:f7:2d:6a:50: ed:e7:a7:f0:70:44:f5:61:14:f2:6d:c2:35:4d:b3: 70:15:5b:e2:3b:d4:a9:45:3e:78:f0:bd:f7:47:eb: ac:00:77:a1:2c:1a:a9:d9:8d:65:6d:fc:96:4f:80: c9:d4:c3:05:e6:1f:e8:7b:33:b3:40:87:9b:83:a0: 62:1c:ed:5c:68:b2:dd:d0:cb:6a:d3:72:02:8a:e1: 2f:f6:d0:ff:c0:9b:1f:64:37:75:14:65:3b:6a:8f: bc:a9:1c:49:35:1e:c3:f7:35:19:9d:9d:92:df:44: fb:7f:da:ac:5f:34:46:b9:85:1f:4e:0d:b3:9d:44: ef:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:15:44:37:FA:5D:E3:B9:35:E4:39:98:68:C2:9E:DA:FD:3F:86:18 X509v3 Authority Key Identifier: keyid:AB:85:20:EC:83:E3:0E:B7:93:8B:80:02:F4:70:F0:D1:C5:05:C4:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:1b:ed:3d:ab:42:df:5c:fb:20:48:78:75:25:24:f5:04:da: df:c4:59:2f:8b:ee:36:bf:33:d6:9f:f6:c4:b7:ab:5e:0f:4d: f5:dd:97:c8:bc:d1:9a:f7:9c:8f:a3:5a:d2:87:2f:a4:03:4b: ed:2a:2f:ec:14:b5:91:b1:c2:db:02:21:d6:d2:01:cf:b6:bb: 81:b7:53:9c:b2:96:73:c0:03:e2:87:9c:98:fe:53:35:28:c8: f5:32:f3:d5:84:e3:66:98:89:53:18:90:e4:ab:20:4d:80:34: 61:01:50:e1:ae:48:78:cc:0b:85:7a:27:bd:20:2b:bc:04:80: f4:00:da:52:dc:e0:be:e3:56:f1:31:7e:44:82:35:98:b1:17: f7:51:ef:5a:b1:b6:74:02:ee:11:38:e0:77:f2:9a:c7:d9:fc: 15:33:34:8a:e9:e2:98:a9:ed:33:73:35:a8:69:eb:f7:c5:4b: 98:58:25:85:6e:e9:33:6d:ec:61:3d:d3:bf:3d:1f:f0:25:c2: 39:a8:a9:0d:57:a7:bc:3f:56:ec:fb:d4:e4:05:ec:f4:af:7d: bf:d2:15:94:2c:93:67:78:d7:bc:95:8c:f9:54:19:5a:93:28: ad:be:18:67:48:29:4c:63:5d:32:6a:f4:8b:5d:bc:95:a5:db: 20:30:5f:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzihfAq+OArzbY4wxq9HSMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiODUyMGVjODNlMzBlYjc5MzhiODAwMmY0NzBmMGQxYzUw NWM0NTEwHhcNMjUxMjA2MTIwMTQ0WhcNMjUxMjA3MTIwMTQ0WjAzMTEwLwYDVQQD EyhiMTE1NDQzN2ZhNWRlM2I5MzVlNDM5OTg2OGMyOWVkYWZkM2Y4NjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XEcZ0kNgi1edF6hPKCWRJBqCld7 KLN3vjKiZDxDnruz9CKARHSzZObcwAGbE7lHeEeJtpPQAjodM8bCMYxwcMvTU/Tz WWomn3/sUZuorAWQ/ET9pvk6G0Npk4A8atjfnYFJSg33uaeobcBlP9B1fFmBZkT0 bE6tWNVX1sewPHB3l/ctalDt56fwcET1YRTybcI1TbNwFVviO9SpRT548L33R+us AHehLBqp2Y1lbfyWT4DJ1MMF5h/oezOzQIebg6BiHO1caLLd0Mtq03ICiuEv9tD/ wJsfZDd1FGU7ao+8qRxJNR7D9zUZnZ2S30T7f9qsXzRGuYUfTg2znUTv9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLEVRDf6XeO5NeQ5mGjCntr9P4YYMB8GA1UdIwQY MBaAFKuFIOyD4w63k4uAAvRw8NHFBcRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mYWVhNjUtOTBiNC00NmRiLWJlZWYt ODRiNDczYjllYmNkLzEvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mYWVhNjUtOTBiNC00NmRiLWJlZWYtODRiNDczYjllYmNk LzEvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZxvtPatC 31z7IEh4dSUk9QTa38RZL4vuNr8z1p/2xLerXg9N9d2XyLzRmvecj6Na0ocvpANL 7Sov7BS1kbHC2wIh1tIBz7a7gbdTnLKWc8AD4oecmP5TNSjI9TLz1YTjZpiJUxiQ 5KsgTYA0YQFQ4a5IeMwLhXonvSArvASA9ADaUtzgvuNW8TF+RII1mLEX91HvWrG2 dALuETjgd/Kax9n8FTM0iunimKntM3M1qGnr98VLmFglhW7pM23sYT3Tvz0f8CXC OaipDVenvD9W7PvU5AXs9K99v9IVlCyTZ3jXvJWM+VQZWpMorb4YZ0gpTGNdMmr0 i128laXbIDBfyA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:57:43 2025 by rpki-client