This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json) Hash identifier: cUdGvV/ZwReTTUIGVcn6DQnw14BVAAiASkYRjUHa4J4= Subject key identifier: 8F:E4:0E:7B:A6:B1:A7:7D:F1:82:AE:46:01:AC:AA:75:30:4A:FA:73 Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0 Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0 Certificate serial: 019AF12E1E2F82E4D87DA5E6B1CF0015D82F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft Manifest number: 0A7E Signing time: Sat 06 Dec 2025 01:02:02 +0000 Manifest this update: Sat 06 Dec 2025 01:02:02 +0000 Manifest next update: Sun 07 Dec 2025 01:02:02 +0000 Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: zWghOCw17Z3vgKAkcQkBV5n0hEFWvuCT8g3tsJp6ICY=) 2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:1e:2f:82:e4:d8:7d:a5:e6:b1:cf:00:15:d8:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=090287256e25fa340d3afba780eac60d556adec0 Validity Not Before: Dec 6 01:02:02 2025 GMT Not After : Dec 7 01:02:02 2025 GMT Subject: CN=8fe40e7ba6b1a77df182ae4601acaa75304afa73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:15:e8:d6:14:61:84:15:d3:dd:5b:a1:af:1e: 2e:2b:91:94:6b:4b:b3:d8:2f:dc:5f:91:a7:e6:b4: db:dc:b6:7d:18:04:47:25:6e:ce:6d:25:cc:99:bf: 47:c1:14:3d:3d:77:be:0f:c3:d3:33:7c:2d:7d:84: da:92:87:b1:bc:ec:83:0b:c9:2c:47:39:5e:3b:32: 11:74:2a:fc:9f:93:a0:d4:53:08:97:de:f8:1c:2a: 55:80:4d:49:73:db:8c:15:cd:83:4f:a6:37:79:4f: ba:3c:06:d8:c3:fa:3d:91:67:ae:5d:3e:8c:b4:5b: 24:21:65:2c:3a:c9:90:69:56:f5:a8:61:a8:2e:45: f0:96:87:1b:f4:4e:30:08:c3:11:bd:87:ab:39:b1: d9:60:ed:43:28:83:f0:46:0e:e5:50:9a:26:ee:c4: 6c:0a:5e:c1:3d:92:3d:1d:59:09:91:61:9b:a4:c4: a8:0a:57:15:49:8e:22:ed:e7:2e:d1:68:f2:50:2b: ba:a9:38:42:0b:dc:78:90:e2:e7:01:53:c4:99:6c: e6:1b:df:1b:b9:04:1f:b0:99:66:d9:98:97:94:35: c3:c0:0e:c9:c8:7e:81:9a:16:61:f8:77:f9:9d:93: b3:d9:5c:6e:3e:d6:ee:80:0c:0e:e1:43:f9:d4:70: 8c:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:E4:0E:7B:A6:B1:A7:7D:F1:82:AE:46:01:AC:AA:75:30:4A:FA:73 X509v3 Authority Key Identifier: keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:d6:9a:51:aa:10:c4:9a:49:95:3d:71:69:25:2e:c8:41:a2: ff:7f:20:d0:7b:21:bc:30:96:9c:c8:8a:08:c9:ad:f8:f2:d7: af:0a:38:f8:1c:fe:cd:d5:8c:7d:a6:dc:ca:aa:1d:b9:d3:18: 1b:e9:e6:19:90:6b:7b:37:f0:5b:68:67:99:07:14:81:65:a5: 1f:83:19:53:70:43:7e:b4:88:1c:8e:8d:3c:38:59:ee:55:8b: 97:f0:a4:6f:b2:38:76:06:49:f8:2c:3f:36:4c:c9:6d:ff:11: 0c:b8:97:02:9b:a0:a6:51:7e:5a:56:15:4d:3c:c3:c3:8a:b2: 58:bf:01:17:48:f2:29:b6:5e:b8:8f:d8:d4:6a:9e:53:71:49: 2f:ce:7b:f7:a0:72:7d:0b:b2:7a:d6:b5:36:39:1c:52:16:c8: 15:db:f2:8f:4f:fe:00:b8:15:29:05:e0:a7:3d:95:13:43:fb: a2:6b:05:be:d7:4a:b7:a7:74:7a:40:30:0d:85:b3:2b:ac:43: a8:2d:39:e4:7b:cd:b8:7d:f6:4a:a1:09:e0:78:f3:90:e5:f7: c1:7c:25:4d:81:d1:c3:ce:2a:ce:7a:b0:2f:01:2f:9c:f2:cf: 43:4b:76:9a:7c:7d:a8:0b:86:c8:6b:9c:0a:19:4f:e2:17:ce: 21:43:89:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLh4vguTYfaXmsc8AFdgvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2 YWRlYzAwHhcNMjUxMjA2MDEwMjAyWhcNMjUxMjA3MDEwMjAyWjAzMTEwLwYDVQQD Eyg4ZmU0MGU3YmE2YjFhNzdkZjE4MmFlNDYwMWFjYWE3NTMwNGFmYTczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRXo1hRhhBXT3Vuhrx4uK5GUa0uz 2C/cX5Gn5rTb3LZ9GARHJW7ObSXMmb9HwRQ9PXe+D8PTM3wtfYTakoexvOyDC8ks RzleOzIRdCr8n5Og1FMIl974HCpVgE1Jc9uMFc2DT6Y3eU+6PAbYw/o9kWeuXT6M tFskIWUsOsmQaVb1qGGoLkXwlocb9E4wCMMRvYerObHZYO1DKIPwRg7lUJom7sRs Cl7BPZI9HVkJkWGbpMSoClcVSY4i7ecu0WjyUCu6qThCC9x4kOLnAVPEmWzmG98b uQQfsJlm2ZiXlDXDwA7JyH6BmhZh+Hf5nZOz2VxuPtbugAwO4UP51HCM4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI/kDnumsad98YKuRgGsqnUwSvpzMB8GA1UdIwQY MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtaaUaoQ xJpJlT1xaSUuyEGi/38g0HshvDCWnMiKCMmt+PLXrwo4+Bz+zdWMfabcyqodudMY G+nmGZBrezfwW2hnmQcUgWWlH4MZU3BDfrSIHI6NPDhZ7lWLl/Ckb7I4dgZJ+Cw/ NkzJbf8RDLiXApugplF+WlYVTTzDw4qyWL8BF0jyKbZeuI/Y1GqeU3FJL85796By fQuyeta1NjkcUhbIFdvyj0/+ALgVKQXgpz2VE0P7omsFvtdKt6d0ekAwDYWzK6xD qC055HvNuH32SqEJ4HjzkOX3wXwlTYHRw84qznqwLwEvnPLPQ0t2mnx9qAuGyGuc ChlP4hfOIUOJsw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:54:05 2025 by rpki-client