This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft File: 0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft (raw, json) Hash identifier: q3z3TbSXNLCvSdP3yKPd8ilTv11bGG/QVeB2N4r8bVA= Subject key identifier: 70:16:E3:81:6B:94:5E:79:C0:F6:D9:59:26:57:88:04:39:00:F3:4B Authority key identifier: D2:A3:C8:CC:63:D0:E7:E0:69:CA:52:3F:34:EF:B3:95:3E:E2:1B:65 Certificate issuer: /CN=d2a3c8cc63d0e7e069ca523f34efb3953ee21b65 Certificate serial: 019AF209578BEC730963CE63E608ADBF1C99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft Manifest number: 1129 Signing time: Sat 06 Dec 2025 05:01:29 +0000 Manifest this update: Sat 06 Dec 2025 05:01:29 +0000 Manifest next update: Sun 07 Dec 2025 05:01:29 +0000 Files and hashes: 1: 0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl (hash: OJpJk0WTmcgq2JQKGZTBXwmSAAccAOSMlwdkJiE7GnI=) 2: Ut4z4tImR83ncGrwpXNPaCBz4dc.roa (hash: x3Tb8uXmHgRhBdCjWUywrl5EoWV8hOlCverEGcV2UXg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:57:8b:ec:73:09:63:ce:63:e6:08:ad:bf:1c:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2a3c8cc63d0e7e069ca523f34efb3953ee21b65 Validity Not Before: Dec 6 05:01:29 2025 GMT Not After : Dec 7 05:01:29 2025 GMT Subject: CN=7016e3816b945e79c0f6d959265788043900f34b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:6d:48:5d:b3:98:7d:08:39:a4:de:e0:b5:1f: 3a:7b:a5:c9:5e:db:a2:c5:2c:47:74:d6:a4:62:cb: 3e:dd:bc:4d:01:99:c4:a1:b6:ea:88:de:3a:ee:72: 1d:64:a0:58:4d:bc:35:a0:ab:db:79:8d:32:f1:97: 50:71:7c:8c:f4:3f:a6:02:3f:52:e7:fc:ee:5d:d4: b9:c1:6f:41:a7:6c:5d:5e:ec:06:c4:b3:ab:9b:81: 16:f7:0a:7e:91:4a:f1:ae:18:c6:95:84:d7:6e:6a: 6a:b1:19:ee:9f:18:a5:84:77:60:7f:78:cd:1a:4c: b2:0c:a7:e6:cb:ec:1a:d2:c5:e9:76:de:13:d4:bf: 95:51:fa:eb:88:63:2f:02:17:6b:d5:3f:19:90:61: ea:f0:5f:71:82:1a:9d:5d:2c:39:5a:62:73:69:64: b3:8a:9f:0e:5c:75:d9:43:a5:70:4f:6b:22:d7:68: 01:c7:85:72:01:09:e1:d2:c0:7b:f6:b4:4c:71:0f: 62:c7:61:aa:ad:ea:71:e2:f7:60:3d:40:ae:4c:c9: b1:02:31:27:1a:a2:48:ee:9e:b6:1a:17:27:12:55: 4e:a2:f4:10:3d:d2:77:15:74:70:6a:72:d2:28:61: cc:10:7f:28:fb:f6:43:3e:b1:b7:02:83:37:9e:99: d0:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:16:E3:81:6B:94:5E:79:C0:F6:D9:59:26:57:88:04:39:00:F3:4B X509v3 Authority Key Identifier: keyid:D2:A3:C8:CC:63:D0:E7:E0:69:CA:52:3F:34:EF:B3:95:3E:E2:1B:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:2a:61:a3:e0:33:b9:0c:fb:24:89:2a:94:82:6c:e8:4a:f8: 80:94:94:37:99:9e:76:a9:80:af:f5:6b:8c:b1:b8:42:46:3e: ff:2e:cb:d4:14:8d:38:62:30:62:e3:3c:0d:14:8d:88:8e:a2: 64:45:76:66:b9:e1:5f:47:31:a0:7f:45:4a:a3:ae:ad:c5:f3: 40:e9:90:e5:96:53:59:a3:58:5e:77:e4:ec:e6:4e:af:1f:3d: 30:9e:65:1b:db:35:b4:7e:35:d3:78:78:23:78:bd:a4:d2:94: c3:31:4d:d7:19:c3:9e:b9:e4:28:24:f7:d8:5c:b8:22:25:e6: e5:85:1b:a9:ad:20:92:d3:9d:7e:c0:11:c9:f6:4a:b9:36:22: c4:c3:6a:2c:9e:55:3e:50:61:ec:67:64:c4:4c:9b:c0:bd:2a: 75:7f:23:28:9a:43:b9:35:c5:94:70:31:90:fd:07:16:5b:50: 3e:53:d8:10:1a:2c:df:7b:0f:c1:1e:31:e0:2c:dc:9d:56:c1: eb:19:8b:18:c8:01:20:a3:a5:fa:32:3c:f1:be:9a:88:7f:c6: 17:c6:e0:ee:35:01:c7:cb:9d:53:d0:dd:d0:2b:68:51:44:0c: 84:40:c4:f8:1c:20:90:73:d7:4b:cd:d1:f4:09:c3:25:ee:0d: fd:03:f0:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCVeL7HMJY85j5gitvxyZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYTNjOGNjNjNkMGU3ZTA2OWNhNTIzZjM0ZWZiMzk1M2Vl MjFiNjUwHhcNMjUxMjA2MDUwMTI5WhcNMjUxMjA3MDUwMTI5WjAzMTEwLwYDVQQD Eyg3MDE2ZTM4MTZiOTQ1ZTc5YzBmNmQ5NTkyNjU3ODgwNDM5MDBmMzRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm1IXbOYfQg5pN7gtR86e6XJXtui xSxHdNakYss+3bxNAZnEobbqiN467nIdZKBYTbw1oKvbeY0y8ZdQcXyM9D+mAj9S 5/zuXdS5wW9Bp2xdXuwGxLOrm4EW9wp+kUrxrhjGlYTXbmpqsRnunxilhHdgf3jN GkyyDKfmy+wa0sXpdt4T1L+VUfrriGMvAhdr1T8ZkGHq8F9xghqdXSw5WmJzaWSz ip8OXHXZQ6VwT2si12gBx4VyAQnh0sB79rRMcQ9ix2Gqrepx4vdgPUCuTMmxAjEn GqJI7p62GhcnElVOovQQPdJ3FXRwanLSKGHMEH8o+/ZDPrG3AoM3npnQpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHAW44FrlF55wPbZWSZXiAQ5APNLMB8GA1UdIwQY MBaAFNKjyMxj0OfgacpSPzTvs5U+4htlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kMGExZmUtMGI2NS00ZDUwLWFlMmYt MTI4OTg2OTdhODYyLzEvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS9kMGExZmUtMGI2NS00ZDUwLWFlMmYtMTI4OTg2OTdhODYy LzEvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaSpho+Az uQz7JIkqlIJs6Er4gJSUN5medqmAr/VrjLG4QkY+/y7L1BSNOGIwYuM8DRSNiI6i ZEV2ZrnhX0cxoH9FSqOurcXzQOmQ5ZZTWaNYXnfk7OZOrx89MJ5lG9s1tH4103h4 I3i9pNKUwzFN1xnDnrnkKCT32Fy4IiXm5YUbqa0gktOdfsARyfZKuTYixMNqLJ5V PlBh7GdkxEybwL0qdX8jKJpDuTXFlHAxkP0HFltQPlPYEBos33sPwR4x4CzcnVbB 6xmLGMgBIKOl+jI88b6aiH/GF8bg7jUBx8udU9Dd0CtoUUQMhEDE+BwgkHPXS83R 9AnDJe4N/QPw/A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:19:54 2025 by rpki-client