This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft File: CQggTXz1vEqrOP-jnaOmge0he9Q.mft (raw, json) Hash identifier: oJV3DTfp8zNssEMdb1Lx5ujr5OmbDzHuGJ8+wuMlraM= Subject key identifier: 5D:03:CA:16:FF:3C:2C:49:1F:CC:34:62:DE:2D:C6:CB:8F:A6:A4:1B Authority key identifier: 09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4 Certificate issuer: /CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4 Certificate serial: 019AF2769D4DF3571645104574B6557A82D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 07:00:50 +0000 Manifest this update: Sat 06 Dec 2025 07:00:50 +0000 Manifest next update: Sun 07 Dec 2025 07:00:50 +0000 Files and hashes: 1: CQggTXz1vEqrOP-jnaOmge0he9Q.crl (hash: K6CQzqMiEykagCUbNUAsLpTaQ8qvIH0HUaIRNiuBQPs=) 2: sDPpx-mL_-TYo49AUalN83Hb7rw.roa (hash: TLER53MCgePm+J2o6lGDLT56kpvbjUNH4PxF0iwFFXE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:9d:4d:f3:57:16:45:10:45:74:b6:55:7a:82:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4 Validity Not Before: Dec 6 07:00:50 2025 GMT Not After : Dec 7 07:00:50 2025 GMT Subject: CN=5d03ca16ff3c2c491fcc3462de2dc6cb8fa6a41b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4b:9f:7c:5b:61:88:26:b3:5b:71:ed:66:16: d0:2b:2c:43:a0:e9:33:5a:de:28:a0:51:59:8c:b3: 35:06:48:2d:14:f1:f1:2a:22:be:ca:27:79:15:88: 96:7f:fd:11:de:a6:d3:6a:95:19:f9:62:88:a6:bf: a0:27:02:f4:74:00:88:e5:ef:b3:1f:2d:a2:8d:01: 2e:f4:34:6f:c3:e0:ba:09:d6:85:10:8f:a4:92:fb: 7b:95:b1:4a:91:66:02:6b:d6:8e:1d:c0:48:6b:c4: 3b:0f:4e:cd:40:90:75:80:90:64:63:97:aa:83:6e: 58:10:c9:cb:ee:a0:3d:53:44:34:ac:12:6b:a6:c5: 8e:8b:20:e9:b9:7b:1f:08:cf:da:58:e9:2d:7f:6c: cb:74:08:7a:f9:63:ad:83:34:4a:23:a4:a0:e5:72: 1b:a0:f2:98:ab:c7:0c:2c:d8:da:bc:c6:4e:a0:d4: d5:69:33:b4:f1:39:a1:17:eb:cc:2d:92:8f:c8:a3: 44:67:64:bd:51:83:8d:41:6d:bf:27:5b:b5:58:6d: 4c:fc:f9:31:de:eb:81:c4:f8:df:2e:32:79:30:30: ea:ee:6e:f9:0a:0f:b9:31:36:ca:89:e3:9e:c4:33: 8e:42:8d:1c:79:d5:91:b5:52:ce:16:d7:f2:94:6d: 9e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:03:CA:16:FF:3C:2C:49:1F:CC:34:62:DE:2D:C6:CB:8F:A6:A4:1B X509v3 Authority Key Identifier: keyid:09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:50:be:cc:1a:72:c7:d7:66:7b:53:c1:91:d0:16:07:eb:95: 72:d5:86:d7:62:10:44:c3:46:6f:df:27:75:8c:45:d9:d9:c0: f9:dc:36:b9:fb:f9:1b:9e:a0:68:ef:68:99:88:5e:4a:9d:62: d2:0d:ea:e9:ce:29:4a:2b:21:ed:36:86:dc:06:88:27:2e:54: 5c:d7:9a:93:8f:e0:c1:56:51:2e:6f:c5:4d:0f:0a:4d:cb:9b: 99:1b:54:31:a1:02:3c:b0:18:b9:dd:9e:af:63:e6:90:57:45: b7:f3:be:a2:94:98:3f:3f:6a:68:cf:21:e1:8e:24:d0:fe:3d: 81:c0:40:a8:5a:8c:63:59:22:b7:bf:29:66:98:71:6d:32:66: c7:cf:2b:86:d3:af:c1:85:4e:2a:09:d4:87:ff:7b:13:11:06: 39:0d:a3:3c:96:c1:dc:a4:98:50:64:a4:3f:0b:75:cd:cf:6f: 99:6c:32:c7:78:96:cb:08:98:f8:4c:6b:13:3c:e1:93:eb:9d: 36:cf:27:e3:ce:dd:08:0a:66:ae:e4:b2:cd:90:12:26:b8:44: 60:9a:62:3f:a7:4d:79:b2:c6:f4:5d:a5:83:53:d5:e6:9c:b4: 61:9e:54:df:00:f8:b0:76:03:d3:c1:72:07:0a:41:71:64:60: a2:c7:54:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydp1N81cWRRBFdLZVeoLUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MDgyMDRkN2NmNWJjNGFhYjM4ZmZhMzlkYTNhNjgxZWQy MTdiZDQwHhcNMjUxMjA2MDcwMDUwWhcNMjUxMjA3MDcwMDUwWjAzMTEwLwYDVQQD Eyg1ZDAzY2ExNmZmM2MyYzQ5MWZjYzM0NjJkZTJkYzZjYjhmYTZhNDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkuffFthiCazW3HtZhbQKyxDoOkz Wt4ooFFZjLM1BkgtFPHxKiK+yid5FYiWf/0R3qbTapUZ+WKIpr+gJwL0dACI5e+z Hy2ijQEu9DRvw+C6CdaFEI+kkvt7lbFKkWYCa9aOHcBIa8Q7D07NQJB1gJBkY5eq g25YEMnL7qA9U0Q0rBJrpsWOiyDpuXsfCM/aWOktf2zLdAh6+WOtgzRKI6Sg5XIb oPKYq8cMLNjavMZOoNTVaTO08TmhF+vMLZKPyKNEZ2S9UYONQW2/J1u1WG1M/Pkx 3uuBxPjfLjJ5MDDq7m75Cg+5MTbKieOexDOOQo0cedWRtVLOFtfylG2edQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF0Dyhb/PCxJH8w0Yt4txsuPpqQbMB8GA1UdIwQY MBaAFAkIIE189bxKqzj/o52jpoHtIXvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjIt ODgyM2YxMTFkZjA3LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjItODgyM2YxMTFkZjA3 LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1C+zBpy x9dme1PBkdAWB+uVctWG12IQRMNGb98ndYxF2dnA+dw2ufv5G56gaO9omYheSp1i 0g3q6c4pSish7TaG3AaIJy5UXNeak4/gwVZRLm/FTQ8KTcubmRtUMaECPLAYud2e r2PmkFdFt/O+opSYPz9qaM8h4Y4k0P49gcBAqFqMY1kit78pZphxbTJmx88rhtOv wYVOKgnUh/97ExEGOQ2jPJbB3KSYUGSkPwt1zc9vmWwyx3iWywiY+ExrEzzhk+ud Ns8n487dCApmruSyzZASJrhEYJpiP6dNebLG9F2lg1PV5py0YZ5U3wD4sHYD08Fy BwpBcWRgosdUgA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:58:06 2025 by rpki-client