This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft File: cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json) Hash identifier: QfElX72AV1/rX6qRDxh3x38Bt3/+e2veadoQVe6tWRs= Subject key identifier: A6:94:16:15:72:F7:BB:BD:B3:E4:C9:6F:57:4F:14:33:50:A2:58:89 Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4 Certificate issuer: /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4 Certificate serial: 019AF57867D880D4AE024D045B5D75B2E25D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 21:01:39 +0000 Manifest this update: Sat 06 Dec 2025 21:01:39 +0000 Manifest next update: Sun 07 Dec 2025 21:01:39 +0000 Files and hashes: 1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: jS5xzejQzf2NryPSKFIvEkpIt99nVbs+FIWeDLp/oF0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:67:d8:80:d4:ae:02:4d:04:5b:5d:75:b2:e2:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4 Validity Not Before: Dec 6 21:01:39 2025 GMT Not After : Dec 7 21:01:39 2025 GMT Subject: CN=a694161572f7bbbdb3e4c96f574f143350a25889 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8b:6b:2c:5c:d1:9e:00:ce:49:cb:d9:76:ac: 81:1d:c9:e3:d2:67:da:eb:16:31:23:6a:11:b4:e4: 28:2b:ea:bd:60:05:25:eb:31:99:c0:66:cf:37:80: e5:b5:7b:c5:c6:0d:10:19:f9:f6:2d:a0:58:d7:4b: af:17:30:1e:71:34:d4:dd:91:84:15:0f:bc:2d:9e: 68:5b:b1:ba:bf:70:ad:09:4d:e2:e3:06:09:86:5e: ca:7d:3a:25:fa:84:31:93:47:a3:78:90:33:e1:d4: c0:9b:d7:48:ca:f1:18:ff:19:d5:11:88:10:ec:d7: 27:b5:59:40:57:2f:0d:36:01:a3:ab:a1:00:83:89: c8:47:7e:d4:75:94:4c:69:32:af:9f:06:ac:cd:f3: 6d:a4:00:a8:8a:d0:43:09:5a:d7:8d:90:7e:d6:dc: 64:d7:12:f4:ec:fb:34:ae:89:13:bb:92:6e:76:d8: eb:4f:f9:7f:0c:fa:f7:48:c5:3c:96:fd:f9:b4:fb: 50:b5:19:36:fb:12:9f:48:4e:6c:ed:af:16:75:dc: 8e:96:eb:b6:18:c5:97:df:4e:64:42:b5:3b:54:69: 16:3d:9d:05:ff:85:96:9b:b2:a2:41:a6:e8:55:f6: 83:a8:97:e3:03:84:13:53:fb:6a:05:b1:1a:73:20: 41:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:94:16:15:72:F7:BB:BD:B3:E4:C9:6F:57:4F:14:33:50:A2:58:89 X509v3 Authority Key Identifier: keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:73:99:02:48:43:95:05:56:d1:88:2e:f7:20:db:fe:98:28: f2:8c:69:1e:88:62:9e:6d:57:85:21:87:a4:13:28:8f:f8:b3: e8:37:88:45:93:e4:1f:1c:95:31:d2:54:5c:a9:c4:ed:9e:af: ea:55:9c:a7:08:36:7e:3d:be:c3:54:71:4a:94:0f:a6:8d:69: d4:b5:4c:8d:6e:50:78:97:7f:72:f2:28:e1:ac:5a:e0:52:44: 31:98:32:1c:01:07:93:49:33:ce:ff:8b:47:e2:0a:79:d3:c6: 0b:ed:f7:52:6d:5e:28:ac:3b:76:01:07:59:8b:05:eb:65:37: 6e:ad:81:a1:16:35:da:fc:c4:0b:79:c5:9f:91:76:b9:94:e8: 67:a6:85:f6:ba:ca:9b:4b:ea:e7:6a:d5:30:3b:34:d1:29:87: 6f:41:46:d3:fe:ad:5b:a7:95:05:c2:3b:73:fe:4d:13:e3:40: f2:f5:84:53:bb:ae:a0:48:55:1e:9e:2a:48:43:8f:1c:08:1f: 3c:59:44:28:cd:d4:5a:3d:98:ba:d6:8b:38:c1:cc:dd:ea:43: 5b:92:c1:39:f5:0a:c6:6f:95:d7:29:07:a1:50:5b:05:54:82: 5b:43:c0:ce:35:4f:50:69:fa:80:ac:4a:00:49:01:18:16:b7: ea:ae:ed:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eGfYgNSuAk0EW111suJdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1 ZWEyZjQwHhcNMjUxMjA2MjEwMTM5WhcNMjUxMjA3MjEwMTM5WjAzMTEwLwYDVQQD EyhhNjk0MTYxNTcyZjdiYmJkYjNlNGM5NmY1NzRmMTQzMzUwYTI1ODg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYtrLFzRngDOScvZdqyBHcnj0mfa 6xYxI2oRtOQoK+q9YAUl6zGZwGbPN4DltXvFxg0QGfn2LaBY10uvFzAecTTU3ZGE FQ+8LZ5oW7G6v3CtCU3i4wYJhl7KfTol+oQxk0ejeJAz4dTAm9dIyvEY/xnVEYgQ 7NcntVlAVy8NNgGjq6EAg4nIR37UdZRMaTKvnwaszfNtpACoitBDCVrXjZB+1txk 1xL07Ps0rokTu5JudtjrT/l/DPr3SMU8lv35tPtQtRk2+xKfSE5s7a8WddyOluu2 GMWX305kQrU7VGkWPZ0F/4WWm7KiQaboVfaDqJfjA4QTU/tqBbEacyBBtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKaUFhVy97u9s+TJb1dPFDNQoliJMB8GA1UdIwQY MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgnOZAkhD lQVW0Ygu9yDb/pgo8oxpHohinm1XhSGHpBMoj/iz6DeIRZPkHxyVMdJUXKnE7Z6v 6lWcpwg2fj2+w1RxSpQPpo1p1LVMjW5QeJd/cvIo4axa4FJEMZgyHAEHk0kzzv+L R+IKedPGC+33Um1eKKw7dgEHWYsF62U3bq2BoRY12vzEC3nFn5F2uZToZ6aF9rrK m0vq52rVMDs00SmHb0FG0/6tW6eVBcI7c/5NE+NA8vWEU7uuoEhVHp4qSEOPHAgf PFlEKM3UWj2YutaLOMHM3epDW5LBOfUKxm+V1ykHoVBbBVSCW0PAzjVPUGn6gKxK AEkBGBa36q7tcg== -----END CERTIFICATE-----Generated at Sun Dec 7 04:14:16 2025 by rpki-client