This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.mft File: Q7iP8e37ZyBmAwJncaquyEuLHrg.mft (raw, json) Hash identifier: mRMvc0NpxZi8kAh7UfBfwAAKAdAi5eQU7p/OOpwQTrM= Subject key identifier: 4F:A1:45:20:2D:68:4B:F0:55:A6:A8:5A:A6:81:B6:CD:3E:BD:5B:83 Authority key identifier: 43:B8:8F:F1:ED:FB:67:20:66:03:02:67:71:AA:AE:C8:4B:8B:1E:B8 Certificate issuer: /CN=43b88ff1edfb67206603026771aaaec84b8b1eb8 Certificate serial: 019AFBB1296320DADAC217F3897E8FD7CD8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7iP8e37ZyBmAwJncaquyEuLHrg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.mft Manifest number: 0F16 Signing time: Mon 08 Dec 2025 02:01:22 +0000 Manifest this update: Mon 08 Dec 2025 02:01:22 +0000 Manifest next update: Tue 09 Dec 2025 02:01:22 +0000 Files and hashes: 1: Q7iP8e37ZyBmAwJncaquyEuLHrg.crl (hash: CAfUTjJYKVV0D5vPJw0qxAnO+aco1TLe67ZGZOIWvxU=) 2: gg-emnwJIGdBmpEHYh5OFvjnfmc.roa (hash: f0YF0XqFky78qYjbpn5730w15nHy84AldxyEdZxgOEY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.mft rsync://rpki.ripe.net/repository/DEFAULT/Q7iP8e37ZyBmAwJncaquyEuLHrg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fb:b1:29:63:20:da:da:c2:17:f3:89:7e:8f:d7:cd:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43b88ff1edfb67206603026771aaaec84b8b1eb8 Validity Not Before: Dec 8 02:01:22 2025 GMT Not After : Dec 9 02:01:22 2025 GMT Subject: CN=4fa145202d684bf055a6a85aa681b6cd3ebd5b83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ff:f7:58:21:b1:92:39:e7:77:63:89:ca:64: e4:7a:b6:f8:8c:99:df:fc:f7:94:df:0c:75:5b:73: 90:df:2a:a3:8e:94:62:ea:3b:bb:49:09:8d:8a:1d: 8c:dc:ea:37:29:45:f1:7a:41:2a:7e:a4:8e:11:35: b1:47:12:0b:4e:0d:23:2d:9a:c7:44:63:fa:5a:a4: 53:04:12:68:39:83:a1:ed:80:36:4c:08:b8:b6:b6: d7:69:0e:9e:eb:77:ee:fa:66:c0:f1:f0:f7:8c:c6: 14:92:be:21:d1:51:4f:93:c9:a3:b9:58:15:6c:39: f9:b9:43:bb:a4:36:b1:a0:ae:55:a2:be:05:7f:fb: 8f:af:04:da:cf:2f:a5:90:4a:ba:65:9c:d4:23:ca: ed:00:aa:4b:9e:13:f7:87:e7:85:cf:93:ca:0d:ae: e2:a7:c1:6c:55:fb:29:90:5e:ac:d1:21:f0:53:7d: 38:43:98:7f:d8:3e:d4:a9:d2:ac:33:02:d6:df:e5: 42:76:5d:6c:11:f1:40:6d:11:c2:c6:f2:4c:1a:e7: c8:52:fa:fc:7b:3b:42:70:b8:6b:af:33:ba:ab:6a: 24:e3:dc:8c:56:64:28:d7:af:7d:a6:be:07:c8:dc: 06:65:b7:3a:30:96:db:a4:40:09:30:5d:ec:e4:9c: 1f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:A1:45:20:2D:68:4B:F0:55:A6:A8:5A:A6:81:B6:CD:3E:BD:5B:83 X509v3 Authority Key Identifier: keyid:43:B8:8F:F1:ED:FB:67:20:66:03:02:67:71:AA:AE:C8:4B:8B:1E:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7iP8e37ZyBmAwJncaquyEuLHrg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:67:94:a0:31:e3:c5:03:71:73:46:d7:da:71:ee:a8:2b:09: 6a:24:41:9a:ce:8c:0f:6d:9a:49:da:35:d6:2a:9d:49:b7:ef: 08:2a:89:e2:55:f7:ff:8d:58:05:f9:0d:c1:c8:5f:60:7f:b4: dc:74:50:d1:ff:e5:15:8e:9e:0f:f0:f7:0e:7a:86:0c:c0:2a: 5b:db:1c:2e:b9:6f:ad:e4:66:5d:f0:af:a2:76:86:e2:07:5a: 5b:8d:18:a4:f9:aa:41:8a:cc:b0:14:4f:67:2f:0a:93:d9:4c: cf:e9:f8:7f:69:1e:e0:b3:ea:8d:b8:da:d3:ac:4e:d5:6e:69: 2c:a9:77:00:41:8b:f8:a2:b5:99:48:24:22:54:b9:af:a8:1d: 0d:6b:5a:2b:9a:cb:41:b2:8e:62:c6:13:36:c8:24:74:bd:72: 43:84:fc:c2:f7:6b:e1:43:d6:73:4d:72:96:92:71:6b:6b:bd: 7c:62:63:19:5c:d2:82:43:4f:38:6e:ed:9b:c9:68:b7:83:33: 17:27:9e:cf:76:d1:02:2f:72:e9:6b:fd:31:00:21:e5:69:06: bf:72:4d:dc:52:a4:eb:76:ad:9c:c8:76:d8:33:84:8d:1e:06: b1:92:39:31:8c:de:d8:6b:b1:fa:f2:ee:68:bc:4f:e0:0d:a5: 62:a1:59:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr7sSljINrawhfziX6P182MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzYjg4ZmYxZWRmYjY3MjA2NjAzMDI2NzcxYWFhZWM4NGI4 YjFlYjgwHhcNMjUxMjA4MDIwMTIyWhcNMjUxMjA5MDIwMTIyWjAzMTEwLwYDVQQD Eyg0ZmExNDUyMDJkNjg0YmYwNTVhNmE4NWFhNjgxYjZjZDNlYmQ1YjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP/3WCGxkjnnd2OJymTkerb4jJnf /PeU3wx1W3OQ3yqjjpRi6ju7SQmNih2M3Oo3KUXxekEqfqSOETWxRxILTg0jLZrH RGP6WqRTBBJoOYOh7YA2TAi4trbXaQ6e63fu+mbA8fD3jMYUkr4h0VFPk8mjuVgV bDn5uUO7pDaxoK5Vor4Ff/uPrwTazy+lkEq6ZZzUI8rtAKpLnhP3h+eFz5PKDa7i p8FsVfspkF6s0SHwU304Q5h/2D7UqdKsMwLW3+VCdl1sEfFAbRHCxvJMGufIUvr8 eztCcLhrrzO6q2ok49yMVmQo1699pr4HyNwGZbc6MJbbpEAJMF3s5JwfyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE+hRSAtaEvwVaaoWqaBts0+vVuDMB8GA1UdIwQY MBaAFEO4j/Ht+2cgZgMCZ3GqrshLix64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTdpUDhlMzdaeUJtQXdKbmNhcXV5RXVMSHJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNWM3ODMtNDM2ZS00NmU1LWI1MTQt YzFiZTVkYzAxYmJlLzEvUTdpUDhlMzdaeUJtQXdKbmNhcXV5RXVMSHJnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lNWM3ODMtNDM2ZS00NmU1LWI1MTQtYzFiZTVkYzAxYmJl LzEvUTdpUDhlMzdaeUJtQXdKbmNhcXV5RXVMSHJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoGeUoDHj xQNxc0bX2nHuqCsJaiRBms6MD22aSdo11iqdSbfvCCqJ4lX3/41YBfkNwchfYH+0 3HRQ0f/lFY6eD/D3DnqGDMAqW9scLrlvreRmXfCvonaG4gdaW40YpPmqQYrMsBRP Zy8Kk9lMz+n4f2ke4LPqjbja06xO1W5pLKl3AEGL+KK1mUgkIlS5r6gdDWtaK5rL QbKOYsYTNsgkdL1yQ4T8wvdr4UPWc01ylpJxa2u9fGJjGVzSgkNPOG7tm8lot4Mz Fyeez3bRAi9y6Wv9MQAh5WkGv3JN3FKk63atnMh22DOEjR4GsZI5MYze2Gux+vLu aLxP4A2lYqFZVg== -----END CERTIFICATE-----Generated at Mon Dec 8 09:15:56 2025 by rpki-client