This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft File: qvNQYhzAHooe03KB3zKwlxy95Vc.mft (raw, json) Hash identifier: hl67bFje2NsV6M4QEj+udUZ1U3lzaoJxgwL3rzc/ExE= Subject key identifier: 85:54:46:9A:25:5B:64:4D:AA:DC:84:A4:1C:06:18:AE:E0:BD:76:B3 Authority key identifier: AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57 Certificate issuer: /CN=aaf350621cc01e8a1ed37281df32b0971cbde557 Certificate serial: 019B1FF459047983FD4AE7F76646E004FF23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft Manifest number: 1776 Signing time: Mon 15 Dec 2025 03:01:05 +0000 Manifest this update: Mon 15 Dec 2025 03:01:05 +0000 Manifest next update: Tue 16 Dec 2025 03:01:05 +0000 Files and hashes: 1: qvNQYhzAHooe03KB3zKwlxy95Vc.crl (hash: 4g5JEBbZlI77VhqlQ+dd0cVjEh2dohlOH+2ZnZNc6Qk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 03:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:f4:59:04:79:83:fd:4a:e7:f7:66:46:e0:04:ff:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aaf350621cc01e8a1ed37281df32b0971cbde557 Validity Not Before: Dec 15 03:01:05 2025 GMT Not After : Dec 16 03:01:05 2025 GMT Subject: CN=8554469a255b644daadc84a41c0618aee0bd76b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d2:be:72:e0:75:f4:12:05:99:f3:e8:06:09: 38:be:5b:fc:72:33:76:1e:df:a5:73:f9:3f:07:16: ac:d1:14:b7:9b:eb:1c:6e:24:30:5f:86:00:94:70: b9:03:28:ac:a5:47:9a:53:13:92:fa:49:14:fc:4b: c1:d3:75:04:84:f5:2c:72:b1:0b:39:eb:e3:31:15: 3a:bb:f8:f7:61:b9:56:62:97:bd:38:9e:50:d1:e3: 3d:4b:07:cd:0b:20:85:54:fe:ff:96:eb:b2:a6:6f: b5:44:86:a0:c5:10:4a:bb:29:70:56:22:c3:4a:61: 8d:32:80:4e:95:1b:c0:b2:e8:26:fb:17:4d:40:9a: 93:67:72:18:be:a0:d5:3d:0b:e3:13:38:d0:0c:2a: 18:2d:c9:77:a3:58:17:98:7e:d2:e5:df:91:5e:6c: 04:d9:0e:1e:7b:7c:25:36:63:c6:92:34:b3:5c:b6: 9c:b8:ce:bb:ae:51:3f:1f:1f:f4:ee:88:3b:65:fa: e8:2e:05:95:0b:0a:c4:c5:81:ed:54:19:ab:79:2f: 42:1e:0a:6d:81:3e:bd:1b:ea:38:1d:1c:db:8a:b3: 3e:3a:bf:44:ba:03:4d:6e:7e:64:a1:bf:b1:1f:49: 3d:98:56:76:58:e8:63:50:55:6a:a4:8e:b6:5d:e2: 18:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:54:46:9A:25:5B:64:4D:AA:DC:84:A4:1C:06:18:AE:E0:BD:76:B3 X509v3 Authority Key Identifier: keyid:AA:F3:50:62:1C:C0:1E:8A:1E:D3:72:81:DF:32:B0:97:1C:BD:E5:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvNQYhzAHooe03KB3zKwlxy95Vc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f812c7-a85d-4040-8b99-75a8b0974e20/1/qvNQYhzAHooe03KB3zKwlxy95Vc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:71:ba:76:20:3c:8b:58:20:d9:09:45:af:45:6b:e5:1e:91: 00:8a:be:2d:76:d7:a5:27:2a:fa:dd:ca:5c:83:89:f9:b3:f6: 53:95:2f:32:55:22:90:ba:f7:1f:04:a7:1f:1a:f4:4c:57:1f: 77:94:38:0e:fd:3e:0f:ee:6a:26:a7:5a:43:08:1a:df:27:ff: ac:bb:e3:7b:87:9d:c6:8c:c3:d4:c7:2d:11:6a:29:8b:6f:0c: 3b:20:37:af:1f:1b:87:c9:89:05:bb:e6:52:b8:b9:a1:98:26: d4:be:d0:5d:ef:5f:0e:72:46:70:ba:e4:7c:07:0e:06:f7:fc: 36:bf:5a:78:af:6b:54:a7:56:a7:8c:9e:c3:cb:24:ef:56:3d: 3e:eb:ea:08:99:10:e3:ec:91:cd:7a:df:57:17:01:a0:c5:89: 40:cb:10:5d:f1:11:71:ab:c7:bf:88:70:f8:0d:b1:bb:fa:e5: 0a:6c:b9:de:c4:d5:02:1e:2f:cf:b7:43:e0:4f:a6:48:e2:92: a5:92:1d:87:68:2c:c8:1c:02:4e:cf:8a:73:35:3a:92:ac:91: 3b:25:e1:0c:29:c6:28:80:47:d8:7a:24:84:c3:8f:15:29:3f: fe:5e:11:8f:31:e7:dd:53:77:00:26:39:f5:ab:1e:cf:5c:c8: af:0a:87:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsf9FkEeYP9Suf3ZkbgBP8jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZjM1MDYyMWNjMDFlOGExZWQzNzI4MWRmMzJiMDk3MWNi ZGU1NTcwHhcNMjUxMjE1MDMwMTA1WhcNMjUxMjE2MDMwMTA1WjAzMTEwLwYDVQQD Eyg4NTU0NDY5YTI1NWI2NDRkYWFkYzg0YTQxYzA2MThhZWUwYmQ3NmIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNK+cuB19BIFmfPoBgk4vlv8cjN2 Ht+lc/k/Bxas0RS3m+scbiQwX4YAlHC5AyispUeaUxOS+kkU/EvB03UEhPUscrEL OevjMRU6u/j3YblWYpe9OJ5Q0eM9SwfNCyCFVP7/luuypm+1RIagxRBKuylwViLD SmGNMoBOlRvAsugm+xdNQJqTZ3IYvqDVPQvjEzjQDCoYLcl3o1gXmH7S5d+RXmwE 2Q4ee3wlNmPGkjSzXLacuM67rlE/Hx/07og7ZfroLgWVCwrExYHtVBmreS9CHgpt gT69G+o4HRzbirM+Or9EugNNbn5kob+xH0k9mFZ2WOhjUFVqpI62XeIYbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIVURpolW2RNqtyEpBwGGK7gvXazMB8GA1UdIwQY MBaAFKrzUGIcwB6KHtNygd8ysJccveVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTkt NzVhOGIwOTc0ZTIwLzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9mODEyYzctYTg1ZC00MDQwLThiOTktNzVhOGIwOTc0ZTIw LzEvcXZOUVloekFIb29lMDNLQjN6S3dseHk5NVZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfHG6diA8 i1gg2QlFr0Vr5R6RAIq+LXbXpScq+t3KXIOJ+bP2U5UvMlUikLr3HwSnHxr0TFcf d5Q4Dv0+D+5qJqdaQwga3yf/rLvje4edxozD1MctEWopi28MOyA3rx8bh8mJBbvm Uri5oZgm1L7QXe9fDnJGcLrkfAcOBvf8Nr9aeK9rVKdWp4yew8sk71Y9PuvqCJkQ 4+yRzXrfVxcBoMWJQMsQXfERcavHv4hw+A2xu/rlCmy53sTVAh4vz7dD4E+mSOKS pZIdh2gsyBwCTs+KczU6kqyROyXhDCnGKIBH2HokhMOPFSk//l4RjzHn3VN3ACY5 9asez1zIrwqHVQ== -----END CERTIFICATE-----Generated at Mon Dec 15 13:37:31 2025 by rpki-client