This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json) Hash identifier: PtPJYrbYafgx6hz3J2X+vTsbDpzoeDrMgOycNIAPSZ8= Subject key identifier: 3F:C4:1A:B7:2A:F3:4A:6E:7B:AA:72:5F:0D:ED:05:8E:4E:DE:7E:0C Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e Certificate serial: 019B3A21C6470DC7C322361D08276A8FBA7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 05:00:50 +0000 Manifest this update: Sat 20 Dec 2025 05:00:50 +0000 Manifest next update: Sun 21 Dec 2025 05:00:50 +0000 Files and hashes: 1: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: iNZgrHluTXfPDFr7zLfKXHb3TmP+RcVaj8rNO5Iwncw=) 2: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 05:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:21:c6:47:0d:c7:c3:22:36:1d:08:27:6a:8f:ba:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e Validity Not Before: Dec 20 05:00:50 2025 GMT Not After : Dec 21 05:00:50 2025 GMT Subject: CN=3fc41ab72af34a6e7baa725f0ded058e4ede7e0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:6a:be:d6:11:f0:43:b0:25:f8:4f:2a:69:94: 77:40:bd:79:2d:be:11:74:9a:fc:78:1f:4c:e2:c5: e5:ff:39:6b:da:86:eb:1b:c0:4a:a8:02:66:34:78: 2a:f4:ff:13:55:9d:d8:8c:8d:f0:0f:f9:24:45:3d: 6a:5e:24:eb:0c:3b:31:d7:96:62:bb:39:e0:e6:e5: c1:55:d8:36:95:92:db:b8:ff:cc:7e:10:69:bf:ac: 3e:c8:3f:bd:0b:d0:00:1d:5c:8f:ab:63:15:69:f8: bc:5f:cc:5b:f1:ae:4f:3b:70:49:3b:70:78:bc:4c: 7c:17:56:cd:a2:2d:55:8e:1b:a0:4a:72:5e:d2:9b: 64:71:2b:d1:86:35:64:9b:a2:e4:fe:31:58:f8:f1: 5e:cb:af:19:70:18:30:1e:5b:69:2b:c0:ac:be:be: 81:1f:ba:28:54:c9:cc:3b:24:c0:62:a1:87:4b:98: 49:9a:7a:05:1c:0e:84:26:5c:c1:d4:9d:0a:ce:0f: ab:f7:2b:2f:46:73:1e:84:c1:13:97:99:7f:5b:b1: 04:bc:c5:35:d7:8a:3e:40:02:9b:b4:e5:f5:32:23: 6c:e5:d0:f5:c8:8e:44:f0:6e:8b:2b:34:19:96:4a: 79:ab:3e:80:41:68:0f:03:dd:f6:1a:73:3b:97:5c: 38:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:C4:1A:B7:2A:F3:4A:6E:7B:AA:72:5F:0D:ED:05:8E:4E:DE:7E:0C X509v3 Authority Key Identifier: keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:37:7b:72:5a:3b:4f:43:0e:f8:a2:78:6a:9e:8a:2c:f5:de: 9d:52:8f:fd:a6:89:a6:14:84:8c:2b:0b:61:f5:76:de:b5:93: bf:8e:37:72:66:96:43:02:49:40:c5:07:e8:24:ff:d7:2a:83: 18:fc:c5:8c:11:c4:ae:6f:04:af:ac:43:f6:7f:c7:a4:eb:f2: 3c:02:92:ef:8a:40:8d:db:eb:f8:ba:f0:9f:f8:f6:29:63:a9: 80:ba:a1:0f:a8:20:04:ac:83:26:e2:d2:48:2d:e0:54:7a:1e: 14:96:61:1a:6d:36:36:0f:0d:bf:be:d5:31:5c:a7:96:19:ed: 93:f6:8a:e0:4d:d6:2d:26:ad:22:65:11:a3:05:d7:78:80:ff: 44:38:2c:11:9a:79:99:54:63:31:5d:a0:01:b3:9e:ce:41:c4: 0a:38:1b:43:b3:30:ea:7a:eb:f2:7c:50:ca:c7:a6:bc:21:fa: 88:d3:7d:ce:47:2a:2d:a4:33:a1:3f:2e:cb:8a:cf:16:29:2e: a1:f6:a1:10:e5:79:9c:0d:d9:f7:83:7a:f3:90:bb:7e:db:fd: ae:89:d1:bd:48:bb:76:f7:08:62:1d:14:be:f3:a3:5b:1b:31: 73:c6:5e:e6:d7:0f:37:11:48:b1:e9:19:c9:6e:35:bd:2e:b6: f6:40:9a:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6IcZHDcfDIjYdCCdqj7p/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4 ZjRhMmUwHhcNMjUxMjIwMDUwMDUwWhcNMjUxMjIxMDUwMDUwWjAzMTEwLwYDVQQD EygzZmM0MWFiNzJhZjM0YTZlN2JhYTcyNWYwZGVkMDU4ZTRlZGU3ZTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2q+1hHwQ7Al+E8qaZR3QL15Lb4R dJr8eB9M4sXl/zlr2obrG8BKqAJmNHgq9P8TVZ3YjI3wD/kkRT1qXiTrDDsx15Zi uzng5uXBVdg2lZLbuP/MfhBpv6w+yD+9C9AAHVyPq2MVafi8X8xb8a5PO3BJO3B4 vEx8F1bNoi1VjhugSnJe0ptkcSvRhjVkm6Lk/jFY+PFey68ZcBgwHltpK8Csvr6B H7ooVMnMOyTAYqGHS5hJmnoFHA6EJlzB1J0Kzg+r9ysvRnMehMETl5l/W7EEvMU1 14o+QAKbtOX1MiNs5dD1yI5E8G6LKzQZlkp5qz6AQWgPA932GnM7l1w4mwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD/EGrcq80pue6pyXw3tBY5O3n4MMB8GA1UdIwQY MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMzd7clo7 T0MO+KJ4ap6KLPXenVKP/aaJphSEjCsLYfV23rWTv443cmaWQwJJQMUH6CT/1yqD GPzFjBHErm8Er6xD9n/HpOvyPAKS74pAjdvr+Lrwn/j2KWOpgLqhD6ggBKyDJuLS SC3gVHoeFJZhGm02Ng8Nv77VMVynlhntk/aK4E3WLSatImURowXXeID/RDgsEZp5 mVRjMV2gAbOezkHECjgbQ7Mw6nrr8nxQysemvCH6iNN9zkcqLaQzoT8uy4rPFiku ofahEOV5nA3Z94N685C7ftv9ronRvUi7dvcIYh0UvvOjWxsxc8Ze5tcPNxFIsekZ yW41vS629kCapg== -----END CERTIFICATE-----Generated at Sat Dec 20 12:24:52 2025 by rpki-client