This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft File: qOeaWm0FfybaCYxi-R31ExEa7a0.mft (raw, json) Hash identifier: jXOScTIGY2AeEfrOluIU8FXnX4rg+CdUCtPyd1PuGSQ= Subject key identifier: FB:5C:A9:94:48:A8:2A:60:7A:C1:80:8D:01:34:C8:CE:EB:96:5C:28 Authority key identifier: A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD Certificate issuer: /CN=a8e79a5a6d057f26da098c62f91df513111aedad Certificate serial: 019B1BAB428BB9E709D2E48F3468071F1005 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft Manifest number: 022B Signing time: Sun 14 Dec 2025 07:02:46 +0000 Manifest this update: Sun 14 Dec 2025 07:02:46 +0000 Manifest next update: Mon 15 Dec 2025 07:02:46 +0000 Files and hashes: 1: qOeaWm0FfybaCYxi-R31ExEa7a0.crl (hash: wcTWMtPHpBWV/q7mmnlHTMhY7eVfDV/ZY+5c6bqS/gM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:ab:42:8b:b9:e7:09:d2:e4:8f:34:68:07:1f:10:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8e79a5a6d057f26da098c62f91df513111aedad Validity Not Before: Dec 14 07:02:46 2025 GMT Not After : Dec 15 07:02:46 2025 GMT Subject: CN=fb5ca99448a82a607ac1808d0134c8ceeb965c28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0f:91:da:2d:a7:04:02:14:e0:ee:ac:0e:e0: b8:ee:e7:97:07:b9:2e:c0:17:8b:9b:93:0d:1d:c6: ae:0a:e2:7a:33:ee:ea:07:32:5f:b9:25:4b:f4:99: 65:d0:1c:9c:42:e6:a3:29:55:d1:a4:ac:ab:91:8c: 3d:6e:25:f2:d0:6d:7f:3f:ad:64:fe:15:aa:ec:0a: 7d:22:3a:8c:ee:5d:a9:87:05:c1:39:af:26:3b:72: 58:26:a2:d9:f5:c1:39:77:7c:87:2f:b9:53:57:cd: 19:78:3b:a6:75:e0:a9:89:56:1b:e3:78:1f:ab:77: ba:13:ff:8e:35:ad:ee:98:4a:1a:46:68:87:a2:78: 3d:a5:1d:1d:7a:ab:69:57:a9:85:ea:ec:41:bc:51: 9a:3c:ef:95:1a:de:c7:9a:89:06:7b:fb:b8:d8:89: 43:1b:40:97:47:ea:4a:7a:4b:9b:68:22:a0:1b:52: 6f:dd:94:63:00:16:42:f6:44:b3:d4:e3:b5:2f:31: 4e:6b:ac:73:70:3b:7e:dd:d7:cc:f7:e6:c4:ef:d6: 7d:94:16:38:91:f4:1b:6a:8d:57:dc:b8:8f:66:0c: 60:eb:29:97:f6:42:c2:21:f2:5c:46:73:43:bd:a8: 06:ec:52:69:4a:26:f4:84:50:0e:ad:fd:6e:5c:eb: e4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:5C:A9:94:48:A8:2A:60:7A:C1:80:8D:01:34:C8:CE:EB:96:5C:28 X509v3 Authority Key Identifier: keyid:A8:E7:9A:5A:6D:05:7F:26:DA:09:8C:62:F9:1D:F5:13:11:1A:ED:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOeaWm0FfybaCYxi-R31ExEa7a0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/42692b-a460-477c-baa0-eccdac8b6a98/1/qOeaWm0FfybaCYxi-R31ExEa7a0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:83:70:7a:79:fc:6e:81:c8:2f:03:c7:39:b1:83:01:b5:4b: 3a:74:63:1f:a9:90:41:71:fe:5f:90:09:67:31:1f:a5:1b:4d: 18:fa:da:07:ca:78:4a:c5:dc:8e:da:bf:f5:03:4f:49:de:6a: 53:17:34:91:58:5a:39:60:8c:b9:0c:88:cd:87:b0:bd:c9:81: df:07:a3:78:d6:f8:0f:77:4e:5c:2a:93:2b:28:d3:c4:64:af: 9d:65:26:c8:45:b1:ba:a1:0a:d6:6f:d2:5a:9b:b9:ee:e9:06: a4:6b:4a:ea:56:39:89:25:72:04:94:b2:20:42:01:6d:18:60: d0:e7:1e:8d:1b:d4:15:d2:75:ab:7c:57:19:71:e1:69:35:32: c8:70:86:fc:15:b7:01:f7:95:4c:f6:4a:e0:05:4a:75:e3:2c: 74:7e:d3:59:5b:67:ae:c5:fe:5c:b2:4e:56:1d:7a:bf:42:9b: 64:88:f9:aa:66:a9:07:9c:53:56:8b:29:1a:5b:f2:33:b6:67: 45:61:0c:29:82:cd:61:69:9f:89:95:8d:07:d7:80:a9:48:91: c5:fc:ed:ae:f8:d1:87:f3:05:47:42:c3:53:a1:e9:12:2b:0d: e1:b2:d0:9e:69:a3:99:39:39:42:76:3f:5b:b9:60:2a:83:6f: cd:74:c6:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbq0KLuecJ0uSPNGgHHxAFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4ZTc5YTVhNmQwNTdmMjZkYTA5OGM2MmY5MWRmNTEzMTEx YWVkYWQwHhcNMjUxMjE0MDcwMjQ2WhcNMjUxMjE1MDcwMjQ2WjAzMTEwLwYDVQQD EyhmYjVjYTk5NDQ4YTgyYTYwN2FjMTgwOGQwMTM0YzhjZWViOTY1YzI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA+R2i2nBAIU4O6sDuC47ueXB7ku wBeLm5MNHcauCuJ6M+7qBzJfuSVL9Jll0BycQuajKVXRpKyrkYw9biXy0G1/P61k /hWq7Ap9IjqM7l2phwXBOa8mO3JYJqLZ9cE5d3yHL7lTV80ZeDumdeCpiVYb43gf q3e6E/+ONa3umEoaRmiHong9pR0deqtpV6mF6uxBvFGaPO+VGt7HmokGe/u42IlD G0CXR+pKekubaCKgG1Jv3ZRjABZC9kSz1OO1LzFOa6xzcDt+3dfM9+bE79Z9lBY4 kfQbao1X3LiPZgxg6ymX9kLCIfJcRnNDvagG7FJpSib0hFAOrf1uXOvkowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPtcqZRIqCpgesGAjQE0yM7rllwoMB8GA1UdIwQY MBaAFKjnmlptBX8m2gmMYvkd9RMRGu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAt ZWNjZGFjOGI2YTk4LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS80MjY5MmItYTQ2MC00NzdjLWJhYTAtZWNjZGFjOGI2YTk4 LzEvcU9lYVdtMEZmeWJhQ1l4aS1SMzFFeEVhN2EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPINwenn8 boHILwPHObGDAbVLOnRjH6mQQXH+X5AJZzEfpRtNGPraB8p4SsXcjtq/9QNPSd5q Uxc0kVhaOWCMuQyIzYewvcmB3wejeNb4D3dOXCqTKyjTxGSvnWUmyEWxuqEK1m/S Wpu57ukGpGtK6lY5iSVyBJSyIEIBbRhg0OcejRvUFdJ1q3xXGXHhaTUyyHCG/BW3 AfeVTPZK4AVKdeMsdH7TWVtnrsX+XLJOVh16v0KbZIj5qmapB5xTVospGlvyM7Zn RWEMKYLNYWmfiZWNB9eAqUiRxfztrvjRh/MFR0LDU6HpEisN4bLQnmmjmTk5QnY/ W7lgKoNvzXTGTg== -----END CERTIFICATE-----Generated at Sun Dec 14 09:32:57 2025 by rpki-client