This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft File: Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json) Hash identifier: auJvqLdoeUFSTbdhFA5o84myT07cpSioqGrWNFUJFoM= Subject key identifier: C5:2F:B3:C5:05:CE:8E:B4:6C:BE:0E:CD:AA:62:F9:11:C7:2F:72:B9 Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF Certificate issuer: /CN=43938a3de803bd6c91f14ad967bd4141b8a028af Certificate serial: 019B2FD4FF06FCCE1C8997EA96D5A0589B91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft Manifest number: 14A2 Signing time: Thu 18 Dec 2025 05:00:46 +0000 Manifest this update: Thu 18 Dec 2025 05:00:46 +0000 Manifest next update: Fri 19 Dec 2025 05:00:46 +0000 Files and hashes: 1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: omPOk1m4/VSyBJcAMhoaYREVimlM41V2FNRx9GEP4+Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d4:ff:06:fc:ce:1c:89:97:ea:96:d5:a0:58:9b:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af Validity Not Before: Dec 18 05:00:46 2025 GMT Not After : Dec 19 05:00:46 2025 GMT Subject: CN=c52fb3c505ce8eb46cbe0ecdaa62f911c72f72b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:71:5e:0f:21:89:61:dc:ee:8e:ed:d0:37:d1: 58:d3:ad:df:38:b0:d7:3e:50:ac:9d:09:dd:27:19: 5b:0e:c6:29:df:d7:51:14:ac:09:1a:9c:0b:0f:f3: 35:4e:3f:2c:71:93:23:d2:5f:1d:66:50:d8:22:e9: dd:aa:6e:23:15:e5:1b:b4:79:30:13:44:be:a5:0d: 83:79:9f:0d:7d:5d:6a:1c:e2:86:08:72:3a:2c:2b: 19:fa:ed:a2:17:7f:8e:6c:f9:02:d8:99:7a:8b:58: 2c:e1:f7:a5:27:54:d9:bf:c7:00:c8:a2:82:6e:ab: 5f:8c:0a:9f:a8:71:d3:bd:ae:41:2f:b4:9d:ee:09: 3c:42:6c:bb:e7:17:1b:73:0d:53:93:5f:a0:99:57: d3:5c:fa:db:e4:e5:5b:f3:09:b6:30:fd:d2:e5:48: 5b:3f:06:e8:ac:84:e0:6d:1f:8a:1d:5e:06:01:65: 50:42:e1:d5:37:c8:02:5b:d4:e9:6d:5e:dd:a3:2a: bd:cd:0a:18:26:e7:4c:d2:cd:f7:04:7b:de:e3:8b: b4:39:51:b6:dd:de:ee:e0:87:db:20:59:88:59:8e: b7:40:04:9c:78:8c:83:8a:f0:da:d8:35:bf:c5:f2: b5:cf:c1:d6:1a:be:c0:df:1e:da:0f:50:dd:ff:65: b4:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:2F:B3:C5:05:CE:8E:B4:6C:BE:0E:CD:AA:62:F9:11:C7:2F:72:B9 X509v3 Authority Key Identifier: keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:7f:4b:57:0b:39:ab:07:c7:6c:70:f9:56:75:3b:58:47:17: f7:55:e5:7e:27:73:3f:31:d6:3e:a4:47:ed:06:a9:5a:52:fd: cd:14:46:3c:0c:44:72:2e:d7:b8:77:d5:7c:de:a0:e9:a3:49: 73:e3:9d:9f:b7:e5:9e:da:b0:2f:16:b8:ef:46:71:ed:ff:35: 51:53:68:f1:03:0a:4f:19:5d:fb:3f:71:dd:61:fc:85:50:84: 39:74:9c:29:3b:09:58:67:ac:1c:16:ec:c0:04:e8:00:39:8c: 6f:3d:b4:03:87:c8:65:53:d5:2d:17:f7:d7:cd:ac:d8:2e:27: 69:b3:1d:f9:45:76:71:bf:22:52:95:74:b6:26:36:45:ce:00: 2b:d2:e1:a5:22:b1:a1:ab:51:f2:ae:ce:4d:e2:7a:44:4b:d1: 4a:ab:51:a2:09:f4:87:08:da:a7:90:64:6a:93:d0:3c:23:4a: 56:0a:1e:77:73:44:81:0c:66:f2:78:3e:6c:10:b6:76:42:75: 63:8b:a2:21:fb:a8:e1:20:60:81:37:3f:6a:ad:81:6d:5b:e6: 4d:09:9c:0c:af:f2:04:86:43:eb:2e:62:80:2c:3d:7d:a8:37: fa:e9:e7:e0:3c:22:d7:0a:e6:04:a2:9e:be:af:56:ff:44:fa: d4:5a:e5:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1P8G/M4ciZfqltWgWJuRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh MDI4YWYwHhcNMjUxMjE4MDUwMDQ2WhcNMjUxMjE5MDUwMDQ2WjAzMTEwLwYDVQQD EyhjNTJmYjNjNTA1Y2U4ZWI0NmNiZTBlY2RhYTYyZjkxMWM3MmY3MmI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXFeDyGJYdzuju3QN9FY063fOLDX PlCsnQndJxlbDsYp39dRFKwJGpwLD/M1Tj8scZMj0l8dZlDYIundqm4jFeUbtHkw E0S+pQ2DeZ8NfV1qHOKGCHI6LCsZ+u2iF3+ObPkC2Jl6i1gs4felJ1TZv8cAyKKC bqtfjAqfqHHTva5BL7Sd7gk8Qmy75xcbcw1Tk1+gmVfTXPrb5OVb8wm2MP3S5Uhb PwborITgbR+KHV4GAWVQQuHVN8gCW9TpbV7doyq9zQoYJudM0s33BHve44u0OVG2 3d7u4IfbIFmIWY63QASceIyDivDa2DW/xfK1z8HWGr7A3x7aD1Dd/2W0tQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMUvs8UFzo60bL4Ozapi+RHHL3K5MB8GA1UdIwQY MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5 LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf39LVws5 qwfHbHD5VnU7WEcX91XlfidzPzHWPqRH7QapWlL9zRRGPAxEci7XuHfVfN6g6aNJ c+Odn7flntqwLxa470Zx7f81UVNo8QMKTxld+z9x3WH8hVCEOXScKTsJWGesHBbs wAToADmMbz20A4fIZVPVLRf3182s2C4nabMd+UV2cb8iUpV0tiY2Rc4AK9LhpSKx oatR8q7OTeJ6REvRSqtRogn0hwjap5BkapPQPCNKVgoed3NEgQxm8ng+bBC2dkJ1 Y4uiIfuo4SBggTc/aq2BbVvmTQmcDK/yBIZD6y5igCw9fag3+unn4Dwi1wrmBKKe vq9W/0T61Frltw== -----END CERTIFICATE-----Generated at Thu Dec 18 08:03:33 2025 by rpki-client