This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft File: Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json) Hash identifier: rBjN4N+JM/5fqEMiw1kPd0+o1GaamWMEmOjlt0mjXf8= Subject key identifier: E6:FC:C0:32:5B:AA:5E:00:8C:62:B6:75:09:48:7B:F5:73:77:2F:B2 Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF Certificate issuer: /CN=43938a3de803bd6c91f14ad967bd4141b8a028af Certificate serial: 019B33B1BEC9A943066FFD66F17832662D5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft Manifest number: 14A4 Signing time: Thu 18 Dec 2025 23:00:45 +0000 Manifest this update: Thu 18 Dec 2025 23:00:45 +0000 Manifest next update: Fri 19 Dec 2025 23:00:45 +0000 Files and hashes: 1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: VkGmCjWDxmsXEnQXz9vMUzEpMOJO2P7T8TbvUUsFpzA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:be:c9:a9:43:06:6f:fd:66:f1:78:32:66:2d:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af Validity Not Before: Dec 18 23:00:45 2025 GMT Not After : Dec 19 23:00:45 2025 GMT Subject: CN=e6fcc0325baa5e008c62b67509487bf573772fb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c0:aa:a6:cd:96:0b:ff:3a:6b:95:4c:1c:e1: 26:f3:58:10:dc:4d:89:54:50:3c:32:5d:00:0d:5a: 93:35:2d:ef:23:a6:6d:7d:82:2a:6d:d2:31:f3:21: 4f:88:2e:51:ce:3f:e9:da:e4:fd:33:9e:75:b7:71: e3:fb:4c:0c:69:c9:22:bb:90:72:e4:f4:85:b2:f6: e9:dd:cd:b5:62:a4:d4:fd:d6:d4:c3:d3:9b:de:23: cc:0a:75:7d:dd:5b:dc:9b:3b:91:aa:be:7e:0b:a5: 4b:c0:27:cc:bf:f6:92:1f:6d:91:74:08:50:db:ae: df:a5:31:fc:fd:8f:a9:9d:59:99:10:3d:f4:d3:6e: df:89:8e:2a:77:a2:9e:e1:66:7e:1a:03:ac:d4:8d: 1a:da:9c:ad:b7:2c:7b:3c:b8:a5:13:05:c1:c0:1f: dc:d2:73:80:5e:ec:00:9f:f6:13:0c:4f:0d:d2:67: e8:c1:7c:f0:34:13:e6:cd:0a:0c:83:e9:0f:86:63: b9:ac:5a:f2:f4:28:11:a3:2e:d6:62:08:5a:b7:6b: 1a:b7:bc:71:ed:6e:27:b6:2c:a0:d2:b8:3c:cc:f5: c4:47:fa:62:ec:a3:a0:9d:04:82:16:34:dc:ed:db: ab:5e:70:33:90:86:ba:c9:1a:00:2a:48:88:c8:2e: 50:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:FC:C0:32:5B:AA:5E:00:8C:62:B6:75:09:48:7B:F5:73:77:2F:B2 X509v3 Authority Key Identifier: keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:16:14:0a:26:ca:be:34:8f:04:c7:2c:f8:72:75:77:93:6b: 67:63:04:a6:c3:38:d6:48:55:67:84:5f:18:74:89:1e:1e:b1: a2:f5:ae:8a:53:84:c5:64:10:95:f2:2e:d0:66:cf:97:84:54: b9:52:5e:fb:dc:d8:28:08:25:ef:03:49:af:b6:55:77:02:72: 4c:60:3a:94:75:16:bd:50:fd:41:b7:74:69:22:ce:c5:41:c3: 0a:d8:01:96:c9:68:47:bf:d9:ca:3d:35:84:e1:5c:b2:13:f7: 3b:d4:3f:3e:cf:92:32:cf:1c:6c:4a:03:6b:1a:74:11:17:41: 05:af:af:67:3e:06:12:7b:ac:59:b4:9d:f2:5b:3a:cd:4c:0e: e5:df:c9:f6:56:84:52:4b:f0:be:57:9e:d6:8a:f4:93:68:e1: fd:47:24:28:ab:57:b2:33:3c:33:96:00:24:38:84:65:4d:51: c7:ba:4f:1f:07:05:27:4a:09:f0:8b:d6:80:a2:1d:27:d1:82: a2:04:b5:e7:23:48:82:be:50:69:bc:80:3e:fd:2a:29:da:24: 10:ef:a4:95:5e:ce:04:8f:dc:b7:8b:a9:30:1c:03:b3:95:06: 2d:ae:06:e1:d9:40:8a:bb:06:ff:5b:d2:fc:55:08:af:c7:85: 7b:ea:5c:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsb7JqUMGb/1m8XgyZi1dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh MDI4YWYwHhcNMjUxMjE4MjMwMDQ1WhcNMjUxMjE5MjMwMDQ1WjAzMTEwLwYDVQQD EyhlNmZjYzAzMjViYWE1ZTAwOGM2MmI2NzUwOTQ4N2JmNTczNzcyZmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocCqps2WC/86a5VMHOEm81gQ3E2J VFA8Ml0ADVqTNS3vI6ZtfYIqbdIx8yFPiC5Rzj/p2uT9M551t3Hj+0wMackiu5By 5PSFsvbp3c21YqTU/dbUw9Ob3iPMCnV93VvcmzuRqr5+C6VLwCfMv/aSH22RdAhQ 267fpTH8/Y+pnVmZED30027fiY4qd6Ke4WZ+GgOs1I0a2pyttyx7PLilEwXBwB/c 0nOAXuwAn/YTDE8N0mfowXzwNBPmzQoMg+kPhmO5rFry9CgRoy7WYghat2sat7xx 7W4ntiyg0rg8zPXER/pi7KOgnQSCFjTc7durXnAzkIa6yRoAKkiIyC5QSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOb8wDJbql4AjGK2dQlIe/Vzdy+yMB8GA1UdIwQY MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5 LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnhYUCibK vjSPBMcs+HJ1d5NrZ2MEpsM41khVZ4RfGHSJHh6xovWuilOExWQQlfIu0GbPl4RU uVJe+9zYKAgl7wNJr7ZVdwJyTGA6lHUWvVD9Qbd0aSLOxUHDCtgBlsloR7/Zyj01 hOFcshP3O9Q/Ps+SMs8cbEoDaxp0ERdBBa+vZz4GEnusWbSd8ls6zUwO5d/J9laE Ukvwvlee1or0k2jh/UckKKtXsjM8M5YAJDiEZU1Rx7pPHwcFJ0oJ8IvWgKIdJ9GC ogS15yNIgr5QabyAPv0qKdokEO+klV7OBI/ct4upMBwDs5UGLa4G4dlAirsG/1vS /FUIr8eFe+pcNA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:23:19 2025 by rpki-client