This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft File: pQHIn0SCnHLyqVPSorpK4Le1DYo.mft (raw, json) Hash identifier: AckP+Brk74xG2HsSLcd91wntTLcMUap56kgepPVaJCc= Subject key identifier: 45:47:4F:0D:6B:1E:96:7C:F9:E2:52:D2:82:C7:23:7C:3D:7C:0C:9A Authority key identifier: A5:01:C8:9F:44:82:9C:72:F2:A9:53:D2:A2:BA:4A:E0:B7:B5:0D:8A Certificate issuer: /CN=a501c89f44829c72f2a953d2a2ba4ae0b7b50d8a Certificate serial: 019B5A1A8F4D60DC15E91CBECC772FFA4B07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft Manifest number: 1799 Signing time: Fri 26 Dec 2025 10:00:48 +0000 Manifest this update: Fri 26 Dec 2025 10:00:48 +0000 Manifest next update: Sat 27 Dec 2025 10:00:48 +0000 Files and hashes: 1: D5U1j0YPEDas8bxMtDOehRJb48U.roa (hash: AkMtfy33YmmtJG2wcdM/0Qvh01UPoaXKoDXm68LNuus=) 2: pQHIn0SCnHLyqVPSorpK4Le1DYo.crl (hash: GQDejKAjJQpYMkI8LztasHSnwhubmC03TOgHFROzfHo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:8f:4d:60:dc:15:e9:1c:be:cc:77:2f:fa:4b:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a501c89f44829c72f2a953d2a2ba4ae0b7b50d8a Validity Not Before: Dec 26 10:00:48 2025 GMT Not After : Dec 27 10:00:48 2025 GMT Subject: CN=45474f0d6b1e967cf9e252d282c7237c3d7c0c9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f5:85:a4:83:08:6c:85:22:16:08:63:1b:47: f2:01:7b:24:30:9d:80:70:bd:f4:1c:ef:73:7c:2d: 65:fc:99:f8:4c:a1:f9:87:4a:21:68:4c:dc:86:ca: 62:23:e1:45:07:b1:27:ea:66:8c:39:3e:1f:3d:70: be:cb:01:2b:cd:ad:c8:7e:f7:03:8b:82:41:b3:82: c6:ef:ed:9a:90:be:3f:3c:d8:90:c9:f6:bf:48:7a: a1:b3:88:9c:ee:a5:69:ca:d7:66:38:fe:6a:7a:d8: c5:09:7f:40:61:dd:42:1a:d8:b9:a0:0c:4c:e4:6c: 47:89:bb:61:93:fc:ea:cc:4a:78:00:26:4c:36:ec: 78:f0:e1:79:69:e9:ea:f3:80:f8:36:10:5a:2e:1e: fc:97:00:02:5d:d3:ee:64:d3:88:e6:73:1f:83:37: ab:4b:00:a9:9c:ac:aa:38:7e:79:ac:8f:eb:e0:9c: 17:2c:a2:bf:d6:62:e1:99:30:7d:e2:95:6b:d5:a2: 4f:8a:88:88:8a:fe:09:8e:ea:e1:54:e5:5c:e0:e6: cd:a4:de:18:d5:76:92:11:7a:18:5c:78:3c:c9:4b: 86:cc:c7:c8:66:96:f5:fa:d0:68:cf:d3:46:69:87: 72:ab:96:46:73:90:2a:a9:02:3d:27:70:4e:f7:c6: 06:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:47:4F:0D:6B:1E:96:7C:F9:E2:52:D2:82:C7:23:7C:3D:7C:0C:9A X509v3 Authority Key Identifier: keyid:A5:01:C8:9F:44:82:9C:72:F2:A9:53:D2:A2:BA:4A:E0:B7:B5:0D:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:27:e5:46:d2:6c:e0:8a:a9:e1:f7:d4:e0:0e:9c:ac:c6:47: 97:ab:06:4f:50:81:33:1f:38:cc:ea:97:b1:b8:5b:f1:15:c9: bd:7a:f6:25:d3:2e:f2:1f:fc:ac:3e:b5:a4:c3:21:72:ce:df: 50:36:68:fd:99:d3:bd:d1:14:f1:8e:50:79:d6:c1:47:a3:7b: 19:65:78:88:c9:58:8d:cc:18:9a:ff:2b:70:72:f7:f7:b8:f2: e2:3c:6c:ea:17:32:3f:78:d5:5a:37:ae:da:06:70:19:5c:d8: 0e:20:c8:b3:0a:6b:64:1b:c2:dc:eb:3a:07:f0:56:ee:ad:9b: 12:58:58:ee:12:1f:3c:7c:85:3b:50:45:ad:80:d4:37:e4:fb: 44:49:24:ea:e9:27:9b:c4:07:89:64:ef:72:18:4f:f1:64:e2: 4d:7a:7c:fc:7a:12:3e:ca:3b:d9:f3:15:1e:de:12:9b:3b:63: 94:7b:db:2f:3c:00:df:08:29:e4:70:1b:93:98:ee:59:f4:9a: 6f:e8:29:3f:a8:ab:84:e5:c6:2c:84:89:fc:95:9c:97:d4:1e: d8:d4:59:5e:b0:f4:0b:52:c4:4f:a0:6d:7e:1a:a3:a3:32:e0: ca:43:91:95:4c:fb:cd:42:23:18:51:d4:d1:11:81:63:53:a7: 9f:0a:d2:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGo9NYNwV6Ry+zHcv+ksHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MDFjODlmNDQ4MjljNzJmMmE5NTNkMmEyYmE0YWUwYjdi NTBkOGEwHhcNMjUxMjI2MTAwMDQ4WhcNMjUxMjI3MTAwMDQ4WjAzMTEwLwYDVQQD Eyg0NTQ3NGYwZDZiMWU5NjdjZjllMjUyZDI4MmM3MjM3YzNkN2MwYzlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvWFpIMIbIUiFghjG0fyAXskMJ2A cL30HO9zfC1l/Jn4TKH5h0ohaEzchspiI+FFB7En6maMOT4fPXC+ywErza3IfvcD i4JBs4LG7+2akL4/PNiQyfa/SHqhs4ic7qVpytdmOP5qetjFCX9AYd1CGti5oAxM 5GxHibthk/zqzEp4ACZMNux48OF5aenq84D4NhBaLh78lwACXdPuZNOI5nMfgzer SwCpnKyqOH55rI/r4JwXLKK/1mLhmTB94pVr1aJPioiIiv4JjurhVOVc4ObNpN4Y 1XaSEXoYXHg8yUuGzMfIZpb1+tBoz9NGaYdyq5ZGc5AqqQI9J3BO98YG4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEVHTw1rHpZ8+eJS0oLHI3w9fAyaMB8GA1UdIwQY MBaAFKUByJ9Egpxy8qlT0qK6SuC3tQ2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kNWUxMDMtOTBiNS00NGYxLWI4NjQt MTRhMWViNTUxMmQ2LzEvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9kNWUxMDMtOTBiNS00NGYxLWI4NjQtMTRhMWViNTUxMmQ2 LzEvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSflRtJs 4Iqp4ffU4A6crMZHl6sGT1CBMx84zOqXsbhb8RXJvXr2JdMu8h/8rD61pMMhcs7f UDZo/ZnTvdEU8Y5QedbBR6N7GWV4iMlYjcwYmv8rcHL397jy4jxs6hcyP3jVWjeu 2gZwGVzYDiDIswprZBvC3Os6B/BW7q2bElhY7hIfPHyFO1BFrYDUN+T7REkk6ukn m8QHiWTvchhP8WTiTXp8/HoSPso72fMVHt4SmztjlHvbLzwA3wgp5HAbk5juWfSa b+gpP6irhOXGLISJ/JWcl9Qe2NRZXrD0C1LET6BtfhqjozLgykORlUz7zUIjGFHU 0RGBY1OnnwrSJw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:22 2025 by rpki-client