This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.mft File: Q34DDURmGkwgHroD3kUrBLjn2eU.mft (raw, json) Hash identifier: lo4pDObUSy14/SHWsk4pfXlH8dCfHdCQnWYQ2Taru5U= Subject key identifier: 5B:F2:D2:66:D1:74:47:70:00:A1:85:A1:4E:65:7B:8F:28:AD:4E:28 Authority key identifier: 43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5 Certificate issuer: /CN=437e030d44661a4c201eba03de452b04b8e7d9e5 Certificate serial: 019B22F57AE10FD2345B645AB5E831F22263 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.mft Manifest number: 16C0 Signing time: Mon 15 Dec 2025 17:01:11 +0000 Manifest this update: Mon 15 Dec 2025 17:01:11 +0000 Manifest next update: Tue 16 Dec 2025 17:01:11 +0000 Files and hashes: 1: Q34DDURmGkwgHroD3kUrBLjn2eU.crl (hash: s4ahaCD8IrY+sO5d/I+8beDyvy72XEJp2iuuxbIB6uU=) 2: aTnDDG7156iJH1B7VtXl45Lxz4c.roa (hash: uqmE7u3SyyyiP9Dvg82dGi927wLVOacs75i5/YZ4Qho=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.mft rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:f5:7a:e1:0f:d2:34:5b:64:5a:b5:e8:31:f2:22:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=437e030d44661a4c201eba03de452b04b8e7d9e5 Validity Not Before: Dec 15 17:01:11 2025 GMT Not After : Dec 16 17:01:11 2025 GMT Subject: CN=5bf2d266d174477000a185a14e657b8f28ad4e28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a6:ca:69:d2:98:af:7e:e2:6e:fd:d6:2c:e0: 81:35:ba:86:d3:a6:59:26:24:b8:30:aa:8c:ab:65: 23:80:72:63:87:0c:4a:f3:4a:23:c4:a0:23:f1:17: e8:50:f2:f6:7f:f8:e5:41:90:4e:ed:f4:61:af:1e: 8b:dd:e8:2b:57:45:d7:bc:25:64:a3:9b:78:1b:af: 17:3e:23:a0:d7:6b:6a:ac:f7:56:8d:0e:b5:b0:f6: 85:3d:64:9a:ec:ae:7d:c4:4c:80:88:48:8a:08:68: 3f:bc:e7:24:bd:2d:ae:e3:e4:47:6b:11:be:bf:b5: 32:68:dc:a7:c5:81:09:bf:95:08:e2:8f:f4:3a:f1: 0d:e2:07:31:4d:5a:83:9c:44:43:c9:d6:56:d6:22: 8b:b5:c2:9e:3a:66:7b:44:2c:4f:58:21:8f:52:c2: 71:87:c1:0a:fb:bc:64:da:de:b9:26:bc:02:7f:97: 0d:85:b6:0c:bd:7b:85:a3:e8:52:76:65:61:3a:24: 91:90:58:4f:7e:53:f2:11:42:29:9e:65:0c:97:2e: 37:77:cd:ed:cf:a4:01:21:49:b2:b0:ba:38:9e:21: 0c:34:e5:75:33:30:37:ba:94:b4:c9:fa:bf:c9:c0: 98:7e:de:52:04:d2:20:70:6f:d9:0d:6a:bb:69:eb: 03:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:F2:D2:66:D1:74:47:70:00:A1:85:A1:4E:65:7B:8F:28:AD:4E:28 X509v3 Authority Key Identifier: keyid:43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:c3:18:d8:b8:ee:b7:63:f7:2c:3a:d1:16:44:cb:9c:57:07: 26:d5:4b:83:98:f9:6d:21:b2:63:78:75:8b:05:8b:92:a3:21: 86:e9:0a:9d:7d:eb:48:a7:97:90:3c:43:59:3f:5a:ae:a2:50: 06:2f:c6:26:de:5b:2d:08:8d:01:c5:58:c4:cd:52:9b:56:7d: 14:49:04:f9:13:1e:03:4a:e8:8c:b6:6d:19:d9:ef:57:55:8d: cc:6d:2d:d5:dc:f9:2b:4d:33:68:c5:a5:88:70:be:2c:9d:60: bf:e3:d0:64:64:7f:3e:46:9a:d5:b4:12:fa:c4:50:36:fb:8c: f8:29:00:90:10:6a:61:48:5a:49:56:d5:1f:12:39:06:7e:ec: b6:0d:34:5b:85:4a:c7:2a:f7:f6:a4:b8:d3:b0:7b:1a:7d:aa: bb:94:d3:4d:bd:4c:c3:1c:a2:af:ec:17:bc:15:13:25:93:4b: 29:eb:aa:53:c2:43:31:fe:94:68:64:54:f2:ff:7c:99:66:03: 71:d8:b5:1e:ce:87:7d:44:98:d4:e7:8f:47:11:2b:42:87:d2: ec:17:9a:46:ec:d0:08:b2:6f:94:6a:6c:1b:b1:51:96:63:3e: bf:76:bd:7c:51:36:e8:e6:5b:92:6b:dc:c9:d7:20:34:3e:11: 77:1c:72:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsi9XrhD9I0W2Rategx8iJjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzN2UwMzBkNDQ2NjFhNGMyMDFlYmEwM2RlNDUyYjA0Yjhl N2Q5ZTUwHhcNMjUxMjE1MTcwMTExWhcNMjUxMjE2MTcwMTExWjAzMTEwLwYDVQQD Eyg1YmYyZDI2NmQxNzQ0NzcwMDBhMTg1YTE0ZTY1N2I4ZjI4YWQ0ZTI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6bKadKYr37ibv3WLOCBNbqG06ZZ JiS4MKqMq2UjgHJjhwxK80ojxKAj8RfoUPL2f/jlQZBO7fRhrx6L3egrV0XXvCVk o5t4G68XPiOg12tqrPdWjQ61sPaFPWSa7K59xEyAiEiKCGg/vOckvS2u4+RHaxG+ v7UyaNynxYEJv5UI4o/0OvEN4gcxTVqDnERDydZW1iKLtcKeOmZ7RCxPWCGPUsJx h8EK+7xk2t65JrwCf5cNhbYMvXuFo+hSdmVhOiSRkFhPflPyEUIpnmUMly43d83t z6QBIUmysLo4niEMNOV1MzA3upS0yfq/ycCYft5SBNIgcG/ZDWq7aesDzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFvy0mbRdEdwAKGFoU5le48orU4oMB8GA1UdIwQY MBaAFEN+Aw1EZhpMIB66A95FKwS459nlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUt YmJkMjEwNmYzMzcwLzEvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUtYmJkMjEwNmYzMzcw LzEvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlsMY2Lju t2P3LDrRFkTLnFcHJtVLg5j5bSGyY3h1iwWLkqMhhukKnX3rSKeXkDxDWT9arqJQ Bi/GJt5bLQiNAcVYxM1Sm1Z9FEkE+RMeA0rojLZtGdnvV1WNzG0t1dz5K00zaMWl iHC+LJ1gv+PQZGR/Pkaa1bQS+sRQNvuM+CkAkBBqYUhaSVbVHxI5Bn7stg00W4VK xyr39qS407B7Gn2qu5TTTb1Mwxyir+wXvBUTJZNLKeuqU8JDMf6UaGRU8v98mWYD cdi1Hs6HfUSY1OePRxErQofS7BeaRuzQCLJvlGpsG7FRlmM+v3a9fFE26OZbkmvc ydcgND4Rdxxyog== -----END CERTIFICATE-----Generated at Mon Dec 15 19:45:05 2025 by rpki-client