This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json) Hash identifier: MfQqswMnyyeKqGYTwa4Dx6RhIyw5cjGyUeDKxhMEGFY= Subject key identifier: 3B:C4:2A:E2:0C:0B:9A:29:7F:E8:CD:C6:1F:5C:16:8F:67:54:71:A4 Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba Certificate serial: 019B4A71380B0F0F872F47FCD5468B742296 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft Manifest number: 147C Signing time: Tue 23 Dec 2025 09:01:32 +0000 Manifest this update: Tue 23 Dec 2025 09:01:32 +0000 Manifest next update: Wed 24 Dec 2025 09:01:32 +0000 Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=) 2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: cYQm37GXw1PhmlcmZ9iS/ChZ6x10xXm5Zh8pXP6C6FQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:71:38:0b:0f:0f:87:2f:47:fc:d5:46:8b:74:22:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba Validity Not Before: Dec 23 09:01:32 2025 GMT Not After : Dec 24 09:01:32 2025 GMT Subject: CN=3bc42ae20c0b9a297fe8cdc61f5c168f675471a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:5d:3f:d3:59:0f:b0:3c:21:9f:dd:5f:fb:78: 38:00:cc:d0:71:b5:a0:61:8c:a7:89:24:e5:26:f2: 94:02:86:45:4e:a6:ed:99:23:a0:f0:66:4d:ba:43: ec:41:03:44:b1:19:31:a4:83:52:a3:7c:86:38:db: d9:95:a6:19:40:39:a1:cf:38:05:0d:70:4f:1f:c3: 67:d8:51:0d:70:64:a0:0d:61:18:6f:19:f5:7f:cf: 39:70:77:f1:60:81:15:7a:dc:0b:4c:49:6e:7a:71: 38:df:cb:3d:98:20:95:63:65:85:34:64:31:7b:d0: 6c:29:7a:12:71:0d:33:c7:e1:57:30:11:1e:db:d9: 1f:f1:37:1d:7c:17:95:f1:a9:1e:ed:6e:14:ad:b1: 19:22:6c:06:21:75:03:f8:68:eb:cf:7f:05:8e:bb: a2:4c:b9:98:07:9c:ad:cb:db:e0:89:73:d2:5b:aa: 58:f2:08:5f:7b:1b:75:86:e2:60:dc:f0:0c:1e:b3: 09:c8:07:08:5d:f3:ca:1d:b1:2e:65:e2:e3:ba:94: b0:4b:6f:51:b1:9b:47:bf:99:24:e9:5b:13:ae:77: b6:cb:a5:6b:8e:81:ea:be:21:08:98:b3:44:11:74: a2:92:bd:32:92:70:59:8b:74:3c:7e:5b:c2:63:55: 0c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:C4:2A:E2:0C:0B:9A:29:7F:E8:CD:C6:1F:5C:16:8F:67:54:71:A4 X509v3 Authority Key Identifier: keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:5e:95:ca:49:92:16:b4:e0:c2:ba:46:de:09:37:6e:26:4b: 56:36:c6:98:ac:88:9b:1a:97:af:98:8c:2f:43:f3:de:4a:ca: 30:aa:6b:58:a4:b5:1a:bb:61:a5:f1:fa:eb:23:a4:48:b9:72: 1d:e0:63:dd:d2:72:3a:f1:f1:fe:d8:4c:c9:cd:55:65:ab:f1: 27:56:99:9d:ad:c8:b4:c7:18:15:9a:38:f3:2a:e1:75:33:73: da:04:ea:2d:53:7f:74:d7:01:55:1a:25:ee:dd:2d:98:9d:cc: f5:18:68:2d:c4:05:b7:86:ab:76:55:80:45:ac:78:4e:2e:d8: 6f:06:0b:ea:1e:f1:85:76:98:08:87:b5:28:8f:bd:7a:05:d8: 09:9d:d4:48:5a:59:8f:7b:f4:87:65:46:74:d6:91:d9:88:b0: 02:e8:9e:2a:5c:1b:6a:0d:d9:90:39:4b:5b:ce:29:62:91:c9: 16:8a:b8:21:97:e0:4f:bb:9d:41:13:4d:1e:b6:7b:60:98:db: 41:d0:36:ef:70:91:12:7c:5f:10:0c:7d:63:e5:5e:31:5b:49: a2:4e:45:8b:07:8a:67:40:82:9e:9a:8f:8b:23:29:f6:f1:de: 0b:24:d3:5f:a0:ac:23:41:c1:91:3f:c0:9b:4f:df:c5:28:19: 01:75:76:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKcTgLDw+HL0f81UaLdCKWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj NDQ5YmEwHhcNMjUxMjIzMDkwMTMyWhcNMjUxMjI0MDkwMTMyWjAzMTEwLwYDVQQD EygzYmM0MmFlMjBjMGI5YTI5N2ZlOGNkYzYxZjVjMTY4ZjY3NTQ3MWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA410/01kPsDwhn91f+3g4AMzQcbWg YYyniSTlJvKUAoZFTqbtmSOg8GZNukPsQQNEsRkxpINSo3yGONvZlaYZQDmhzzgF DXBPH8Nn2FENcGSgDWEYbxn1f885cHfxYIEVetwLTEluenE438s9mCCVY2WFNGQx e9BsKXoScQ0zx+FXMBEe29kf8TcdfBeV8ake7W4UrbEZImwGIXUD+Gjrz38Fjrui TLmYB5yty9vgiXPSW6pY8ghfext1huJg3PAMHrMJyAcIXfPKHbEuZeLjupSwS29R sZtHv5kk6VsTrne2y6VrjoHqviEImLNEEXSikr0yknBZi3Q8flvCY1UMzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDvEKuIMC5opf+jNxh9cFo9nVHGkMB8GA1UdIwQY MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiF6VykmS FrTgwrpG3gk3biZLVjbGmKyImxqXr5iML0Pz3krKMKprWKS1GrthpfH66yOkSLly HeBj3dJyOvHx/thMyc1VZavxJ1aZna3ItMcYFZo48yrhdTNz2gTqLVN/dNcBVRol 7t0tmJ3M9RhoLcQFt4ardlWARax4Ti7YbwYL6h7xhXaYCIe1KI+9egXYCZ3USFpZ j3v0h2VGdNaR2YiwAuieKlwbag3ZkDlLW84pYpHJFoq4IZfgT7udQRNNHrZ7YJjb QdA273CREnxfEAx9Y+VeMVtJok5FiweKZ0CCnpqPiyMp9vHeCyTTX6CsI0HBkT/A m0/fxSgZAXV2kA== -----END CERTIFICATE-----Generated at Tue Dec 23 14:51:16 2025 by rpki-client