This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft File: 0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json) Hash identifier: ivvw3iUSbBbovOoTzAsC6X+TP5/rfOspRO9SzfvsLCc= Subject key identifier: 54:5F:CB:56:C0:26:F8:E6:5A:25:C7:76:F0:25:06:3A:05:DA:8B:2B Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72 Certificate issuer: /CN=d2a2462f7208b097013b5f216d63437fa401fb72 Certificate serial: 019B1A28F69E997F7A0A558B94992EEA992D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft Manifest number: 0AE9 Signing time: Sun 14 Dec 2025 00:00:50 +0000 Manifest this update: Sun 14 Dec 2025 00:00:50 +0000 Manifest next update: Mon 15 Dec 2025 00:00:50 +0000 Files and hashes: 1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: exxeo7+zQTAuiVpO8+ek8msASU5/TwwK4YZdOrC271c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1a:28:f6:9e:99:7f:7a:0a:55:8b:94:99:2e:ea:99:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72 Validity Not Before: Dec 14 00:00:50 2025 GMT Not After : Dec 15 00:00:50 2025 GMT Subject: CN=545fcb56c026f8e65a25c776f025063a05da8b2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:92:30:54:b6:51:8e:db:03:a0:5a:1e:f8:ef: d4:66:72:4f:7b:cc:19:84:0e:c9:35:6c:19:f0:cf: 14:b0:10:27:24:3d:fe:73:96:0f:27:03:35:74:26: f4:a8:11:08:e3:31:4e:50:98:87:4b:ee:4c:2c:7b: 68:04:e1:e9:ac:d3:38:44:dd:4b:10:0a:81:5f:ca: 3b:0a:45:c9:b9:f3:75:b9:27:6e:ff:c0:67:83:4f: cc:c6:c9:9b:c5:0a:e7:b1:94:65:cc:a6:93:da:84: fc:a0:5e:8d:b2:2b:35:63:3f:f2:1a:cf:ac:40:01: 9b:81:05:bd:bb:b0:e9:53:b7:ae:3c:2a:6a:c9:6d: 6b:73:bc:2f:63:19:47:d5:c5:41:1e:d0:c9:8f:c9: e3:ce:64:9f:32:4b:36:b1:b5:7e:38:d2:34:ad:35: 54:12:ee:d5:b3:84:28:b9:93:a9:33:fa:2c:f1:dd: 37:59:62:a9:79:c6:ec:d3:1e:27:6f:56:31:28:f0: 6c:30:d5:94:fc:88:a3:33:cb:19:6f:84:df:51:ad: bd:88:ea:ce:3a:92:1a:6b:85:41:9d:41:80:bf:32: 7d:e5:0a:6d:0f:a2:79:90:85:99:99:f0:7a:d4:4d: a8:4f:a9:41:59:3d:d1:ef:ad:fa:1e:4e:22:01:82: fb:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:5F:CB:56:C0:26:F8:E6:5A:25:C7:76:F0:25:06:3A:05:DA:8B:2B X509v3 Authority Key Identifier: keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:6f:0a:1e:43:c4:f2:65:7b:0c:8c:78:d8:fa:b7:e6:a8:74: 7a:ec:32:67:78:01:ee:9d:28:44:81:43:99:b3:a2:28:47:cb: 6d:b9:8c:58:da:d3:77:c0:7b:01:7b:f2:1f:bd:d4:01:53:2d: 73:f0:80:0f:75:4e:71:90:f0:f8:1a:4e:d1:c4:45:e4:ae:0f: c2:40:64:6e:5a:49:2c:f9:92:dd:a0:d0:6f:d2:b2:6d:01:12: 85:17:3a:2c:28:cb:c6:98:fc:25:06:c2:c3:ba:ba:17:2c:a8: f7:78:8f:b0:26:80:69:3e:0c:0e:ed:05:d2:75:03:6b:93:08: 35:46:39:98:da:51:57:ce:9f:b1:4e:a3:2a:45:5f:11:51:d5: 70:ca:69:75:a1:19:fb:9b:c4:13:bf:57:c1:c7:37:d6:bb:3c: 95:72:8d:df:3b:45:54:df:19:a7:60:0e:8f:b2:0f:5c:b3:50: 2c:8b:26:09:17:6f:9e:88:1a:18:b5:ea:1e:47:47:ed:98:5f: c5:ec:0b:07:4a:c1:ec:72:5e:19:42:4a:0b:17:81:2b:26:c1: f7:0d:4a:cc:6d:f1:8e:dd:27:eb:7e:6c:c9:be:a9:01:12:a4: 0d:3a:fe:61:b9:6f:38:6b:2b:62:27:f9:8b:5a:b6:2b:18:7b: 9a:2f:27:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsaKPaemX96ClWLlJku6pktMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw MWZiNzIwHhcNMjUxMjE0MDAwMDUwWhcNMjUxMjE1MDAwMDUwWjAzMTEwLwYDVQQD Eyg1NDVmY2I1NmMwMjZmOGU2NWEyNWM3NzZmMDI1MDYzYTA1ZGE4YjJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspIwVLZRjtsDoFoe+O/UZnJPe8wZ hA7JNWwZ8M8UsBAnJD3+c5YPJwM1dCb0qBEI4zFOUJiHS+5MLHtoBOHprNM4RN1L EAqBX8o7CkXJufN1uSdu/8Bng0/MxsmbxQrnsZRlzKaT2oT8oF6Nsis1Yz/yGs+s QAGbgQW9u7DpU7euPCpqyW1rc7wvYxlH1cVBHtDJj8njzmSfMks2sbV+ONI0rTVU Eu7Vs4QouZOpM/os8d03WWKpecbs0x4nb1YxKPBsMNWU/IijM8sZb4TfUa29iOrO OpIaa4VBnUGAvzJ95QptD6J5kIWZmfB61E2oT6lBWT3R7636Hk4iAYL7VQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRfy1bAJvjmWiXHdvAlBjoF2osrMB8GA1UdIwQY MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIG8KHkPE 8mV7DIx42Pq35qh0euwyZ3gB7p0oRIFDmbOiKEfLbbmMWNrTd8B7AXvyH73UAVMt c/CAD3VOcZDw+BpO0cRF5K4PwkBkblpJLPmS3aDQb9KybQEShRc6LCjLxpj8JQbC w7q6Fyyo93iPsCaAaT4MDu0F0nUDa5MINUY5mNpRV86fsU6jKkVfEVHVcMppdaEZ +5vEE79Xwcc31rs8lXKN3ztFVN8Zp2AOj7IPXLNQLIsmCRdvnogaGLXqHkdH7Zhf xewLB0rB7HJeGUJKCxeBKybB9w1KzG3xjt0n635syb6pARKkDTr+YblvOGsrYif5 i1q2Kxh7mi8nxg== -----END CERTIFICATE-----Generated at Sun Dec 14 07:45:57 2025 by rpki-client