This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft File: q7lESdTSRidxdzvAimJFB9pRKw0.mft (raw, json) Hash identifier: FhCsdx0zhmbZVT7AqN3ptSkNvA0d24DGamzLi11b6VE= Subject key identifier: 83:2B:BD:68:02:87:70:0A:6D:A9:F0:A1:55:BB:A9:51:27:B9:DB:D1 Authority key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D Certificate issuer: /CN=abb94449d4d2462771773bc08a624507da512b0d Certificate serial: 019B33B196F388FFA51D601F38FB2F2B76FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft Manifest number: 0868 Signing time: Thu 18 Dec 2025 23:00:34 +0000 Manifest this update: Thu 18 Dec 2025 23:00:34 +0000 Manifest next update: Fri 19 Dec 2025 23:00:34 +0000 Files and hashes: 1: q7lESdTSRidxdzvAimJFB9pRKw0.crl (hash: 1GrNe9DyIZvgdKiB95poawzfTK0cR57fqmZ3KSSvqVM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:96:f3:88:ff:a5:1d:60:1f:38:fb:2f:2b:76:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abb94449d4d2462771773bc08a624507da512b0d Validity Not Before: Dec 18 23:00:34 2025 GMT Not After : Dec 19 23:00:34 2025 GMT Subject: CN=832bbd680287700a6da9f0a155bba95127b9dbd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:51:03:11:e7:d6:6b:a4:ac:09:e0:e9:b9:3f: df:86:09:76:06:77:c7:ae:88:d1:78:5e:f6:d3:22: da:7f:98:b5:e8:32:ee:0e:23:47:a5:34:5f:e2:21: cf:63:9e:69:c4:f6:00:61:a7:2e:ea:ae:3c:4a:56: cf:e7:7e:d7:0c:5a:ef:ae:18:a2:d8:1f:62:67:2a: 31:7c:29:8a:f3:fc:bf:7b:66:69:d0:2a:52:d1:b0: af:d2:e9:7e:47:17:29:87:e5:93:66:d7:ad:f1:ba: 60:42:82:5b:89:98:a3:10:f6:66:f7:64:8e:c4:6e: 56:54:c8:99:3f:41:99:8a:5f:fb:35:ef:23:1b:9b: 47:73:71:fa:92:e8:ac:5b:be:d2:72:23:aa:c8:ce: 5d:d7:a1:dc:95:8a:d9:5a:01:0d:5e:c0:c6:23:e0: eb:f4:44:d0:a2:72:3b:56:d5:85:0c:bf:2e:46:34: 9c:52:61:57:1b:ef:bb:70:6b:a4:50:d7:c1:e7:1e: 10:8a:35:f1:8d:e6:a9:a7:56:af:fc:b3:84:f8:57: 91:43:49:c4:9c:16:e6:b6:12:df:b8:fd:20:94:f8: fa:d8:02:73:7d:6a:66:05:0d:7b:cf:f0:b3:36:1c: 17:ea:04:96:cd:0a:d5:5f:56:ff:95:f1:5c:16:be: 44:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:2B:BD:68:02:87:70:0A:6D:A9:F0:A1:55:BB:A9:51:27:B9:DB:D1 X509v3 Authority Key Identifier: keyid:AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:1f:54:ee:e0:28:f1:6e:5a:a8:34:96:9c:f4:36:7b:af:d0: d2:29:52:05:28:36:53:7f:61:18:64:df:4f:30:84:0f:1a:bf: 6c:f2:69:0e:20:40:0a:2b:38:55:ea:14:27:e7:2b:60:6b:5b: 82:bb:63:70:c5:84:8f:12:1e:31:87:07:c6:a6:3a:e5:8b:dd: 86:36:e1:04:b8:5a:ba:65:16:f8:6b:2d:ab:0c:43:37:00:bb: 57:52:2c:4e:b8:bc:22:21:a1:86:e7:77:53:bd:ca:a6:dc:cc: bd:2b:29:ba:9e:56:db:86:83:dd:d8:12:b7:d0:e4:53:28:b5: 45:b2:a4:5a:62:c7:e8:34:5a:dc:31:b9:40:63:d0:f1:c3:f4: 60:02:67:7d:6c:7e:a6:a0:07:ec:d2:e0:a7:e1:2a:ff:2c:a1: 17:c4:21:f6:19:dc:a3:b1:67:0a:e5:15:94:dc:09:57:2c:14: df:2f:22:5f:44:31:ce:be:f5:f2:93:4c:91:a2:6d:dd:cb:3a: b5:eb:de:4d:80:fc:34:ed:54:77:49:be:0a:55:b9:a1:4c:1f: a2:e4:17:13:69:d9:d1:87:3d:50:d2:e2:19:d4:6f:a6:ad:79: 79:71:52:06:9c:2d:dc:79:96:83:f4:be:06:9b:14:d2:eb:35: 3c:9c:c7:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsZbziP+lHWAfOPsvK3b/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiYjk0NDQ5ZDRkMjQ2Mjc3MTc3M2JjMDhhNjI0NTA3ZGE1 MTJiMGQwHhcNMjUxMjE4MjMwMDM0WhcNMjUxMjE5MjMwMDM0WjAzMTEwLwYDVQQD Eyg4MzJiYmQ2ODAyODc3MDBhNmRhOWYwYTE1NWJiYTk1MTI3YjlkYmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFEDEefWa6SsCeDpuT/fhgl2BnfH rojReF720yLaf5i16DLuDiNHpTRf4iHPY55pxPYAYacu6q48SlbP537XDFrvrhii 2B9iZyoxfCmK8/y/e2Zp0CpS0bCv0ul+Rxcph+WTZtet8bpgQoJbiZijEPZm92SO xG5WVMiZP0GZil/7Ne8jG5tHc3H6kuisW77SciOqyM5d16HclYrZWgENXsDGI+Dr 9ETQonI7VtWFDL8uRjScUmFXG++7cGukUNfB5x4QijXxjeapp1av/LOE+FeRQ0nE nBbmthLfuP0glPj62AJzfWpmBQ17z/CzNhwX6gSWzQrVX1b/lfFcFr5EvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIMrvWgCh3AKbanwoVW7qVEnudvRMB8GA1UdIwQY MBaAFKu5REnU0kYncXc7wIpiRQfaUSsNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgt NzBjMGMxNWJjODBhLzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82MjVkNzgtMDE5Yy00MzAxLWJhNzgtNzBjMGMxNWJjODBh LzEvcTdsRVNkVFNSaWR4ZHp2QWltSkZCOXBSS3cwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWR9U7uAo 8W5aqDSWnPQ2e6/Q0ilSBSg2U39hGGTfTzCEDxq/bPJpDiBACis4VeoUJ+crYGtb grtjcMWEjxIeMYcHxqY65YvdhjbhBLhaumUW+GstqwxDNwC7V1IsTri8IiGhhud3 U73KptzMvSspup5W24aD3dgSt9DkUyi1RbKkWmLH6DRa3DG5QGPQ8cP0YAJnfWx+ pqAH7NLgp+Eq/yyhF8Qh9hnco7FnCuUVlNwJVywU3y8iX0Qxzr718pNMkaJt3cs6 teveTYD8NO1Ud0m+ClW5oUwfouQXE2nZ0Yc9UNLiGdRvpq15eXFSBpwt3HmWg/S+ BpsU0us1PJzHBw== -----END CERTIFICATE-----Generated at Fri Dec 19 07:53:47 2025 by rpki-client