This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft File: qK9MCjctAUVV99TXyJz5lvBRQvU.mft (raw, json) Hash identifier: d7iKNwTCKmLYkljrLB6kSBydZGso6fwut6Rm6prPRco= Subject key identifier: D1:E9:B8:0D:28:DE:4D:06:19:13:5A:87:81:B0:2A:C8:2E:FF:24:54 Authority key identifier: A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5 Certificate issuer: /CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5 Certificate serial: 019B443853A42D93DDF3FD531E42D0FC0988 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft Manifest number: 051F Signing time: Mon 22 Dec 2025 04:01:40 +0000 Manifest this update: Mon 22 Dec 2025 04:01:40 +0000 Manifest next update: Tue 23 Dec 2025 04:01:40 +0000 Files and hashes: 1: qK9MCjctAUVV99TXyJz5lvBRQvU.crl (hash: fq9or5wxXTx+puVvqRp/WNuGj3/37LdioOAymFp1LWg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:53:a4:2d:93:dd:f3:fd:53:1e:42:d0:fc:09:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8af4c0a372d014555f7d4d7c89cf996f05142f5 Validity Not Before: Dec 22 04:01:40 2025 GMT Not After : Dec 23 04:01:40 2025 GMT Subject: CN=d1e9b80d28de4d0619135a8781b02ac82eff2454 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8c:3e:c6:2a:ce:f7:03:7f:90:14:c8:3d:e2: 27:1c:b0:57:4b:20:ff:eb:56:c7:fe:92:cd:0b:9a: de:40:2d:4b:e3:45:84:31:98:31:37:b9:74:5a:a4: 68:d5:d7:05:a4:42:5f:e5:74:4d:f3:6f:66:7d:62: 12:18:42:2a:74:32:0e:92:b0:97:ee:51:65:e0:6a: 88:6e:6b:0d:e2:f1:76:8f:c7:ea:52:23:b3:66:bb: fc:1f:fd:7b:d0:ca:a4:72:25:27:d4:26:48:a3:8f: f0:fd:e1:0a:6c:ad:9e:47:2d:0d:16:27:8f:43:31: 6e:59:14:fb:91:02:c7:1a:e2:e2:07:fb:4c:9d:a8: 6c:e6:ff:fc:73:05:c6:8b:36:10:60:3e:18:8e:eb: f8:26:75:0b:97:d8:71:60:af:04:4c:f5:e3:44:5e: 44:33:71:0f:ba:37:3c:e5:02:e9:67:c9:79:c9:ee: 8a:d6:2e:bc:58:49:15:7c:64:33:db:0d:04:54:94: 73:56:62:a6:1e:3b:ca:b4:c4:a6:a5:26:ad:ea:f2: 55:3e:9f:20:13:fe:38:d6:d4:c8:b0:88:75:27:c0: 99:0b:86:4a:55:b8:68:48:32:5f:89:86:cd:de:ac: d6:60:1f:19:d7:ad:21:df:41:ca:cc:40:20:d2:28: 30:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:E9:B8:0D:28:DE:4D:06:19:13:5A:87:81:B0:2A:C8:2E:FF:24:54 X509v3 Authority Key Identifier: keyid:A8:AF:4C:0A:37:2D:01:45:55:F7:D4:D7:C8:9C:F9:96:F0:51:42:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qK9MCjctAUVV99TXyJz5lvBRQvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8b2bbd-af12-46ae-a50f-dab38fd3c786/1/qK9MCjctAUVV99TXyJz5lvBRQvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:6a:bd:30:e7:d5:1d:22:93:81:69:8c:2f:69:ee:d2:ab:7c: 4f:de:a8:64:fa:4d:37:82:23:4c:34:e3:58:a6:ed:27:ac:ef: ac:c7:17:0a:68:28:29:04:e2:06:50:d7:db:1f:eb:4e:a3:bf: e3:06:25:71:8c:d4:13:83:86:76:9c:24:63:1b:8a:60:fe:2c: 91:e6:a7:d3:66:2c:a5:f4:6c:80:c7:ab:b1:68:4b:d3:9f:6d: ca:e6:1b:3b:ae:62:f0:24:53:48:80:fc:d0:34:7e:97:3b:9a: ea:28:61:2a:1d:91:08:ad:40:9f:72:7a:2a:85:3d:b7:03:e8: 2b:4f:65:0a:48:92:b1:67:bd:88:7f:3d:62:63:08:e8:f1:d7: e6:58:c1:ca:34:ee:ac:6b:42:7f:56:84:a5:51:a4:82:20:1d: f4:e7:31:28:df:9b:2c:45:74:05:f0:c5:d6:19:16:3b:d8:68: e1:0e:0a:3d:c9:eb:ee:bd:a7:2a:3e:2e:bd:8b:3b:98:f9:b8: 87:9a:6a:6b:1b:ad:d1:20:20:b5:8d:55:3f:ec:c1:cf:f6:dc: ff:7a:0a:f1:b6:52:39:14:b6:49:10:00:69:1e:07:f3:8c:1e: 9c:79:83:b3:4d:ac:74:a2:d9:c5:6c:c9:f6:e8:a9:d8:97:41: 3c:0d:aa:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOFOkLZPd8/1THkLQ/AmIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4YWY0YzBhMzcyZDAxNDU1NWY3ZDRkN2M4OWNmOTk2ZjA1 MTQyZjUwHhcNMjUxMjIyMDQwMTQwWhcNMjUxMjIzMDQwMTQwWjAzMTEwLwYDVQQD EyhkMWU5YjgwZDI4ZGU0ZDA2MTkxMzVhODc4MWIwMmFjODJlZmYyNDU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuow+xirO9wN/kBTIPeInHLBXSyD/ 61bH/pLNC5reQC1L40WEMZgxN7l0WqRo1dcFpEJf5XRN829mfWISGEIqdDIOkrCX 7lFl4GqIbmsN4vF2j8fqUiOzZrv8H/170MqkciUn1CZIo4/w/eEKbK2eRy0NFieP QzFuWRT7kQLHGuLiB/tMnahs5v/8cwXGizYQYD4Yjuv4JnULl9hxYK8ETPXjRF5E M3EPujc85QLpZ8l5ye6K1i68WEkVfGQz2w0EVJRzVmKmHjvKtMSmpSat6vJVPp8g E/441tTIsIh1J8CZC4ZKVbhoSDJfiYbN3qzWYB8Z160h30HKzEAg0igw/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNHpuA0o3k0GGRNah4GwKsgu/yRUMB8GA1UdIwQY MBaAFKivTAo3LQFFVffU18ic+ZbwUUL1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYt ZGFiMzhmZDNjNzg2LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC84YjJiYmQtYWYxMi00NmFlLWE1MGYtZGFiMzhmZDNjNzg2 LzEvcUs5TUNqY3RBVVZWOTlUWHlKejVsdkJSUXZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGq9MOfV HSKTgWmML2nu0qt8T96oZPpNN4IjTDTjWKbtJ6zvrMcXCmgoKQTiBlDX2x/rTqO/ 4wYlcYzUE4OGdpwkYxuKYP4skean02YspfRsgMersWhL059tyuYbO65i8CRTSID8 0DR+lzua6ihhKh2RCK1An3J6KoU9twPoK09lCkiSsWe9iH89YmMI6PHX5ljByjTu rGtCf1aEpVGkgiAd9OcxKN+bLEV0BfDF1hkWO9ho4Q4KPcnr7r2nKj4uvYs7mPm4 h5pqaxut0SAgtY1VP+zBz/bc/3oK8bZSORS2SRAAaR4H84wenHmDs02sdKLZxWzJ 9uip2JdBPA2qGw== -----END CERTIFICATE-----Generated at Mon Dec 22 07:21:40 2025 by rpki-client