This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft File: q-KqqfiJDkQV40HAd9hnvuJaodE.mft (raw, json) Hash identifier: 37kr6o7xs88ZGwloS8FDVv08iSLN9m9yYQ387vmBNaI= Subject key identifier: 18:07:B2:37:C3:42:6C:B4:C6:4A:DB:E8:6D:7B:6A:9C:19:AC:62:66 Authority key identifier: AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1 Certificate issuer: /CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1 Certificate serial: 019B5A1A5EB87504B529E5C295C123D91051 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft Manifest number: 01EE Signing time: Fri 26 Dec 2025 10:00:36 +0000 Manifest this update: Fri 26 Dec 2025 10:00:36 +0000 Manifest next update: Sat 27 Dec 2025 10:00:36 +0000 Files and hashes: 1: q-KqqfiJDkQV40HAd9hnvuJaodE.crl (hash: efQzYJNTBkXPruNoO3rgeoaf9fHNh+1pLZXMoW+66so=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:5e:b8:75:04:b5:29:e5:c2:95:c1:23:d9:10:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abe2aaa9f8890e4415e341c077d867bee25aa1d1 Validity Not Before: Dec 26 10:00:36 2025 GMT Not After : Dec 27 10:00:36 2025 GMT Subject: CN=1807b237c3426cb4c64adbe86d7b6a9c19ac6266 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:4e:5a:89:9c:ab:7e:be:e2:03:41:e9:13:3c: fa:7e:25:ef:ad:de:5a:55:70:2e:50:96:b9:95:a5: 52:07:22:9e:46:fc:62:ee:81:e7:8f:2e:c0:97:53: 04:6d:c9:95:8e:02:2a:90:2c:42:47:78:84:05:4e: 5f:b5:15:a9:a4:66:fe:80:eb:ab:9b:c8:ca:6d:f1: eb:fb:7d:f6:15:28:37:39:2d:98:93:ad:af:1f:2f: 48:20:4b:40:ec:a8:2c:6b:7e:01:94:d1:fc:bb:a0: d0:6d:21:22:0e:a7:51:9e:a9:30:03:35:19:5b:bc: 26:85:f4:23:54:fc:a3:f6:bf:bb:5b:6f:04:58:82: 56:53:cf:0f:3e:92:39:49:e8:8d:45:be:bd:ea:50: ef:cb:d6:ae:bf:b5:e5:1e:04:37:db:44:55:72:7a: 70:22:e6:21:6c:d1:96:bc:11:ef:c8:29:25:1b:09: c4:16:e2:6f:65:fe:e1:e8:d5:b0:12:10:d9:06:d4: 43:aa:27:b9:2c:36:95:99:f2:c2:a6:30:e8:8f:13: 18:86:c9:a0:8e:05:ac:ca:e4:ef:e7:40:e6:48:2a: df:84:87:3e:d5:96:3d:6a:fd:a8:e8:e7:1f:d1:af: 35:ef:93:dc:17:95:dd:75:72:93:09:76:97:9d:a2: d9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:07:B2:37:C3:42:6C:B4:C6:4A:DB:E8:6D:7B:6A:9C:19:AC:62:66 X509v3 Authority Key Identifier: keyid:AB:E2:AA:A9:F8:89:0E:44:15:E3:41:C0:77:D8:67:BE:E2:5A:A1:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q-KqqfiJDkQV40HAd9hnvuJaodE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/87ab16-b4de-4ccf-ac49-461a6eccfc47/1/q-KqqfiJDkQV40HAd9hnvuJaodE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:4f:24:ac:05:7c:ab:51:a8:fd:08:d3:84:7a:53:19:a4:6a: c7:1c:32:0c:52:64:21:88:e8:f7:8f:6f:20:ef:92:87:b7:92: c8:f9:ac:7e:df:1c:d3:92:a3:7e:fe:4b:fd:b6:9f:d8:8f:0e: e2:0d:5c:ea:34:22:00:46:48:ac:c0:67:b6:bc:5a:dc:ce:38: 98:a7:4c:ce:c2:39:78:89:d5:0e:b5:ef:0f:4b:4f:4c:59:38: bb:34:e4:1e:ea:77:bf:43:69:5d:6e:ea:ce:00:6a:2d:dd:6b: 50:d2:84:ec:11:0d:47:c8:e1:d1:45:f9:f5:ac:e1:92:e8:68: d3:a1:24:93:94:a1:84:7c:b6:69:c0:b5:f4:a9:b0:33:66:c1: d6:fb:9e:6b:7e:ce:68:b2:d4:d3:bf:ce:bc:f7:5b:6e:f8:40: a1:19:b3:92:92:98:6b:34:13:c8:04:f9:12:a5:2c:4f:79:61: 65:97:ab:c4:74:5d:68:73:41:b6:da:df:73:8d:96:8f:c7:f8: 2c:79:bc:1b:e2:ae:72:c9:29:69:69:b5:dd:de:66:0e:57:54: fc:39:51:25:a5:d6:3a:97:c5:f0:4b:b8:38:08:b8:4f:16:5c: 43:74:b1:ac:93:db:26:e6:4c:46:ee:bb:bc:a0:99:5e:14:05: 71:1a:18:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGl64dQS1KeXClcEj2RBRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiZTJhYWE5Zjg4OTBlNDQxNWUzNDFjMDc3ZDg2N2JlZTI1 YWExZDEwHhcNMjUxMjI2MTAwMDM2WhcNMjUxMjI3MTAwMDM2WjAzMTEwLwYDVQQD EygxODA3YjIzN2MzNDI2Y2I0YzY0YWRiZTg2ZDdiNmE5YzE5YWM2MjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+U5aiZyrfr7iA0HpEzz6fiXvrd5a VXAuUJa5laVSByKeRvxi7oHnjy7Al1MEbcmVjgIqkCxCR3iEBU5ftRWppGb+gOur m8jKbfHr+332FSg3OS2Yk62vHy9IIEtA7Kgsa34BlNH8u6DQbSEiDqdRnqkwAzUZ W7wmhfQjVPyj9r+7W28EWIJWU88PPpI5SeiNRb696lDvy9auv7XlHgQ320RVcnpw IuYhbNGWvBHvyCklGwnEFuJvZf7h6NWwEhDZBtRDqie5LDaVmfLCpjDojxMYhsmg jgWsyuTv50DmSCrfhIc+1ZY9av2o6Ocf0a8175PcF5XddXKTCXaXnaLZSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBgHsjfDQmy0xkrb6G17apwZrGJmMB8GA1UdIwQY MBaAFKviqqn4iQ5EFeNBwHfYZ77iWqHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDkt NDYxYTZlY2NmYzQ3LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC84N2FiMTYtYjRkZS00Y2NmLWFjNDktNDYxYTZlY2NmYzQ3 LzEvcS1LcXFmaUpEa1FWNDBIQWQ5aG52dUphb2RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVU8krAV8 q1Go/QjThHpTGaRqxxwyDFJkIYjo949vIO+Sh7eSyPmsft8c05Kjfv5L/baf2I8O 4g1c6jQiAEZIrMBntrxa3M44mKdMzsI5eInVDrXvD0tPTFk4uzTkHup3v0NpXW7q zgBqLd1rUNKE7BENR8jh0UX59azhkuho06Ekk5ShhHy2acC19KmwM2bB1vuea37O aLLU07/OvPdbbvhAoRmzkpKYazQTyAT5EqUsT3lhZZerxHRdaHNBttrfc42Wj8f4 LHm8G+KucskpaWm13d5mDldU/DlRJaXWOpfF8Eu4OAi4TxZcQ3SxrJPbJuZMRu67 vKCZXhQFcRoY1w== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:07 2025 by rpki-client