This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft File: RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft (raw, json) Hash identifier: KiDnWvscRnxKUNDYtVJqZHLTepPt1Ca7Wgv4yekhkeI= Subject key identifier: 43:14:E8:D7:82:0A:CD:88:B9:EE:6C:FC:66:2B:76:FA:FD:C2:11:80 Authority key identifier: 45:0F:5E:A9:77:78:91:AD:4C:F4:12:8A:E7:34:04:F1:8B:D6:75:55 Certificate issuer: /CN=450f5ea9777891ad4cf4128ae73404f18bd67555 Certificate serial: 019B593EE51F770A5D566A2E888B123FAA9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft Manifest number: AA Signing time: Fri 26 Dec 2025 06:00:52 +0000 Manifest this update: Fri 26 Dec 2025 06:00:52 +0000 Manifest next update: Sat 27 Dec 2025 06:00:52 +0000 Files and hashes: 1: RQ9eqXd4ka1M9BKK5zQE8YvWdVU.crl (hash: zASs0XHlsgPOK2LMLovBknwjWhTvMgMGK6ZeUD/zytk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.crl rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft rsync://rpki.ripe.net/repository/DEFAULT/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:3e:e5:1f:77:0a:5d:56:6a:2e:88:8b:12:3f:aa:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=450f5ea9777891ad4cf4128ae73404f18bd67555 Validity Not Before: Dec 26 06:00:52 2025 GMT Not After : Dec 27 06:00:52 2025 GMT Subject: CN=4314e8d7820acd88b9ee6cfc662b76fafdc21180 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:62:65:4a:b3:d1:1c:23:9f:dc:a5:28:82:96: 7b:c5:65:a9:a9:2b:5f:69:5d:7b:1f:e6:ae:67:9b: e3:54:2a:76:f8:3b:a2:d0:8a:f6:f2:45:d3:92:a3: 30:1d:d3:8e:7f:02:4c:f8:db:b1:d6:0e:be:d7:f5: cb:1f:e9:7f:44:f9:c9:e6:b2:5a:69:b7:d0:f1:ab: 28:13:27:b1:47:fc:5b:ee:b1:3d:1a:c0:72:2b:2f: 98:df:b3:e7:64:3a:2c:a1:7c:da:ca:69:5f:f0:34: 2c:98:66:43:5f:6f:c7:1f:34:ed:90:8e:b8:59:b6: c9:2c:46:c3:22:98:6e:37:a5:52:c3:f4:1f:59:cc: e4:8f:a7:50:fd:74:af:52:a4:f0:14:06:a6:6c:44: 3b:fd:4f:7d:5b:d9:3c:7e:92:74:21:69:a3:fe:db: 3e:93:56:eb:1f:58:18:3a:7d:67:b1:50:17:e7:3c: a6:5d:3b:63:5d:4e:75:64:7d:d1:41:6b:8b:2f:c8: 75:16:5b:02:5a:67:fc:25:1f:d3:ec:3f:89:5a:26: 20:84:09:b2:34:62:d2:7a:6a:3b:46:3d:e9:c0:7a: 61:3f:c4:6d:ec:70:e2:1a:06:ec:8b:93:f3:c2:93: c1:97:31:57:34:c1:94:db:6a:fc:18:b4:e9:d7:c1: a3:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:14:E8:D7:82:0A:CD:88:B9:EE:6C:FC:66:2B:76:FA:FD:C2:11:80 X509v3 Authority Key Identifier: keyid:45:0F:5E:A9:77:78:91:AD:4C:F4:12:8A:E7:34:04:F1:8B:D6:75:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/0a18f6-0b80-40e9-82ae-8df124cf0ea9/1/RQ9eqXd4ka1M9BKK5zQE8YvWdVU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:12:c9:bd:c4:f2:31:f3:92:79:9c:e0:33:09:60:fb:86:c2: e1:eb:8d:06:43:bd:dc:c9:36:43:47:44:aa:6f:8c:4f:f8:f8: e3:d5:08:a7:58:4b:8b:bc:c2:12:5e:6d:7c:73:90:6e:a7:97: 22:08:90:3f:b5:17:a3:fb:a2:c9:6c:a4:0a:b3:a0:86:82:1e: 85:00:a0:66:8d:70:e6:a2:01:4d:d1:87:b2:68:25:49:06:2f: 29:d0:af:55:98:c2:20:fd:1a:98:d0:6c:04:cd:63:bb:52:1c: bc:58:5b:14:a1:9c:a0:56:07:0b:4d:c2:7e:e1:85:1f:55:d1: 25:00:58:55:ac:3d:ec:27:25:e6:74:32:ce:65:33:e7:36:dc: 24:ad:bf:17:79:90:35:4b:91:37:62:d5:fb:7c:b4:4a:e5:d2: f1:02:6f:de:48:8c:5c:e9:1e:1b:83:9b:42:12:fe:ba:9c:4d: b1:aa:12:5a:de:ea:07:5f:c1:e7:ee:74:5e:fa:35:7e:0b:b3: 39:95:c5:c9:d8:d5:67:16:98:da:80:e6:1b:23:c2:13:ff:5d: ff:cc:c6:21:e9:0b:2f:49:87:0f:54:54:d6:90:54:f5:4f:6e: c2:e0:75:17:b0:67:d3:78:32:49:27:61:3f:25:cf:95:cd:d0: f3:e6:58:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZPuUfdwpdVmouiIsSP6qeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1MGY1ZWE5Nzc3ODkxYWQ0Y2Y0MTI4YWU3MzQwNGYxOGJk Njc1NTUwHhcNMjUxMjI2MDYwMDUyWhcNMjUxMjI3MDYwMDUyWjAzMTEwLwYDVQQD Eyg0MzE0ZThkNzgyMGFjZDg4YjllZTZjZmM2NjJiNzZmYWZkYzIxMTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWJlSrPRHCOf3KUogpZ7xWWpqStf aV17H+auZ5vjVCp2+Dui0Ir28kXTkqMwHdOOfwJM+Nux1g6+1/XLH+l/RPnJ5rJa abfQ8asoEyexR/xb7rE9GsByKy+Y37PnZDosoXzaymlf8DQsmGZDX2/HHzTtkI64 WbbJLEbDIphuN6VSw/QfWczkj6dQ/XSvUqTwFAambEQ7/U99W9k8fpJ0IWmj/ts+ k1brH1gYOn1nsVAX5zymXTtjXU51ZH3RQWuLL8h1FlsCWmf8JR/T7D+JWiYghAmy NGLSemo7Rj3pwHphP8Rt7HDiGgbsi5PzwpPBlzFXNMGU22r8GLTp18GjcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEMU6NeCCs2Iue5s/GYrdvr9whGAMB8GA1UdIwQY MBaAFEUPXql3eJGtTPQSiuc0BPGL1nVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlE5ZXFYZDRrYTFNOUJLSzV6UUU4WXZXZFZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8wYTE4ZjYtMGI4MC00MGU5LTgyYWUt OGRmMTI0Y2YwZWE5LzEvUlE5ZXFYZDRrYTFNOUJLSzV6UUU4WXZXZFZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny8wYTE4ZjYtMGI4MC00MGU5LTgyYWUtOGRmMTI0Y2YwZWE5 LzEvUlE5ZXFYZDRrYTFNOUJLSzV6UUU4WXZXZFZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRLJvcTy MfOSeZzgMwlg+4bC4euNBkO93Mk2Q0dEqm+MT/j449UIp1hLi7zCEl5tfHOQbqeX IgiQP7UXo/uiyWykCrOghoIehQCgZo1w5qIBTdGHsmglSQYvKdCvVZjCIP0amNBs BM1ju1IcvFhbFKGcoFYHC03CfuGFH1XRJQBYVaw97Ccl5nQyzmUz5zbcJK2/F3mQ NUuRN2LV+3y0SuXS8QJv3kiMXOkeG4ObQhL+upxNsaoSWt7qB1/B5+50Xvo1fguz OZXFydjVZxaY2oDmGyPCE/9d/8zGIekLL0mHD1RU1pBU9U9uwuB1F7Bn03gySSdh PyXPlc3Q8+ZY3Q== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:24 2025 by rpki-client