This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft File: q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft (raw, json) Hash identifier: K+KGUHw96jwALQet5zqo7mxYJsROnCWydkyWA6EZy3A= Subject key identifier: B6:B3:24:77:F2:60:78:F5:4A:F2:E7:8A:8E:18:9B:10:BE:68:FE:FF Authority key identifier: AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9 Certificate issuer: /CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9 Certificate serial: 019B0EC96C138098DC326792168FE2DA41CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft Manifest number: 0F64 Signing time: Thu 11 Dec 2025 19:00:39 +0000 Manifest this update: Thu 11 Dec 2025 19:00:39 +0000 Manifest next update: Fri 12 Dec 2025 19:00:39 +0000 Files and hashes: 1: FBn1v2zB1JVjcRcZbhGPjhIQq-4.roa (hash: mVYwRlVF+pwgFuj92Y5wG2kGfxiuhyd+s7VwHmVtegc=) 2: q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl (hash: G00J1O5oNWmWJF1ARjGff7Cm1GxzF8N3h4owp/okVLY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:c9:6c:13:80:98:dc:32:67:92:16:8f:e2:da:41:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9 Validity Not Before: Dec 11 19:00:39 2025 GMT Not After : Dec 12 19:00:39 2025 GMT Subject: CN=b6b32477f26078f54af2e78a8e189b10be68feff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:f5:4b:4e:ba:ae:df:01:99:0c:ee:8d:78:7b: 8a:aa:6d:45:0d:8e:62:7e:87:60:6b:bd:23:f5:cb: 65:18:70:55:b5:5f:07:2d:a5:a5:2c:1d:d0:6e:48: e0:d9:33:04:10:61:cf:6f:32:c1:d8:9b:f0:c3:ef: fc:3d:80:21:e1:bc:ff:ea:bf:44:24:f1:46:80:81: ce:af:20:df:09:0c:fe:2f:6c:5b:68:f5:8d:be:c2: 04:1a:14:8b:e8:20:26:61:c7:e4:2a:68:dd:b1:40: 36:39:06:52:9c:b5:bb:1a:aa:c1:84:95:62:dc:69: 9e:bb:2b:47:f0:92:bd:d1:b5:24:4b:07:cf:94:c2: 43:e5:a5:43:60:87:8d:08:22:5d:61:33:38:d4:85: 29:75:e7:5d:12:46:d9:e8:ed:fb:8f:0d:75:35:c5: 04:54:f8:23:7e:cc:0e:c6:75:9d:e5:04:8c:7a:4e: 90:57:51:9f:20:f7:99:02:e0:e3:5b:78:7e:b2:1f: 02:6a:1d:06:82:9c:08:9e:21:e1:37:60:32:41:df: 08:03:ca:be:d7:2d:47:4a:c7:9a:34:a6:ad:63:24: cc:75:bf:39:18:e3:a7:46:06:9f:9e:c7:12:2c:2f: 85:d1:d3:96:ed:31:66:10:36:8e:48:03:ec:62:78: 7a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:B3:24:77:F2:60:78:F5:4A:F2:E7:8A:8E:18:9B:10:BE:68:FE:FF X509v3 Authority Key Identifier: keyid:AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:9f:98:c7:fc:87:85:2e:61:75:9c:79:97:50:bc:76:1c:9a: 89:bf:a5:6d:d2:5f:98:87:f4:28:97:1e:88:71:2b:d6:ce:f2: f8:33:05:66:74:7d:6d:61:dd:a6:71:4f:73:31:d2:6a:b6:42: 9d:86:1f:1b:67:05:69:4e:fd:59:b6:df:d5:b7:3c:7d:dc:9d: 0a:69:86:7e:96:01:82:b3:58:cd:e2:99:67:0d:ca:7d:ad:c4: 05:29:98:92:8e:28:2e:6a:01:5e:ee:a4:e5:de:56:77:b3:00: d0:c1:eb:7a:6a:0d:a2:cd:7d:f5:c9:e1:12:7d:d2:d6:f9:21: b4:38:48:46:1d:83:35:d8:83:e7:87:60:74:49:53:28:a1:c4: e5:d8:c0:54:ca:aa:84:48:3d:78:09:59:72:1e:ed:01:8a:e7: 65:5e:63:84:62:8c:5d:07:e8:2a:7c:ed:28:a5:a6:54:b0:56: 5b:99:49:14:b1:1b:ed:ef:5c:73:a1:53:88:bc:97:2b:29:2f: d3:3f:44:33:a0:84:1a:10:25:73:22:f8:d3:48:37:d7:bd:6c: ce:4d:77:26:72:01:51:29:ba:17:f1:da:08:08:ef:a2:63:f2: 76:61:ec:96:2d:a9:b8:65:dc:8b:d2:5c:5c:d6:bd:c7:29:45: b0:5c:e3:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOyWwTgJjcMmeSFo/i2kHMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNjg0ZTUwZTMzZjNhMDAxNWM4Zjg5OWM4OGJjYjEzN2Jj ZmI1ZjkwHhcNMjUxMjExMTkwMDM5WhcNMjUxMjEyMTkwMDM5WjAzMTEwLwYDVQQD EyhiNmIzMjQ3N2YyNjA3OGY1NGFmMmU3OGE4ZTE4OWIxMGJlNjhmZWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovVLTrqu3wGZDO6NeHuKqm1FDY5i fodga70j9ctlGHBVtV8HLaWlLB3Qbkjg2TMEEGHPbzLB2Jvww+/8PYAh4bz/6r9E JPFGgIHOryDfCQz+L2xbaPWNvsIEGhSL6CAmYcfkKmjdsUA2OQZSnLW7GqrBhJVi 3GmeuytH8JK90bUkSwfPlMJD5aVDYIeNCCJdYTM41IUpdeddEkbZ6O37jw11NcUE VPgjfswOxnWd5QSMek6QV1GfIPeZAuDjW3h+sh8Cah0GgpwIniHhN2AyQd8IA8q+ 1y1HSseaNKatYyTMdb85GOOnRgafnscSLC+F0dOW7TFmEDaOSAPsYnh6+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLazJHfyYHj1SvLnio4YmxC+aP7/MB8GA1UdIwQY MBaAFKtoTlDjPzoAFcj4mciLyxN7z7X5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjIt ODBlNWQ1M2VkYjQxLzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjItODBlNWQ1M2VkYjQx LzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcp+Yx/yH hS5hdZx5l1C8dhyaib+lbdJfmIf0KJceiHEr1s7y+DMFZnR9bWHdpnFPczHSarZC nYYfG2cFaU79Wbbf1bc8fdydCmmGfpYBgrNYzeKZZw3Kfa3EBSmYko4oLmoBXu6k 5d5Wd7MA0MHremoNos199cnhEn3S1vkhtDhIRh2DNdiD54dgdElTKKHE5djAVMqq hEg9eAlZch7tAYrnZV5jhGKMXQfoKnztKKWmVLBWW5lJFLEb7e9cc6FTiLyXKykv 0z9EM6CEGhAlcyL400g3171szk13JnIBUSm6F/HaCAjvomPydmHsli2puGXci9Jc XNa9xylFsFzjSA== -----END CERTIFICATE-----Generated at Fri Dec 12 04:08:12 2025 by rpki-client