This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft File: Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft (raw, json) Hash identifier: 65q0rb51hxHIiOmSOzs7AOM2B0WzGsaNRppnQLpFwqk= Subject key identifier: C7:B3:3A:6A:1D:CB:38:BE:86:1F:A3:55:B2:A1:0A:66:3E:80:0C:40 Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c Certificate serial: 019B3569B027404E6BA3A8AF02226B5D4570 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft Manifest number: 0AF8 Signing time: Fri 19 Dec 2025 07:01:17 +0000 Manifest this update: Fri 19 Dec 2025 07:01:17 +0000 Manifest next update: Sat 20 Dec 2025 07:01:17 +0000 Files and hashes: 1: Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl (hash: A0kkIrz4Z1SGLUYlwi8Bi/oy8WqIkmM8aM3GBGtvy9g=) 2: xzcqcrFf-ra6k9gJVEfYsUOL7r0.roa (hash: tLEmQ4Ip0nJAlYr4VF0AY9UERYkLlEbUUc3k5bIYBQM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:b0:27:40:4e:6b:a3:a8:af:02:22:6b:5d:45:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c Validity Not Before: Dec 19 07:01:17 2025 GMT Not After : Dec 20 07:01:17 2025 GMT Subject: CN=c7b33a6a1dcb38be861fa355b2a10a663e800c40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9a:b2:75:11:82:4b:7a:f4:b3:d2:ac:ae:71: 53:4a:c5:4b:a7:d2:8c:42:02:8e:79:22:95:81:d5: b8:44:bd:f0:d0:f9:f3:3e:75:a2:e7:1a:b1:4a:11: ed:98:3d:88:93:0e:ac:de:cc:94:71:cf:2c:ed:6d: 5c:af:e3:78:3f:01:c1:95:17:9c:c3:24:d2:c8:61: ca:d7:e1:ed:ac:6d:04:06:28:9d:39:d6:f3:ab:a9: 58:95:2a:86:2d:32:ac:f0:93:6b:dd:89:7a:2f:3b: e8:80:3a:fb:f1:61:a2:ec:50:ca:a9:f8:74:cb:f8: 06:dd:3c:ba:e5:da:47:0d:32:01:4f:4f:e5:7c:8a: 35:fb:5c:98:49:54:2d:a7:d5:ce:fe:26:0f:b6:07: 01:96:01:26:4e:07:1d:d4:66:51:23:a9:dd:a2:42: fa:65:ed:ce:ab:88:71:64:35:85:dc:7e:b0:a1:e4: 8e:21:f1:15:46:9f:c0:47:5d:a1:44:20:f7:27:29: ae:e5:13:91:dd:e4:65:31:d5:0b:1d:5e:06:91:01: ea:35:07:6a:c1:81:0e:bf:cb:e4:ff:23:6c:2f:bd: 6a:3c:5c:b8:7c:d9:c8:59:5d:57:c4:7e:34:07:54: d6:ef:e1:73:0b:f4:a8:1f:9b:ce:4b:4f:dc:bd:c2: cb:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B3:3A:6A:1D:CB:38:BE:86:1F:A3:55:B2:A1:0A:66:3E:80:0C:40 X509v3 Authority Key Identifier: keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:62:09:ec:77:a9:2c:13:84:c6:5b:73:57:dd:0d:7d:42:be: 09:d6:9a:b1:0b:68:04:e3:3f:f2:c8:cb:e5:d2:aa:2a:a6:5b: 88:02:19:2e:5a:f2:cc:12:a1:ed:18:72:71:83:ab:ad:33:24: d6:38:4b:06:f6:f2:5a:83:4f:a8:de:8b:c1:d0:6c:7f:5f:0e: 28:d7:95:97:8a:2b:5c:9b:23:82:cb:4e:62:9e:69:cd:d6:3f: 92:cd:b0:78:75:d4:6f:23:c6:fc:d4:48:fa:88:a7:a8:94:40: 64:b6:e8:08:0b:d7:28:00:7a:cf:bb:59:15:a5:18:d1:b6:b4: ea:f3:ad:7d:55:a1:9a:da:0b:6c:16:cd:1f:b1:0b:7a:4d:9c: 43:c4:e0:9b:73:d9:36:2c:9c:49:c7:f4:5e:f4:f7:d4:49:83: 6f:bc:43:a6:c6:94:27:3e:2f:c9:ff:76:b6:38:67:6b:cb:e0: a9:7c:15:7d:c3:5e:a9:b5:f2:6c:6b:ef:7b:c9:1b:2b:d9:1a: d6:68:69:f9:b5:59:80:66:d8:c0:05:fa:07:72:06:1f:ea:e6: f0:6a:53:44:fb:3a:87:25:7f:c4:30:02:0b:16:45:a1:99:ea: 84:33:40:9b:39:6f:5e:46:3d:9d:44:91:cc:23:12:34:c1:bb: 6b:c1:91:4d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1abAnQE5ro6ivAiJrXUVwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0 NTI2OGMwHhcNMjUxMjE5MDcwMTE3WhcNMjUxMjIwMDcwMTE3WjAzMTEwLwYDVQQD EyhjN2IzM2E2YTFkY2IzOGJlODYxZmEzNTViMmExMGE2NjNlODAwYzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpqydRGCS3r0s9KsrnFTSsVLp9KM QgKOeSKVgdW4RL3w0PnzPnWi5xqxShHtmD2Ikw6s3syUcc8s7W1cr+N4PwHBlRec wyTSyGHK1+HtrG0EBiidOdbzq6lYlSqGLTKs8JNr3Yl6LzvogDr78WGi7FDKqfh0 y/gG3Ty65dpHDTIBT0/lfIo1+1yYSVQtp9XO/iYPtgcBlgEmTgcd1GZRI6ndokL6 Ze3Oq4hxZDWF3H6woeSOIfEVRp/AR12hRCD3Jymu5ROR3eRlMdULHV4GkQHqNQdq wYEOv8vk/yNsL71qPFy4fNnIWV1XxH40B1TW7+FzC/SoH5vOS0/cvcLLcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMezOmodyzi+hh+jVbKhCmY+gAxAMB8GA1UdIwQY MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt Njg4ZDUxYTQ0NDQ4LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4 LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAomIJ7Hep LBOExltzV90NfUK+CdaasQtoBOM/8sjL5dKqKqZbiAIZLlryzBKh7RhycYOrrTMk 1jhLBvbyWoNPqN6LwdBsf18OKNeVl4orXJsjgstOYp5pzdY/ks2weHXUbyPG/NRI +oinqJRAZLboCAvXKAB6z7tZFaUY0ba06vOtfVWhmtoLbBbNH7ELek2cQ8Tgm3PZ NiycScf0XvT31EmDb7xDpsaUJz4vyf92tjhna8vgqXwVfcNeqbXybGvve8kbK9ka 1mhp+bVZgGbYwAX6B3IGH+rm8GpTRPs6hyV/xDACCxZFoZnqhDNAmzlvXkY9nUSR zCMSNMG7a8GRTQ== -----END CERTIFICATE-----Generated at Fri Dec 19 10:25:59 2025 by rpki-client