This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json) Hash identifier: YLcQJvFBVsPvk/EsMm9objA4ECXi6woul4h8FNrE8Wk= Subject key identifier: CA:8F:43:BA:C5:B2:A2:41:D3:E2:B2:A5:27:73:A0:3B:2E:72:37:DB Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90 Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90 Certificate serial: 019B20CFB78A83BF2E34B31382ED68280196 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft Manifest number: 0D96 Signing time: Mon 15 Dec 2025 07:00:42 +0000 Manifest this update: Mon 15 Dec 2025 07:00:42 +0000 Manifest next update: Tue 16 Dec 2025 07:00:42 +0000 Files and hashes: 1: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: A/HCpDloH11kSrqanFXKh/63vlAKN5vUV9qP7NYlMGI=) 2: u25_l7rqpA4jc9Mn9X_nn6jE1D8.roa (hash: XxkiW8kKfa52GpQHHiGBtUNZJLczRvJy5PTfiodYsrs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 07:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:cf:b7:8a:83:bf:2e:34:b3:13:82:ed:68:28:01:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90 Validity Not Before: Dec 15 07:00:42 2025 GMT Not After : Dec 16 07:00:42 2025 GMT Subject: CN=ca8f43bac5b2a241d3e2b2a52773a03b2e7237db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:cb:9c:c5:70:c4:ce:fa:c1:a3:c4:c9:b6:07: ee:b3:87:9e:b0:3d:9d:8a:a6:b8:ff:bf:05:30:ab: 0e:0a:6a:2c:e9:d4:28:94:1d:fd:78:56:37:e3:1e: ff:05:5f:b4:dc:51:ac:ec:cb:d6:0d:88:a2:80:06: 5d:e8:29:84:97:df:b5:31:87:06:b7:de:99:d2:9c: b8:d2:16:e6:cb:d8:cf:8f:f1:62:7b:55:50:c9:ed: f5:af:38:44:6c:e6:ef:d7:c3:d4:fe:7e:2e:bf:f7: c0:47:e9:f7:c1:85:49:ee:6d:d0:24:a6:d2:ed:75: 05:93:b4:35:84:d3:ae:31:3d:6d:1a:4c:b5:ae:a6: d0:0c:d2:7f:da:61:ee:75:49:f6:4c:22:94:fb:55: ac:c7:6b:c7:40:17:7c:fa:37:9a:89:56:9e:68:bb: 01:7e:4e:2f:d1:60:fb:98:89:a3:e1:84:6a:0c:5c: 42:f0:af:6d:06:36:1f:54:41:90:cb:bc:17:2d:63: 2e:b9:1c:82:89:38:03:c9:92:43:bc:ce:6a:65:ff: 17:db:ba:37:55:a3:6e:78:a2:c2:42:34:ae:9a:c1: 8c:9a:f8:3a:94:ef:7e:93:46:f3:55:58:87:1c:62: 2b:9a:f2:a0:3a:11:3d:ad:73:ee:d9:37:d8:09:72: 44:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:8F:43:BA:C5:B2:A2:41:D3:E2:B2:A5:27:73:A0:3B:2E:72:37:DB X509v3 Authority Key Identifier: keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:18:f2:07:e6:0a:15:22:bc:1e:7c:65:04:a0:31:56:d0:ae: cf:40:75:8a:c0:d5:12:6c:30:cd:16:89:9d:36:ab:f7:a5:16: da:c5:8a:bc:c6:09:a7:f1:55:37:b8:65:de:8d:1b:27:5a:8e: 24:a4:7f:e5:4e:9c:b5:44:5d:49:84:da:f1:97:92:3c:5f:e7: 57:1c:20:4c:75:14:34:14:0c:81:fd:b0:75:cd:48:5f:d9:26: 02:59:ae:a1:d9:53:4d:9d:a1:d7:3b:06:d1:8c:d7:9e:b5:c4: 44:e0:fb:25:95:87:a1:5a:fd:ea:5e:3c:92:94:6b:6e:f6:d0: 13:ac:03:36:6a:7d:6f:85:e0:92:d8:33:f2:f7:43:2f:fe:ad: 4e:29:3e:db:2a:67:42:20:07:97:d4:c6:aa:d3:73:29:20:c2: 34:63:7c:c6:15:7d:40:f5:4f:ed:4f:d1:21:2c:b1:46:db:a9: 8b:8f:d1:63:5b:99:a0:1a:e6:2b:2a:1f:1f:4f:ee:60:c5:8f: b3:e4:8e:3f:0c:6e:ff:0f:a5:5a:71:2f:51:66:8d:5d:e0:ff: 42:eb:4b:a7:09:0b:70:9a:b9:3d:d7:8f:65:46:44:a1:ca:3b: 78:ff:ff:b9:9f:2b:c6:d8:41:60:3f:f7:a8:e1:ec:0f:6e:f9: fb:d3:56:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgz7eKg78uNLMTgu1oKAGWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4 NjllOTAwHhcNMjUxMjE1MDcwMDQyWhcNMjUxMjE2MDcwMDQyWjAzMTEwLwYDVQQD EyhjYThmNDNiYWM1YjJhMjQxZDNlMmIyYTUyNzczYTAzYjJlNzIzN2RiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8ucxXDEzvrBo8TJtgfus4eesD2d iqa4/78FMKsOCmos6dQolB39eFY34x7/BV+03FGs7MvWDYiigAZd6CmEl9+1MYcG t96Z0py40hbmy9jPj/Fie1VQye31rzhEbObv18PU/n4uv/fAR+n3wYVJ7m3QJKbS 7XUFk7Q1hNOuMT1tGky1rqbQDNJ/2mHudUn2TCKU+1Wsx2vHQBd8+jeaiVaeaLsB fk4v0WD7mImj4YRqDFxC8K9tBjYfVEGQy7wXLWMuuRyCiTgDyZJDvM5qZf8X27o3 VaNueKLCQjSumsGMmvg6lO9+k0bzVViHHGIrmvKgOhE9rXPu2TfYCXJEmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMqPQ7rFsqJB0+KypSdzoDsucjfbMB8GA1UdIwQY MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2 LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvBjyB+YK FSK8HnxlBKAxVtCuz0B1isDVEmwwzRaJnTar96UW2sWKvMYJp/FVN7hl3o0bJ1qO JKR/5U6ctURdSYTa8ZeSPF/nVxwgTHUUNBQMgf2wdc1IX9kmAlmuodlTTZ2h1zsG 0YzXnrXEROD7JZWHoVr96l48kpRrbvbQE6wDNmp9b4Xgktgz8vdDL/6tTik+2ypn QiAHl9TGqtNzKSDCNGN8xhV9QPVP7U/RISyxRtupi4/RY1uZoBrmKyofH0/uYMWP s+SOPwxu/w+lWnEvUWaNXeD/QutLpwkLcJq5PdePZUZEoco7eP//uZ8rxthBYD/3 qOHsD275+9NWwg== -----END CERTIFICATE-----Generated at Mon Dec 15 16:52:58 2025 by rpki-client