This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json) Hash identifier: hWUWyGGHxL51Ln0IMyGz2iXPwQLVCgR6Td9tXg2xle8= Subject key identifier: 8F:56:9A:32:51:8D:09:D5:62:B8:B6:E6:25:72:98:3B:8E:50:91:6C Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0 Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0 Certificate serial: 019B5976CB0658657C3261FEEF74B7B83EF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft Manifest number: 0AB4 Signing time: Fri 26 Dec 2025 07:01:55 +0000 Manifest this update: Fri 26 Dec 2025 07:01:55 +0000 Manifest next update: Sat 27 Dec 2025 07:01:55 +0000 Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: Zu0qUNYdy75NB6R2ZGYfJRsM3GZifpBov+Ph4QKB+D4=) 2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:cb:06:58:65:7c:32:61:fe:ef:74:b7:b8:3e:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=090287256e25fa340d3afba780eac60d556adec0 Validity Not Before: Dec 26 07:01:55 2025 GMT Not After : Dec 27 07:01:55 2025 GMT Subject: CN=8f569a32518d09d562b8b6e62572983b8e50916c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:53:f6:2f:aa:fa:d4:8f:32:d1:14:db:9b:40: 67:fe:fb:e8:13:14:ee:77:5f:56:f0:9f:14:be:02: df:4a:a5:bc:7d:fa:e5:d4:b1:1f:a0:29:e2:69:32: bc:a6:a6:2e:b1:5d:23:ce:81:9f:2d:a0:b4:91:65: 2a:5a:53:92:55:54:3f:f1:29:f6:9d:eb:90:23:24: 5c:aa:89:6d:55:df:49:dc:d0:2e:24:72:32:e8:0c: 5d:b6:cd:92:ba:2a:8f:cc:c3:ef:bd:84:bd:da:50: 1a:99:c9:d8:80:a9:d6:44:ff:1d:4e:e3:cc:ca:6f: e3:e6:3e:8b:e8:08:f4:e7:5d:bf:8f:b0:67:62:cc: c8:24:70:1f:a7:0c:c9:62:de:be:26:ec:2a:2d:42: a8:e2:8f:5d:6b:65:75:6e:69:1b:f4:50:5c:d4:10: ff:cf:d0:3c:7c:3b:a1:aa:d9:f1:82:49:cd:76:b6: bb:50:29:8a:81:19:e4:bd:ee:4c:9f:03:14:41:be: 05:b2:5f:f3:a5:9d:ad:c9:9a:c2:d1:67:1c:cb:ee: 17:6e:d1:f2:77:47:9b:45:20:50:2f:c2:41:41:71: 24:95:82:4e:7f:07:a2:d2:8e:8e:f2:06:09:00:28: 02:7e:9a:4d:c3:b6:36:67:c6:c3:63:77:96:6a:88: 59:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:56:9A:32:51:8D:09:D5:62:B8:B6:E6:25:72:98:3B:8E:50:91:6C X509v3 Authority Key Identifier: keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:e8:6a:53:0d:f9:9a:0b:47:81:6d:28:26:30:2f:e0:3b:d5: c7:92:0c:e9:91:b4:1a:23:f3:d7:1f:ee:cd:68:ff:01:90:5c: ad:c5:42:45:ad:52:ad:b7:a3:9c:b8:38:c1:0e:c2:f9:65:25: 9d:dd:9d:28:d7:9f:c2:c7:44:c8:7e:f4:a5:1e:e7:ef:aa:ff: 76:62:74:b2:90:dc:65:30:d9:68:10:49:ec:6a:6c:d9:62:38: db:9e:22:9a:2e:5a:ee:31:c9:8e:07:0b:e4:d3:7f:2e:57:11: bb:65:be:15:52:3d:bd:9b:2d:ef:20:3a:96:ce:ae:5c:f3:46: 8e:c1:3e:5a:cb:85:75:42:bd:20:e6:6c:d1:d3:ad:ed:17:59: 09:30:e5:17:cb:72:04:4b:81:4f:c8:69:65:ad:a8:0f:c9:5c: 57:82:8f:ee:39:88:a5:70:8a:06:72:b5:5c:02:ac:e4:d2:80: f9:82:f7:32:4b:37:4d:43:86:13:a6:53:d2:15:14:08:23:c8: 20:a3:d4:4c:9d:b3:57:84:cf:28:d7:09:35:20:b9:c8:dd:ef: ba:89:60:75:80:3f:db:24:25:23:3f:d9:b7:5a:4f:a2:4c:35: 98:c9:b8:79:dd:45:66:78:fe:6a:5e:56:43:3e:34:7b:14:d9: 59:be:01:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdssGWGV8MmH+73S3uD7xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2 YWRlYzAwHhcNMjUxMjI2MDcwMTU1WhcNMjUxMjI3MDcwMTU1WjAzMTEwLwYDVQQD Eyg4ZjU2OWEzMjUxOGQwOWQ1NjJiOGI2ZTYyNTcyOTgzYjhlNTA5MTZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllP2L6r61I8y0RTbm0Bn/vvoExTu d19W8J8UvgLfSqW8ffrl1LEfoCniaTK8pqYusV0jzoGfLaC0kWUqWlOSVVQ/8Sn2 neuQIyRcqoltVd9J3NAuJHIy6Axdts2SuiqPzMPvvYS92lAamcnYgKnWRP8dTuPM ym/j5j6L6Aj0512/j7BnYszIJHAfpwzJYt6+JuwqLUKo4o9da2V1bmkb9FBc1BD/ z9A8fDuhqtnxgknNdra7UCmKgRnkve5MnwMUQb4Fsl/zpZ2tyZrC0Wccy+4XbtHy d0ebRSBQL8JBQXEklYJOfwei0o6O8gYJACgCfppNw7Y2Z8bDY3eWaohZaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI9WmjJRjQnVYri25iVymDuOUJFsMB8GA1UdIwQY MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+hqUw35 mgtHgW0oJjAv4DvVx5IM6ZG0GiPz1x/uzWj/AZBcrcVCRa1SrbejnLg4wQ7C+WUl nd2dKNefwsdEyH70pR7n76r/dmJ0spDcZTDZaBBJ7Gps2WI4254imi5a7jHJjgcL 5NN/LlcRu2W+FVI9vZst7yA6ls6uXPNGjsE+WsuFdUK9IOZs0dOt7RdZCTDlF8ty BEuBT8hpZa2oD8lcV4KP7jmIpXCKBnK1XAKs5NKA+YL3Mks3TUOGE6ZT0hUUCCPI IKPUTJ2zV4TPKNcJNSC5yN3vuolgdYA/2yQlIz/Zt1pPokw1mMm4ed1FZnj+al5W Qz40exTZWb4Bcw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:00 2025 by rpki-client