This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft File: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft (raw, json) Hash identifier: ikXpGpxuCg2TA9wcPSVmvBrNuRUlx1gn62ulvWHB1sY= Subject key identifier: A7:C3:50:71:59:99:85:18:5F:30:14:B9:5C:15:EE:B9:8C:00:E2:D6 Authority key identifier: AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87 Certificate issuer: /CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187 Certificate serial: 019B3343C087B461E06DEAE5888CF49608FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft Manifest number: 117E Signing time: Thu 18 Dec 2025 21:00:36 +0000 Manifest this update: Thu 18 Dec 2025 21:00:36 +0000 Manifest next update: Fri 19 Dec 2025 21:00:36 +0000 Files and hashes: 1: 1Z36oEX0lkx8ndMTGV0SwL3pu6s.roa (hash: oLjRdDjCa874D2Ohi+4lYwxZSVZ663VZAUA47G0Sbic=) 2: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl (hash: nc/it2TwjIKbL9fIPElhpIx9dshkMxzNYs+kJgeCZZo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:43:c0:87:b4:61:e0:6d:ea:e5:88:8c:f4:96:08:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187 Validity Not Before: Dec 18 21:00:36 2025 GMT Not After : Dec 19 21:00:36 2025 GMT Subject: CN=a7c35071599985185f3014b95c15eeb98c00e2d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:d0:b7:c7:b9:a8:2d:88:9b:86:59:89:b2:95: 79:93:da:93:6a:c5:c8:f2:06:96:f6:33:39:0f:72: 60:85:d2:8f:82:2b:db:00:c0:1d:c2:71:35:f4:05: fe:3f:bf:ea:eb:82:49:f2:43:d4:9a:9c:4a:b8:fd: 9b:d7:49:a0:80:74:2d:64:d5:2f:b9:1c:89:4f:96: 62:95:97:02:a9:fa:34:04:f3:bf:26:07:92:a4:7f: dc:1b:fd:9a:1f:65:8c:79:eb:a9:5c:82:25:9e:74: 15:5c:f9:1f:e4:bb:bc:77:1e:09:fb:3d:01:52:fa: 8d:7b:05:a4:13:ed:4b:1b:66:21:b7:61:bb:5d:91: 17:4a:9f:f0:c8:63:d3:b4:95:b1:46:f5:af:22:0c: e7:fa:67:17:7f:1b:76:c7:06:98:eb:11:ad:8c:01: 80:40:75:22:e2:56:9b:aa:3b:09:8d:95:35:e5:82: 32:a9:3e:ca:83:67:0b:3b:9b:d9:ba:ce:e1:22:a8: 85:4a:8d:55:cb:24:06:ff:04:ac:5f:6f:9b:73:2b: 3d:33:93:2d:d1:f2:83:69:ce:2e:cd:22:84:95:67: 53:b5:e2:94:70:65:c6:d1:40:86:8a:8e:67:b9:f6: 72:70:8c:39:0c:35:ff:ba:48:23:f6:43:d6:ca:db: 40:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:C3:50:71:59:99:85:18:5F:30:14:B9:5C:15:EE:B9:8C:00:E2:D6 X509v3 Authority Key Identifier: keyid:AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:7e:0e:54:86:13:ca:cb:8a:96:ff:54:40:92:9c:31:fe:af: 77:6d:94:6f:9f:9a:dc:7f:80:43:6e:29:ac:19:ce:d2:d7:b0: 0f:d2:c1:39:42:09:98:5d:7e:f9:cc:fb:b3:ea:f3:49:f8:ea: ca:a2:12:10:dd:7f:db:67:7e:c2:1d:91:db:c6:da:0b:17:50: a1:17:c3:c3:4d:9d:1f:7b:f4:79:aa:48:41:64:39:f5:d2:12: 14:c9:a6:9d:0e:46:64:16:7c:64:86:df:5b:b8:db:39:5f:37: 5c:c7:31:c3:88:f2:81:18:1a:a1:1f:73:7d:7a:37:1b:b5:20: 03:09:49:70:6d:50:40:9b:b8:5b:dc:d8:9f:c9:b9:4e:2c:80: 6a:27:71:11:d9:2e:73:31:b3:47:7b:53:aa:35:14:cf:cb:fc: 26:84:21:dd:d9:f1:7a:47:5c:0c:17:0f:1f:71:8d:68:97:1e: ca:32:5c:98:cc:12:38:40:89:f6:b7:bc:95:ce:4f:1c:f0:9a: 91:8b:7f:3d:bf:25:fd:13:36:7e:6a:bd:a9:31:60:36:26:b9: 63:fd:bf:aa:1e:cd:4e:98:67:8a:6a:58:34:f4:44:81:62:10: 1a:63:62:da:04:00:48:1d:43:93:03:63:5d:62:32:43:06:80: 32:c8:63:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszQ8CHtGHgberliIz0lgj/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlYTg0ZDdlNjRiYTNlODViNTcwMzZjNzMxOGY5M2NjM2Q5 NGQxODcwHhcNMjUxMjE4MjEwMDM2WhcNMjUxMjE5MjEwMDM2WjAzMTEwLwYDVQQD EyhhN2MzNTA3MTU5OTk4NTE4NWYzMDE0Yjk1YzE1ZWViOThjMDBlMmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+dC3x7moLYibhlmJspV5k9qTasXI 8gaW9jM5D3JghdKPgivbAMAdwnE19AX+P7/q64JJ8kPUmpxKuP2b10mggHQtZNUv uRyJT5ZilZcCqfo0BPO/JgeSpH/cG/2aH2WMeeupXIIlnnQVXPkf5Lu8dx4J+z0B UvqNewWkE+1LG2Yht2G7XZEXSp/wyGPTtJWxRvWvIgzn+mcXfxt2xwaY6xGtjAGA QHUi4labqjsJjZU15YIyqT7Kg2cLO5vZus7hIqiFSo1VyyQG/wSsX2+bcys9M5Mt 0fKDac4uzSKElWdTteKUcGXG0UCGio5nufZycIw5DDX/ukgj9kPWyttA7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKfDUHFZmYUYXzAUuVwV7rmMAOLWMB8GA1UdIwQY MBaAFK6oTX5kuj6FtXA2xzGPk8w9lNGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQt OTdjMzMyZjcyMzlkLzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQtOTdjMzMyZjcyMzlk LzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVX4OVIYT ysuKlv9UQJKcMf6vd22Ub5+a3H+AQ24prBnO0tewD9LBOUIJmF1++cz7s+rzSfjq yqISEN1/22d+wh2R28baCxdQoRfDw02dH3v0eapIQWQ59dISFMmmnQ5GZBZ8ZIbf W7jbOV83XMcxw4jygRgaoR9zfXo3G7UgAwlJcG1QQJu4W9zYn8m5TiyAaidxEdku czGzR3tTqjUUz8v8JoQh3dnxekdcDBcPH3GNaJceyjJcmMwSOECJ9re8lc5PHPCa kYt/Pb8l/RM2fmq9qTFgNia5Y/2/qh7NTphnimpYNPREgWIQGmNi2gQASB1DkwNj XWIyQwaAMshjAg== -----END CERTIFICATE-----Generated at Thu Dec 18 22:39:06 2025 by rpki-client