This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.mft File: Q_2TYug7hS8_0zEbCQlvYommoPg.mft (raw, json) Hash identifier: S+KGPivwKXQpASp/BqUJpxoZqUcBTxM4H0jBT9QRD04= Subject key identifier: BC:BF:6E:14:CE:9C:DB:DC:68:18:F1:95:0A:8F:83:D8:00:C8:C0:77 Authority key identifier: 43:FD:93:62:E8:3B:85:2F:3F:D3:31:1B:09:09:6F:62:89:A6:A0:F8 Certificate issuer: /CN=43fd9362e83b852f3fd3311b09096f6289a6a0f8 Certificate serial: 019B33E880E803A77F746EA5951BBC679465 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_2TYug7hS8_0zEbCQlvYommoPg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.mft Manifest number: 1058 Signing time: Fri 19 Dec 2025 00:00:33 +0000 Manifest this update: Fri 19 Dec 2025 00:00:33 +0000 Manifest next update: Sat 20 Dec 2025 00:00:33 +0000 Files and hashes: 1: Fy-RDVpoQYqhk9YIhC0_OXJ7Ngw.roa (hash: MSpbkpTae0BKWb0wW1Z5MLxX2eex/b1uULBuB1GrJoU=) 2: Q_2TYug7hS8_0zEbCQlvYommoPg.crl (hash: zJ7hFEtzNrdL9xLnJyYbRwvakTFeWxYooitw4aEaZwc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.mft rsync://rpki.ripe.net/repository/DEFAULT/Q_2TYug7hS8_0zEbCQlvYommoPg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e8:80:e8:03:a7:7f:74:6e:a5:95:1b:bc:67:94:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43fd9362e83b852f3fd3311b09096f6289a6a0f8 Validity Not Before: Dec 19 00:00:33 2025 GMT Not After : Dec 20 00:00:33 2025 GMT Subject: CN=bcbf6e14ce9cdbdc6818f1950a8f83d800c8c077 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:6e:b6:92:ab:52:61:24:08:2b:52:36:f2:c2: 74:51:1b:eb:01:3a:f2:9c:59:b7:9e:ab:38:91:7c: a0:6f:a5:85:c4:49:16:be:3f:16:97:99:6f:3d:6c: 6a:24:74:fa:f0:e6:4c:b9:0b:dc:e6:ed:82:37:8c: b2:76:99:24:0e:de:d0:73:8e:ed:25:cd:71:a4:72: 0e:f3:44:57:26:13:13:8f:c2:c1:02:8d:64:15:52: cf:63:96:7b:7d:65:15:28:d0:6a:74:18:dd:51:f5: 8d:38:f7:1f:8d:c7:b7:5e:93:d7:9e:e7:84:cd:06: a1:77:fc:4b:81:20:47:85:26:13:7b:72:79:fe:5f: d6:34:db:15:01:f8:e4:ed:d8:ee:8f:86:91:70:f6: d3:ea:e0:68:e3:d5:e2:cf:f6:0f:27:43:56:ad:8e: cb:dd:2b:29:15:a1:a5:54:45:34:e8:ac:97:aa:9c: a0:01:1d:35:03:14:fc:a0:02:45:08:f5:13:cd:c4: 55:c1:35:f9:da:c1:3c:e9:29:9a:f8:3f:0a:75:80: 7a:0f:dc:48:e5:91:11:38:6d:c5:76:65:53:8f:8d: 36:69:21:db:06:b3:3b:47:52:9f:f8:6a:84:31:28: 47:bc:5c:f2:5a:89:64:43:9a:53:bd:f8:97:4b:48: e5:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:BF:6E:14:CE:9C:DB:DC:68:18:F1:95:0A:8F:83:D8:00:C8:C0:77 X509v3 Authority Key Identifier: keyid:43:FD:93:62:E8:3B:85:2F:3F:D3:31:1B:09:09:6F:62:89:A6:A0:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_2TYug7hS8_0zEbCQlvYommoPg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1d3c15-3416-44ad-9a89-6547bb1b80c2/1/Q_2TYug7hS8_0zEbCQlvYommoPg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:8b:21:bb:67:41:c4:f4:ce:49:fd:f1:9c:17:bf:b6:89:ec: 00:ee:17:0f:8a:e8:50:80:42:0f:db:b5:9d:4c:21:cd:e7:3a: 20:e3:78:c0:da:c5:2f:83:46:b0:4f:d0:68:ca:82:27:42:6e: 44:32:11:3a:8c:68:85:e7:dc:c4:5f:87:b3:09:80:29:f5:04: 21:a9:f6:90:a4:e8:66:65:c4:be:1e:28:a2:62:cf:57:8d:d7: 5f:b0:00:7d:64:2d:78:70:e6:db:d9:17:2b:cf:6f:00:35:cd: 5e:e5:7f:fc:b0:47:ac:34:29:99:6b:67:b4:4f:27:6e:6c:85: b9:cc:28:ea:54:e4:28:0e:48:bf:8e:9f:8a:61:c7:86:b1:22: e2:3a:c5:b8:3b:02:36:9e:ef:12:b5:14:f8:9e:d4:4a:de:e3: 5b:16:4e:07:1c:43:dc:c2:a6:a3:a3:14:d3:cd:07:1f:6e:74: db:39:25:69:ce:ba:07:4a:1a:d1:6d:00:ff:57:07:df:ec:45: b1:22:83:ad:1a:14:83:d7:1c:63:c9:8f:1a:96:bd:14:af:c8: e8:94:64:51:16:64:c9:a2:7b:88:dd:2f:98:28:2c:48:d0:8a: 40:80:11:d0:a8:3c:08:1e:d5:60:49:2b:0b:12:fb:ca:0d:8c: 9e:45:b0:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6IDoA6d/dG6llRu8Z5RlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzZmQ5MzYyZTgzYjg1MmYzZmQzMzExYjA5MDk2ZjYyODlh NmEwZjgwHhcNMjUxMjE5MDAwMDMzWhcNMjUxMjIwMDAwMDMzWjAzMTEwLwYDVQQD EyhiY2JmNmUxNGNlOWNkYmRjNjgxOGYxOTUwYThmODNkODAwYzhjMDc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj262kqtSYSQIK1I28sJ0URvrATry nFm3nqs4kXygb6WFxEkWvj8Wl5lvPWxqJHT68OZMuQvc5u2CN4yydpkkDt7Qc47t Jc1xpHIO80RXJhMTj8LBAo1kFVLPY5Z7fWUVKNBqdBjdUfWNOPcfjce3XpPXnueE zQahd/xLgSBHhSYTe3J5/l/WNNsVAfjk7djuj4aRcPbT6uBo49Xiz/YPJ0NWrY7L 3SspFaGlVEU06KyXqpygAR01AxT8oAJFCPUTzcRVwTX52sE86Sma+D8KdYB6D9xI 5ZEROG3FdmVTj402aSHbBrM7R1Kf+GqEMShHvFzyWolkQ5pTvfiXS0jlRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLy/bhTOnNvcaBjxlQqPg9gAyMB3MB8GA1UdIwQY MBaAFEP9k2LoO4UvP9MxGwkJb2KJpqD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUV8yVFl1ZzdoUzhfMHpFYkNRbHZZb21tb1BnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xZDNjMTUtMzQxNi00NGFkLTlhODkt NjU0N2JiMWI4MGMyLzEvUV8yVFl1ZzdoUzhfMHpFYkNRbHZZb21tb1BnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8xZDNjMTUtMzQxNi00NGFkLTlhODktNjU0N2JiMWI4MGMy LzEvUV8yVFl1ZzdoUzhfMHpFYkNRbHZZb21tb1BnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4shu2dB xPTOSf3xnBe/tonsAO4XD4roUIBCD9u1nUwhzec6ION4wNrFL4NGsE/QaMqCJ0Ju RDIROoxohefcxF+HswmAKfUEIan2kKToZmXEvh4oomLPV43XX7AAfWQteHDm29kX K89vADXNXuV//LBHrDQpmWtntE8nbmyFucwo6lTkKA5Iv46fimHHhrEi4jrFuDsC Np7vErUU+J7USt7jWxZOBxxD3MKmo6MU080HH2502zklac66B0oa0W0A/1cH3+xF sSKDrRoUg9ccY8mPGpa9FK/I6JRkURZkyaJ7iN0vmCgsSNCKQIAR0Kg8CB7VYEkr CxL7yg2MnkWwCQ== -----END CERTIFICATE-----Generated at Fri Dec 19 07:49:51 2025 by rpki-client