This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft File: 02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json) Hash identifier: wbtn63pvyodDNa033nCUw+HkmAL5SP56zHuvQx7gg5M= Subject key identifier: 79:86:E4:C1:66:08:18:05:E5:A4:36:78:75:DF:71:C2:6D:2F:BE:96 Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB Certificate issuer: /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab Certificate serial: 019B5A522C7FEEEA82AFBD00E89C20A04B6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft Manifest number: 0E66 Signing time: Fri 26 Dec 2025 11:01:33 +0000 Manifest this update: Fri 26 Dec 2025 11:01:33 +0000 Manifest next update: Sat 27 Dec 2025 11:01:33 +0000 Files and hashes: 1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: JXegKXrFq7FNhEFN/455rdbYtG9pwOWjWVL9awZhFVU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:2c:7f:ee:ea:82:af:bd:00:e8:9c:20:a0:4b:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab Validity Not Before: Dec 26 11:01:33 2025 GMT Not After : Dec 27 11:01:33 2025 GMT Subject: CN=7986e4c166081805e5a4367875df71c26d2fbe96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:80:18:d2:df:f0:9e:a5:f1:cd:61:cd:53:e5: 26:7d:9e:50:b7:7f:b9:17:05:6f:b1:b2:8b:85:e2: 89:40:2f:e2:13:46:a4:64:8c:88:3b:b7:6a:85:e9: 38:91:19:68:6c:5c:ba:36:1e:fc:8d:7a:05:58:04: 0a:64:1f:aa:a4:0e:ee:9f:d6:42:d1:79:3b:86:40: a0:1f:03:97:2a:89:ff:d1:3e:97:03:e7:06:6e:e2: 26:7a:7f:50:31:4f:ea:23:6a:83:9a:48:6a:54:a4: b6:6c:84:2c:6a:05:e2:ac:6b:40:ec:91:d2:19:15: 57:a1:10:d2:79:fa:2d:ec:e1:b7:d6:a7:04:a5:00: 52:3c:71:ea:4d:67:5d:c1:97:80:e8:64:54:7d:6f: 3b:a8:08:df:80:ad:b5:01:b4:7f:e3:5d:0f:58:cb: b1:a6:d2:86:bd:54:8b:77:8f:c6:1f:24:e7:e6:6a: 85:39:50:26:b2:d0:47:65:07:2d:54:0c:19:8a:5f: 92:0f:d0:4b:4f:c8:09:23:f1:52:13:da:f6:27:bf: 94:4e:05:2f:76:de:bf:a7:9e:10:e2:df:3a:f3:92: b2:b8:a4:d6:a8:0d:1b:31:6d:e4:46:4a:cb:a5:61: a1:6a:96:2c:6f:ab:f6:36:4a:b9:2f:34:a7:22:c3: 0f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:86:E4:C1:66:08:18:05:E5:A4:36:78:75:DF:71:C2:6D:2F:BE:96 X509v3 Authority Key Identifier: keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:2d:d5:67:b5:d2:84:3b:67:f0:13:d0:32:30:bd:c1:20:9a: 0a:c8:0a:3f:48:10:99:80:86:bc:69:20:54:28:1a:d7:70:79: 09:12:95:5e:72:c2:d3:71:8b:71:65:b3:54:e9:39:aa:12:82: 1e:be:d2:09:e3:dc:35:66:6b:2c:89:b6:9f:0c:ed:cd:be:84: 6b:35:a5:9d:d2:6c:38:ad:f7:59:d0:9d:35:8b:93:38:04:af: c5:0e:3d:af:d0:07:c1:c7:6e:ca:f1:52:39:2c:49:d8:89:89: 57:17:86:5a:f1:70:74:53:ec:7a:6b:6c:ba:33:58:30:6c:5f: c4:86:ba:0f:44:8f:fe:41:26:ed:00:f5:b9:0d:67:32:a2:93: 96:ce:1d:8a:90:99:35:cb:bb:5e:d5:6b:4b:ab:a7:ce:8f:7f: 6d:af:8c:99:24:82:b8:f3:bf:2a:a8:5b:56:70:ba:f8:bc:20: 78:14:ce:c1:78:fe:36:8f:96:a8:78:8f:26:a4:e9:f4:45:90: 11:96:d9:aa:ae:af:8c:05:3b:b5:ce:8a:10:46:94:95:3c:8d: 03:c5:2f:20:df:cd:46:7e:8e:81:8b:cc:96:84:35:87:01:3e: 7d:15:87:8c:c1:c7:ed:88:8c:4e:0d:13:00:69:df:b1:1d:20: 28:5e:29:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUix/7uqCr70A6JwgoEttMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl ZDViYWIwHhcNMjUxMjI2MTEwMTMzWhcNMjUxMjI3MTEwMTMzWjAzMTEwLwYDVQQD Eyg3OTg2ZTRjMTY2MDgxODA1ZTVhNDM2Nzg3NWRmNzFjMjZkMmZiZTk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIAY0t/wnqXxzWHNU+UmfZ5Qt3+5 FwVvsbKLheKJQC/iE0akZIyIO7dqhek4kRlobFy6Nh78jXoFWAQKZB+qpA7un9ZC 0Xk7hkCgHwOXKon/0T6XA+cGbuImen9QMU/qI2qDmkhqVKS2bIQsagXirGtA7JHS GRVXoRDSefot7OG31qcEpQBSPHHqTWddwZeA6GRUfW87qAjfgK21AbR/410PWMux ptKGvVSLd4/GHyTn5mqFOVAmstBHZQctVAwZil+SD9BLT8gJI/FSE9r2J7+UTgUv dt6/p54Q4t8685KyuKTWqA0bMW3kRkrLpWGhapYsb6v2Nkq5LzSnIsMPFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHmG5MFmCBgF5aQ2eHXfccJtL76WMB8GA1UdIwQY MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0 LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlS3VZ7XS hDtn8BPQMjC9wSCaCsgKP0gQmYCGvGkgVCga13B5CRKVXnLC03GLcWWzVOk5qhKC Hr7SCePcNWZrLIm2nwztzb6EazWlndJsOK33WdCdNYuTOASvxQ49r9AHwcduyvFS OSxJ2ImJVxeGWvFwdFPsemtsujNYMGxfxIa6D0SP/kEm7QD1uQ1nMqKTls4dipCZ Ncu7XtVrS6unzo9/ba+MmSSCuPO/KqhbVnC6+LwgeBTOwXj+No+WqHiPJqTp9EWQ EZbZqq6vjAU7tc6KEEaUlTyNA8UvIN/NRn6OgYvMloQ1hwE+fRWHjMHH7YiMTg0T AGnfsR0gKF4pHA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:46:24 2025 by rpki-client