This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft File: cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json) Hash identifier: cDXyIf/2yxAn0Eg1hrqLeEWFmcq5gVIVfzHFxxa+yCk= Subject key identifier: 97:62:46:3F:41:BD:61:A4:D9:AD:A1:DF:0F:9E:F4:E1:64:18:9F:80 Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE Certificate issuer: /CN=709a8efafa785401012c4590da63440a3456d0ce Certificate serial: 019B3FED5EE529BB46366688BE3ADDFE7CFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft Manifest number: 0542 Signing time: Sun 21 Dec 2025 08:01:19 +0000 Manifest this update: Sun 21 Dec 2025 08:01:19 +0000 Manifest next update: Mon 22 Dec 2025 08:01:19 +0000 Files and hashes: 1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: oNTFh8V4yDKs+Zlu3z3mqF3v2m60tSXfdwUUsX941WY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 08:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ed:5e:e5:29:bb:46:36:66:88:be:3a:dd:fe:7c:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce Validity Not Before: Dec 21 08:01:19 2025 GMT Not After : Dec 22 08:01:19 2025 GMT Subject: CN=9762463f41bd61a4d9ada1df0f9ef4e164189f80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2a:f1:88:68:16:d5:87:39:b5:06:89:34:d0: d5:bf:4c:35:9c:ec:19:ab:ce:c0:c2:34:69:a4:06: c2:68:39:74:82:d1:e2:cd:43:15:a1:04:f5:80:95: b6:66:49:20:71:ad:bf:30:17:83:26:6b:84:14:d0: d9:eb:5c:e4:b4:82:08:da:fe:ed:35:a7:fa:91:50: 01:f0:26:e8:1b:f3:ba:2e:13:03:a0:e7:a9:f3:12: 75:69:5f:a4:40:8d:bf:e6:82:a8:c1:69:86:b1:c9: 24:5b:8f:3d:ec:ee:a3:be:6f:9e:20:6c:5e:73:48: 9f:92:61:df:ab:cb:f5:fd:0a:15:68:29:8f:b9:75: ce:dc:9b:78:e9:43:d2:cc:8f:a8:af:47:c2:ab:8c: 4e:3c:94:54:8f:dd:0f:91:ce:d9:41:0a:55:38:47: 6e:42:89:bb:2d:6b:a5:2e:51:79:90:35:e1:79:66: bf:ae:e7:e1:16:5a:b2:1b:8f:de:f9:d7:60:b6:0a: ba:e6:c0:f0:f7:b3:ff:d6:fd:b4:1c:ac:ba:80:48: 02:27:e9:a3:3f:96:a1:d6:9d:21:27:8a:90:2d:9f: 6f:a9:e5:a0:64:fb:2b:f3:1d:03:6a:7b:4f:5b:74: f5:d7:84:06:11:0c:1e:b1:d5:be:ce:f9:9a:fd:d8: 81:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:62:46:3F:41:BD:61:A4:D9:AD:A1:DF:0F:9E:F4:E1:64:18:9F:80 X509v3 Authority Key Identifier: keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:0c:02:21:26:4e:62:a0:bc:54:2a:96:07:82:69:be:b2:10: 54:bb:6b:dd:82:ea:23:79:5f:f0:cb:c3:26:87:97:fa:59:7c: 04:5d:f6:b2:1f:73:17:fd:38:3f:ba:b4:75:74:9a:f2:96:00: b7:a9:18:1b:73:d0:6b:7f:99:a6:39:cc:21:52:e4:c1:20:5b: 0a:71:7c:a1:de:f9:42:ae:82:cc:51:e9:17:e4:bf:10:31:70: 26:e6:b1:41:f8:3f:9f:21:68:2f:0b:19:4d:47:d4:da:8d:e9: 34:5f:5d:d0:1e:5f:7f:34:0c:a3:31:aa:98:18:52:d4:3c:c0: aa:04:0f:79:c7:b4:0d:37:a7:6e:e5:96:a3:30:cc:50:9a:f2: 20:40:b8:cf:80:be:fa:6f:1f:c2:ba:c5:5d:a0:14:ca:14:5e: 3d:45:5b:5a:a4:9b:a6:e0:59:12:5a:0a:3f:99:19:a1:86:a6: df:fa:35:73:ed:18:42:75:e4:de:a0:f3:04:a7:8f:2e:8c:0d: 7b:bf:a4:65:92:87:b5:60:66:56:bb:49:3b:eb:aa:e5:74:d7: 01:e7:6e:2f:27:37:da:50:a6:fb:8c:4c:0c:48:93:e5:a1:ed: 7f:f7:86:96:67:3c:ab:22:55:26:c4:7b:67:a3:12:e1:30:91: 8e:1d:26:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7V7lKbtGNmaIvjrd/nz7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1 NmQwY2UwHhcNMjUxMjIxMDgwMTE5WhcNMjUxMjIyMDgwMTE5WjAzMTEwLwYDVQQD Eyg5NzYyNDYzZjQxYmQ2MWE0ZDlhZGExZGYwZjllZjRlMTY0MTg5ZjgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3irxiGgW1Yc5tQaJNNDVv0w1nOwZ q87AwjRppAbCaDl0gtHizUMVoQT1gJW2Zkkgca2/MBeDJmuEFNDZ61zktIII2v7t Naf6kVAB8CboG/O6LhMDoOep8xJ1aV+kQI2/5oKowWmGsckkW4897O6jvm+eIGxe c0ifkmHfq8v1/QoVaCmPuXXO3Jt46UPSzI+or0fCq4xOPJRUj90Pkc7ZQQpVOEdu Qom7LWulLlF5kDXheWa/rufhFlqyG4/e+ddgtgq65sDw97P/1v20HKy6gEgCJ+mj P5ah1p0hJ4qQLZ9vqeWgZPsr8x0DantPW3T114QGEQwesdW+zvma/diB6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJdiRj9BvWGk2a2h3w+e9OFkGJ+AMB8GA1UdIwQY MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwwCISZO YqC8VCqWB4JpvrIQVLtr3YLqI3lf8MvDJoeX+ll8BF32sh9zF/04P7q0dXSa8pYA t6kYG3PQa3+ZpjnMIVLkwSBbCnF8od75Qq6CzFHpF+S/EDFwJuaxQfg/nyFoLwsZ TUfU2o3pNF9d0B5ffzQMozGqmBhS1DzAqgQPece0DTenbuWWozDMUJryIEC4z4C+ +m8fwrrFXaAUyhRePUVbWqSbpuBZEloKP5kZoYam3/o1c+0YQnXk3qDzBKePLowN e7+kZZKHtWBmVrtJO+uq5XTXAeduLyc32lCm+4xMDEiT5aHtf/eGlmc8qyJVJsR7 Z6MS4TCRjh0mtg== -----END CERTIFICATE-----Generated at Sun Dec 21 18:07:31 2025 by rpki-client