This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.mft File: Q8d7RzY2gTePrORmFB1UzIg5nPU.mft (raw, json) Hash identifier: tW/2CL9DuUWWcfuUVYXRD073zwk5xJgib9yXOAKYTP0= Subject key identifier: 0F:0D:4D:BF:19:59:2D:51:2F:63:F9:9C:12:6D:2E:DF:9A:98:FC:98 Authority key identifier: 43:C7:7B:47:36:36:81:37:8F:AC:E4:66:14:1D:54:CC:88:39:9C:F5 Certificate issuer: /CN=43c77b47363681378face466141d54cc88399cf5 Certificate serial: 019B5B65492C22FC5FC9066DA0048AD39EDB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8d7RzY2gTePrORmFB1UzIg5nPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.mft Manifest number: 1729 Signing time: Fri 26 Dec 2025 16:02:02 +0000 Manifest this update: Fri 26 Dec 2025 16:02:02 +0000 Manifest next update: Sat 27 Dec 2025 16:02:02 +0000 Files and hashes: 1: LhVPheiP2Wbqe7xFjCy9IQ_CSc0.roa (hash: Jd5k/N8+tstl7PIZFFMbIYM8R6nDjGK5pnVrR8G85AA=) 2: Q8d7RzY2gTePrORmFB1UzIg5nPU.crl (hash: JWcN6K3zN2Eu9eOndwh8dmStNtp2Nv2MUjHm9AYBl5Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.mft rsync://rpki.ripe.net/repository/DEFAULT/Q8d7RzY2gTePrORmFB1UzIg5nPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:65:49:2c:22:fc:5f:c9:06:6d:a0:04:8a:d3:9e:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43c77b47363681378face466141d54cc88399cf5 Validity Not Before: Dec 26 16:02:02 2025 GMT Not After : Dec 27 16:02:02 2025 GMT Subject: CN=0f0d4dbf19592d512f63f99c126d2edf9a98fc98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1f:60:97:d6:88:2f:ab:56:d8:09:fb:d9:bc: a9:45:ec:c5:ae:bd:01:d9:63:53:37:88:c0:29:9e: 46:90:1a:fe:81:07:cd:3b:51:38:5f:95:23:e6:d2: 44:2c:34:f7:c0:71:eb:4a:fb:dc:3f:2f:e7:af:35: 3b:03:c0:96:1e:12:6d:43:c8:26:eb:d5:08:ff:2a: da:3f:b3:5d:15:80:1e:40:bf:28:96:62:cd:7d:12: 16:95:3e:be:9a:c0:7d:9e:83:d3:c7:00:b5:82:5e: b8:07:06:83:e2:e1:44:e6:d3:b9:16:4c:59:c4:4b: 87:13:82:5d:53:bd:08:40:de:f2:0b:65:cd:ac:75: 10:85:96:10:a1:1b:f7:55:57:71:ab:82:90:c6:0a: 83:fb:3e:b1:ee:78:c5:a1:ed:c6:76:d7:22:fc:87: 7d:d6:5d:f7:ec:2a:1a:f8:60:00:79:52:07:b4:0c: d3:85:63:21:33:84:79:84:dd:84:86:17:00:84:0b: 73:6a:d6:38:ee:f1:b2:c2:c9:c6:00:9f:42:e1:eb: 5f:eb:21:3c:6f:1f:3e:7e:a7:76:36:47:19:e5:9d: dd:c5:1d:71:53:f4:ab:27:95:ca:65:d8:53:eb:16: e2:7d:12:19:7b:0a:3b:2f:1f:38:44:df:89:53:b8: 91:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:0D:4D:BF:19:59:2D:51:2F:63:F9:9C:12:6D:2E:DF:9A:98:FC:98 X509v3 Authority Key Identifier: keyid:43:C7:7B:47:36:36:81:37:8F:AC:E4:66:14:1D:54:CC:88:39:9C:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8d7RzY2gTePrORmFB1UzIg5nPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/01809b-42dd-4136-96b1-1fd10d8e075f/1/Q8d7RzY2gTePrORmFB1UzIg5nPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:47:33:7a:ac:f5:76:13:cb:bd:71:05:a3:bb:5e:ef:0a:0e: 1f:38:3c:75:44:a4:3c:45:90:34:1b:70:e4:b3:ca:28:5e:4a: 9a:5b:31:98:2b:cf:9d:11:40:9c:fc:8c:23:bd:84:e6:e8:5a: 2d:ee:27:b8:07:d1:b0:f1:28:4c:cc:5b:7f:3e:bc:76:3d:7f: 27:d9:66:16:b8:02:8e:46:31:b2:44:92:72:20:a3:16:2f:56: 7c:97:b7:a5:61:5d:b6:0e:c2:00:5c:7c:3e:c9:93:60:18:91: 1d:ce:5b:b7:f0:1a:14:35:66:a2:a4:ff:32:28:75:99:49:fe: 2f:a3:d3:72:08:f9:f6:af:a0:22:20:ed:23:23:5a:ea:bf:80: 85:8f:d1:f8:92:64:6e:87:39:52:35:61:de:87:27:99:be:34: 4a:96:f0:be:52:52:7d:a8:75:4e:29:05:e2:0d:33:03:9e:26: d0:34:c9:f6:ee:3f:01:78:31:6b:96:de:e1:60:e6:0e:a0:57: 77:73:67:f7:67:9a:e9:4d:e2:22:97:ef:61:90:86:07:6d:a7: fd:8a:d3:7a:a3:ad:2a:4b:c0:b3:c2:bb:8e:54:06:57:7b:67: 99:2c:f7:25:25:09:f3:7a:59:ef:1c:61:26:13:f4:15:5e:36: 77:9f:f1:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbZUksIvxfyQZtoASK057bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzYzc3YjQ3MzYzNjgxMzc4ZmFjZTQ2NjE0MWQ1NGNjODgz OTljZjUwHhcNMjUxMjI2MTYwMjAyWhcNMjUxMjI3MTYwMjAyWjAzMTEwLwYDVQQD EygwZjBkNGRiZjE5NTkyZDUxMmY2M2Y5OWMxMjZkMmVkZjlhOThmYzk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h9gl9aIL6tW2An72bypRezFrr0B 2WNTN4jAKZ5GkBr+gQfNO1E4X5Uj5tJELDT3wHHrSvvcPy/nrzU7A8CWHhJtQ8gm 69UI/yraP7NdFYAeQL8olmLNfRIWlT6+msB9noPTxwC1gl64BwaD4uFE5tO5FkxZ xEuHE4JdU70IQN7yC2XNrHUQhZYQoRv3VVdxq4KQxgqD+z6x7njFoe3Gdtci/Id9 1l337Coa+GAAeVIHtAzThWMhM4R5hN2EhhcAhAtzatY47vGywsnGAJ9C4etf6yE8 bx8+fqd2NkcZ5Z3dxR1xU/SrJ5XKZdhT6xbifRIZewo7Lx84RN+JU7iR+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA8NTb8ZWS1RL2P5nBJtLt+amPyYMB8GA1UdIwQY MBaAFEPHe0c2NoE3j6zkZhQdVMyIOZz1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUThkN1J6WTJnVGVQck9SbUZCMVV6SWc1blBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8wMTgwOWItNDJkZC00MTM2LTk2YjEt MWZkMTBkOGUwNzVmLzEvUThkN1J6WTJnVGVQck9SbUZCMVV6SWc1blBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS8wMTgwOWItNDJkZC00MTM2LTk2YjEtMWZkMTBkOGUwNzVm LzEvUThkN1J6WTJnVGVQck9SbUZCMVV6SWc1blBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUUczeqz1 dhPLvXEFo7te7woOHzg8dUSkPEWQNBtw5LPKKF5KmlsxmCvPnRFAnPyMI72E5uha Le4nuAfRsPEoTMxbfz68dj1/J9lmFrgCjkYxskSSciCjFi9WfJe3pWFdtg7CAFx8 PsmTYBiRHc5bt/AaFDVmoqT/Mih1mUn+L6PTcgj59q+gIiDtIyNa6r+AhY/R+JJk boc5UjVh3ocnmb40SpbwvlJSfah1TikF4g0zA54m0DTJ9u4/AXgxa5be4WDmDqBX d3Nn92ea6U3iIpfvYZCGB22n/YrTeqOtKkvAs8K7jlQGV3tnmSz3JSUJ83pZ7xxh JhP0FV42d5/xTg== -----END CERTIFICATE-----Generated at Fri Dec 26 22:55:05 2025 by rpki-client