This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft File: fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft (raw, json) Hash identifier: /SdqwQR9n9Cl8Lf3ia6FROhG00d7VvSZ2Yr0AKlE6ec= Subject key identifier: 4B:15:8E:18:BE:2E:9B:B7:68:D3:1E:01:FF:3D:D9:6A:62:6E:E7:3B Authority key identifier: 7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71 Certificate issuer: /CN=7d0bcabec4379f2d3b94187410d2e6e031a74171 Certificate serial: 019B33B1B9A9606E4E0772E52369BFCECFF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft Manifest number: 1713 Signing time: Thu 18 Dec 2025 23:00:43 +0000 Manifest this update: Thu 18 Dec 2025 23:00:43 +0000 Manifest next update: Fri 19 Dec 2025 23:00:43 +0000 Files and hashes: 1: fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl (hash: TQB53MXwDCqofpOOykRtQIBHLgnj98R3oW+/Jf1ufPY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:b9:a9:60:6e:4e:07:72:e5:23:69:bf:ce:cf:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d0bcabec4379f2d3b94187410d2e6e031a74171 Validity Not Before: Dec 18 23:00:43 2025 GMT Not After : Dec 19 23:00:43 2025 GMT Subject: CN=4b158e18be2e9bb768d31e01ff3dd96a626ee73b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:70:79:d6:88:e9:d1:de:44:37:f1:9a:45:9e: 18:8e:e2:5d:50:be:f7:c0:64:7c:e7:60:cd:67:bb: 2d:97:b5:14:8e:a7:3c:09:ec:40:55:60:b8:c2:ff: a5:2b:1e:da:aa:bc:20:28:0b:c5:dc:47:fe:13:c7: 26:cc:e6:9e:c9:17:5c:22:c7:06:64:e3:5e:8e:2b: eb:3f:76:2d:54:90:b5:15:02:ad:61:5b:ed:9e:d7: 5d:9e:c7:7f:38:b0:be:32:20:1c:8d:ad:da:b2:fd: 41:25:36:56:01:67:c1:c7:24:f2:68:9c:11:fd:1d: 34:3a:0d:cd:a0:c7:9f:f7:76:9b:bf:1c:25:a8:cc: 97:d7:53:6b:a1:e5:72:0b:56:12:1b:55:4f:e7:38: b2:53:02:a2:0c:f8:0c:b6:06:01:af:61:d7:65:92: 02:cb:03:ac:35:b9:b6:0f:35:56:e4:7e:75:ae:53: f8:6d:59:a1:64:97:a0:e3:31:5d:94:17:89:cb:4a: be:88:aa:5c:aa:2b:20:50:3d:fc:d9:20:ad:80:60: 05:17:85:cb:3e:0f:ea:be:a7:02:3c:28:60:e0:f9: 58:28:e2:59:77:3c:41:78:3a:4f:36:7c:b1:3d:a9: 82:2b:36:88:36:7b:9d:51:fa:7b:dd:23:69:3d:bd: b8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:15:8E:18:BE:2E:9B:B7:68:D3:1E:01:FF:3D:D9:6A:62:6E:E7:3B X509v3 Authority Key Identifier: keyid:7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:a2:01:c8:74:c3:00:28:18:6d:02:31:c6:25:af:83:b8:cc: 41:d7:61:f8:65:03:5f:4e:6a:a4:71:c0:b9:df:6c:b6:f5:72: e4:e8:6d:0b:df:bf:86:49:c4:f5:b9:da:a9:b9:4e:e7:7b:90: dd:e5:b6:e4:57:e2:27:78:7c:7b:c3:f9:5f:4f:91:c4:94:94: 24:5b:f6:96:ca:8c:01:1e:e7:fa:95:0e:a3:b8:33:38:30:98: 01:7e:e8:8f:01:b9:df:0b:1e:04:3a:64:db:59:80:9a:a4:b3: d7:ef:f1:83:18:5a:2b:e7:8a:a0:6f:37:1b:5a:82:f3:9f:c9: 88:ee:1d:a9:05:dc:0c:c5:26:c5:86:d7:b1:aa:da:3f:6b:fc: f8:60:e7:69:5b:59:5c:67:05:7d:db:19:c3:0e:8e:06:41:e8: bc:ae:5e:83:b5:43:c4:5c:22:35:db:77:22:12:70:1c:3f:ed: eb:56:7f:e2:29:28:b4:dd:f0:99:21:2b:f3:88:b7:d3:78:93: f9:65:17:f7:ea:ad:7a:e5:3f:fd:29:cf:f7:5d:22:96:fd:d2: 69:d4:cb:40:56:7e:82:79:f0:9b:a0:5b:96:73:da:e4:9e:af: 6f:c1:b6:77:a3:53:48:a1:06:32:1b:8b:dc:7b:97:2d:ca:74: 19:f1:18:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsbmpYG5OB3LlI2m/zs/yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkMGJjYWJlYzQzNzlmMmQzYjk0MTg3NDEwZDJlNmUwMzFh NzQxNzEwHhcNMjUxMjE4MjMwMDQzWhcNMjUxMjE5MjMwMDQzWjAzMTEwLwYDVQQD Eyg0YjE1OGUxOGJlMmU5YmI3NjhkMzFlMDFmZjNkZDk2YTYyNmVlNzNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HB51ojp0d5EN/GaRZ4YjuJdUL73 wGR852DNZ7stl7UUjqc8CexAVWC4wv+lKx7aqrwgKAvF3Ef+E8cmzOaeyRdcIscG ZONejivrP3YtVJC1FQKtYVvtntddnsd/OLC+MiAcja3asv1BJTZWAWfBxyTyaJwR /R00Og3NoMef93abvxwlqMyX11NroeVyC1YSG1VP5ziyUwKiDPgMtgYBr2HXZZIC ywOsNbm2DzVW5H51rlP4bVmhZJeg4zFdlBeJy0q+iKpcqisgUD382SCtgGAFF4XL Pg/qvqcCPChg4PlYKOJZdzxBeDpPNnyxPamCKzaINnudUfp73SNpPb24QwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEsVjhi+Lpu3aNMeAf892Wpibuc7MB8GA1UdIwQY MBaAFH0Lyr7EN58tO5QYdBDS5uAxp0FxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjIt OTcxNWNkNjk4ZTMyLzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjItOTcxNWNkNjk4ZTMy LzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEaIByHTD ACgYbQIxxiWvg7jMQddh+GUDX05qpHHAud9stvVy5OhtC9+/hknE9bnaqblO53uQ 3eW25FfiJ3h8e8P5X0+RxJSUJFv2lsqMAR7n+pUOo7gzODCYAX7ojwG53wseBDpk 21mAmqSz1+/xgxhaK+eKoG83G1qC85/JiO4dqQXcDMUmxYbXsaraP2v8+GDnaVtZ XGcFfdsZww6OBkHovK5eg7VDxFwiNdt3IhJwHD/t61Z/4ikotN3wmSEr84i303iT +WUX9+qteuU//SnP910ilv3SadTLQFZ+gnnwm6BblnPa5J6vb8G2d6NTSKEGMhuL 3HuXLcp0GfEYSw== -----END CERTIFICATE-----Generated at Fri Dec 19 01:28:02 2025 by rpki-client