This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft File: KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft (raw, json) Hash identifier: L66pDefLhJY5j8+hs9lJAAYI6teeo0fHeovYBL1qUH0= Subject key identifier: 29:03:D2:05:2D:FE:6E:37:59:D7:BD:60:B8:F4:60:75:84:1C:EF:78 Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e Certificate serial: 019B59085D46BB8872B4A4D4FD27A36F2866 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft Manifest number: 1799 Signing time: Fri 26 Dec 2025 05:01:18 +0000 Manifest this update: Fri 26 Dec 2025 05:01:18 +0000 Manifest next update: Sat 27 Dec 2025 05:01:18 +0000 Files and hashes: 1: KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl (hash: B86Lt2zDRc6OGiW1c1At82Hk9dchswKWOntU60W12AU=) 2: Ra0sgLWf3JdJbcM4jauXm0fPx4g.roa (hash: ymRkXWhwSlWVwmfkCY22bMBdImNrCEWfsZ+bTko6SjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:5d:46:bb:88:72:b4:a4:d4:fd:27:a3:6f:28:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e Validity Not Before: Dec 26 05:01:18 2025 GMT Not After : Dec 27 05:01:18 2025 GMT Subject: CN=2903d2052dfe6e3759d7bd60b8f46075841cef78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f9:99:72:6b:e4:46:62:6a:92:b5:14:cb:ee: 08:41:2f:8f:ca:db:8d:78:82:49:38:d7:da:6f:11: d5:a8:54:e5:b1:00:c6:32:9e:44:47:fc:e2:f2:d4: cb:4b:07:10:6c:49:74:3f:2f:23:8a:44:00:ea:80: 2c:3a:00:7b:d7:18:a1:66:21:99:70:84:4b:1f:ce: 63:4e:20:8a:6a:55:a2:f6:68:15:74:06:f0:ef:32: 44:be:8a:38:09:05:bc:13:5b:89:b3:5f:a1:bb:39: 8f:c5:0f:35:11:8e:a0:10:4d:cc:af:88:10:dd:de: 75:fb:64:52:7c:13:73:dd:99:27:cd:d1:42:5d:ff: 4a:17:6d:24:57:91:e6:2f:2e:e9:7b:b5:a3:48:af: 7e:00:f6:1e:07:f8:10:be:15:5e:6c:84:9e:e4:88: 99:f6:cf:63:52:50:5e:fc:80:46:7a:53:a3:c9:ca: 11:ee:b7:1b:67:9d:0d:09:3e:ea:d6:b6:16:da:a2: 11:48:3d:a4:b0:a5:fc:57:7e:26:d9:d6:d0:ea:bb: 64:2f:a6:d9:4a:8c:36:cc:94:36:39:d9:c6:e4:9d: 68:27:41:22:74:a1:bb:f5:cc:65:48:67:1f:c3:b9: f0:a8:54:e9:53:77:8b:6c:4a:8b:08:e3:bc:ec:1b: 6d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:03:D2:05:2D:FE:6E:37:59:D7:BD:60:B8:F4:60:75:84:1C:EF:78 X509v3 Authority Key Identifier: keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:f9:27:06:fa:c5:81:ff:08:2d:08:54:e3:a4:0e:c3:20:eb: ec:d9:74:2f:82:b6:18:d9:7e:b0:59:5c:60:d5:88:e5:38:f3: 67:ed:46:9f:7e:3b:bc:71:2e:95:b5:c5:6e:cb:e1:9d:43:bb: 0b:11:71:2b:f9:4a:0a:6c:25:2e:c0:0b:1d:cf:c2:10:cf:89: 29:e6:f2:1d:19:fd:02:99:a8:fe:ec:01:09:c0:36:90:b1:6c: 38:84:3f:fe:b7:eb:f0:b3:96:42:24:74:c7:4d:d8:af:59:2c: 87:ba:45:36:e7:1d:37:e4:8e:ba:81:8f:25:66:28:29:6a:c6: 29:04:4e:ff:bc:cd:a5:33:c2:65:50:2d:fd:b5:dd:7a:0d:5a: 34:62:a1:5b:ca:7b:a4:c7:ac:f3:8f:10:7c:60:11:44:8f:77: 4e:40:eb:a7:9f:2a:46:b3:0a:b2:ff:86:96:74:c9:36:35:37: d0:1e:17:1b:f9:f6:85:f7:f8:de:e3:12:58:37:09:b4:38:93: f5:7e:7e:1d:a2:80:74:e8:b2:05:76:86:28:db:19:83:85:7c: f1:ca:e6:3b:7f:1b:0b:71:d5:8a:15:d9:01:8d:30:38:d3:64: db:1c:c8:1c:db:92:dd:18:84:90:cf:93:16:5a:cb:05:01:b0: 4a:79:6d:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCF1Gu4hytKTU/SejbyhmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4 ZjRhMmUwHhcNMjUxMjI2MDUwMTE4WhcNMjUxMjI3MDUwMTE4WjAzMTEwLwYDVQQD EygyOTAzZDIwNTJkZmU2ZTM3NTlkN2JkNjBiOGY0NjA3NTg0MWNlZjc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPmZcmvkRmJqkrUUy+4IQS+PytuN eIJJONfabxHVqFTlsQDGMp5ER/zi8tTLSwcQbEl0Py8jikQA6oAsOgB71xihZiGZ cIRLH85jTiCKalWi9mgVdAbw7zJEvoo4CQW8E1uJs1+huzmPxQ81EY6gEE3Mr4gQ 3d51+2RSfBNz3ZknzdFCXf9KF20kV5HmLy7pe7WjSK9+APYeB/gQvhVebISe5IiZ 9s9jUlBe/IBGelOjycoR7rcbZ50NCT7q1rYW2qIRSD2ksKX8V34m2dbQ6rtkL6bZ Sow2zJQ2OdnG5J1oJ0EidKG79cxlSGcfw7nwqFTpU3eLbEqLCOO87BttKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCkD0gUt/m43Wde9YLj0YHWEHO94MB8GA1UdIwQY MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt MmIyZjJiODkwOGNjLzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVPknBvrF gf8ILQhU46QOwyDr7Nl0L4K2GNl+sFlcYNWI5TjzZ+1Gn347vHEulbXFbsvhnUO7 CxFxK/lKCmwlLsALHc/CEM+JKebyHRn9Apmo/uwBCcA2kLFsOIQ//rfr8LOWQiR0 x03Yr1ksh7pFNucdN+SOuoGPJWYoKWrGKQRO/7zNpTPCZVAt/bXdeg1aNGKhW8p7 pMes848QfGARRI93TkDrp58qRrMKsv+GlnTJNjU30B4XG/n2hff43uMSWDcJtDiT 9X5+HaKAdOiyBXaGKNsZg4V88crmO38bC3HVihXZAY0wONNk2xzIHNuS3RiEkM+T FlrLBQGwSnltnw== -----END CERTIFICATE-----Generated at Fri Dec 26 12:51:40 2025 by rpki-client