This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft File: bQih9MOF86e2KYTVPoFmWplUEPM.mft (raw, json) Hash identifier: NYqqKS+iikPOKrqAZGxQcOJKLO2X/J/HwWFLProLUW0= Subject key identifier: 6D:C3:0E:CF:2E:B7:DA:A1:5F:0F:15:35:49:9C:2B:D6:3A:3F:88:8A Authority key identifier: 6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3 Certificate issuer: /CN=6d08a1f4c385f3a7b62984d53e81665a995410f3 Certificate serial: 019B3C1080C96FFBABA4E9560BB8762EB030 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft Manifest number: 0B87 Signing time: Sat 20 Dec 2025 14:01:12 +0000 Manifest this update: Sat 20 Dec 2025 14:01:12 +0000 Manifest next update: Sun 21 Dec 2025 14:01:12 +0000 Files and hashes: 1: J7EMvjCrDCSEaNvEXQjzbwryII4.roa (hash: Ak6AJOV8w0m5lQCAa41zEyYCpJIBSURSyT+w9pihP/8=) 2: bQih9MOF86e2KYTVPoFmWplUEPM.crl (hash: ZZ9A1PxAjzGinDeXwcF6+dooxiFGNDQgd3wF0p+iCZQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:80:c9:6f:fb:ab:a4:e9:56:0b:b8:76:2e:b0:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d08a1f4c385f3a7b62984d53e81665a995410f3 Validity Not Before: Dec 20 14:01:12 2025 GMT Not After : Dec 21 14:01:12 2025 GMT Subject: CN=6dc30ecf2eb7daa15f0f1535499c2bd63a3f888a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1a:54:50:ed:cf:60:b5:b5:bf:ca:e5:82:d2: 6b:51:b1:05:92:d5:be:9b:93:00:6f:0b:f3:0f:1f: 3f:8d:44:19:ab:70:5c:55:81:c9:08:b0:42:e6:89: f3:6c:0d:12:4d:ab:62:b5:2f:cc:c2:98:b7:6f:a1: 17:6a:ad:57:f1:d8:d0:fe:8c:a4:ba:68:e4:d3:84: d7:11:76:38:a7:69:b0:62:b0:f1:59:42:92:7d:ef: 73:e8:05:85:1a:04:39:3f:0e:33:05:b8:09:ac:55: 82:7e:18:6f:12:aa:9f:1f:4e:1c:c3:27:8b:a7:d4: 99:f7:3e:0d:24:14:68:cb:c5:b8:22:3b:d8:fc:a7: c0:c1:d6:e9:72:c8:19:20:75:61:c4:f1:f0:b8:af: af:89:2b:3f:32:a7:0a:9a:a3:9e:e8:3e:42:e8:ef: c4:52:e9:5b:2b:67:43:bf:0b:a6:b6:79:0e:5f:31: 99:d4:73:5d:f3:06:d6:98:e0:e2:26:8e:0a:37:77: 4e:c5:04:8e:cc:dd:bf:4d:35:12:fb:92:fb:2f:a2: 5a:60:8c:75:4d:8f:ae:20:ee:19:c2:c3:21:01:d3: 40:d2:07:55:c7:8d:f4:33:bc:6d:05:9d:51:7f:18: ee:b6:af:81:61:fa:10:53:81:a4:46:6d:9b:9a:d9: d0:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:C3:0E:CF:2E:B7:DA:A1:5F:0F:15:35:49:9C:2B:D6:3A:3F:88:8A X509v3 Authority Key Identifier: keyid:6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:92:f2:10:59:7b:ff:17:85:0f:63:60:7d:c3:e9:08:87:42: b7:51:81:b1:73:67:d5:42:f5:67:29:7e:d2:66:55:c0:01:f3: eb:89:22:24:c7:0f:47:39:83:6e:54:15:9a:78:4a:37:c3:36: 0e:54:9f:aa:31:41:79:ad:1a:cf:02:04:b3:0d:62:17:4c:b0: 96:30:45:2d:68:75:3f:2d:24:96:4d:71:37:ef:b6:dc:a7:52: 05:4b:31:d5:c0:1c:5e:69:5f:58:90:6a:b2:ca:18:90:d3:b9: 04:c8:b8:eb:f2:00:46:63:ba:e4:0a:41:fc:26:39:57:89:43: 1e:e2:45:3b:56:db:c5:2e:6c:09:9f:18:e2:ef:84:e8:e7:82: 09:d9:4b:f7:7d:e8:30:c0:4a:b9:e9:72:78:4a:1a:69:7e:ce: 10:e2:53:0b:16:2e:db:a0:ff:b3:6f:5d:c4:25:39:88:cd:7c: e7:b7:2a:ec:5d:5a:49:de:55:4d:12:31:ad:4e:c3:b3:0d:c1: 56:94:78:f0:fe:cd:5c:3a:de:7a:c0:a3:49:ff:0f:a4:d7:95: 00:6f:08:28:e4:21:90:c4:60:d2:43:28:5e:e4:0c:29:d1:7a: 9f:3c:66:c6:78:97:e7:54:e9:e8:0f:8d:26:0e:37:1a:b5:21: a9:dc:34:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EIDJb/urpOlWC7h2LrAwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDhhMWY0YzM4NWYzYTdiNjI5ODRkNTNlODE2NjVhOTk1 NDEwZjMwHhcNMjUxMjIwMTQwMTEyWhcNMjUxMjIxMTQwMTEyWjAzMTEwLwYDVQQD Eyg2ZGMzMGVjZjJlYjdkYWExNWYwZjE1MzU0OTljMmJkNjNhM2Y4ODhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhpUUO3PYLW1v8rlgtJrUbEFktW+ m5MAbwvzDx8/jUQZq3BcVYHJCLBC5onzbA0STatitS/Mwpi3b6EXaq1X8djQ/oyk umjk04TXEXY4p2mwYrDxWUKSfe9z6AWFGgQ5Pw4zBbgJrFWCfhhvEqqfH04cwyeL p9SZ9z4NJBRoy8W4IjvY/KfAwdbpcsgZIHVhxPHwuK+viSs/MqcKmqOe6D5C6O/E UulbK2dDvwumtnkOXzGZ1HNd8wbWmODiJo4KN3dOxQSOzN2/TTUS+5L7L6JaYIx1 TY+uIO4ZwsMhAdNA0gdVx430M7xtBZ1Rfxjutq+BYfoQU4GkRm2bmtnQDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG3DDs8ut9qhXw8VNUmcK9Y6P4iKMB8GA1UdIwQY MBaAFG0IofTDhfOntimE1T6BZlqZVBDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEt NDNhODUyNmQ4MmJiLzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEtNDNhODUyNmQ4MmJi LzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapLyEFl7 /xeFD2NgfcPpCIdCt1GBsXNn1UL1Zyl+0mZVwAHz64kiJMcPRzmDblQVmnhKN8M2 DlSfqjFBea0azwIEsw1iF0ywljBFLWh1Py0klk1xN++23KdSBUsx1cAcXmlfWJBq ssoYkNO5BMi46/IARmO65ApB/CY5V4lDHuJFO1bbxS5sCZ8Y4u+E6OeCCdlL933o MMBKuelyeEoaaX7OEOJTCxYu26D/s29dxCU5iM1857cq7F1aSd5VTRIxrU7Dsw3B VpR48P7NXDreesCjSf8PpNeVAG8IKOQhkMRg0kMoXuQMKdF6nzxmxniX51Tp6A+N Jg43GrUhqdw0Sg== -----END CERTIFICATE-----Generated at Sat Dec 20 22:42:43 2025 by rpki-client