This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft File: sqvUconMbNnByAJ0KiztUMY0vTs.mft (raw, json) Hash identifier: H0+CZbxAkwLQN5uNO8Q3P8aUSgjz+Jvbr0Cw31hxGL0= Subject key identifier: 0D:75:7F:2C:30:53:5E:38:03:7C:D3:CC:CE:BF:D1:C6:7A:B1:23:DF Authority key identifier: B2:AB:D4:72:89:CC:6C:D9:C1:C8:02:74:2A:2C:ED:50:C6:34:BD:3B Certificate issuer: /CN=b2abd47289cc6cd9c1c802742a2ced50c634bd3b Certificate serial: 019B717E954CCFD4B73BA0D3EB160D6F43CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sqvUconMbNnByAJ0KiztUMY0vTs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft Manifest number: 0977 Signing time: Tue 30 Dec 2025 23:01:19 +0000 Manifest this update: Tue 30 Dec 2025 23:01:19 +0000 Manifest next update: Wed 31 Dec 2025 23:01:19 +0000 Files and hashes: 1: sqvUconMbNnByAJ0KiztUMY0vTs.crl (hash: Dc2RUBYtb+6DW0XRMdw9wlJBm20zSDD7yGTNRUa5X54=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.crl rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft rsync://rpki.ripe.net/repository/DEFAULT/sqvUconMbNnByAJ0KiztUMY0vTs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:7e:95:4c:cf:d4:b7:3b:a0:d3:eb:16:0d:6f:43:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2abd47289cc6cd9c1c802742a2ced50c634bd3b Validity Not Before: Dec 30 23:01:19 2025 GMT Not After : Dec 31 23:01:19 2025 GMT Subject: CN=0d757f2c30535e38037cd3cccebfd1c67ab123df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:61:57:b0:e9:f7:6e:2a:20:d8:9b:2e:66:1d: 89:bc:35:b9:46:fb:6c:6d:f2:42:37:db:69:3f:4d: b1:79:7f:b6:95:50:a1:bd:f8:a9:18:a4:aa:e0:48: 9f:79:f4:9e:6e:a1:0b:af:14:a4:9c:c1:13:56:48: 10:ea:b1:5b:a9:43:21:4a:c5:0b:bc:c1:5b:0a:e1: 1e:ad:55:82:6f:f6:61:66:f6:e9:97:bf:dd:9b:de: f3:9e:ee:1c:5f:0f:3a:98:ec:e6:69:8d:61:81:8f: 04:db:8c:9f:f1:4d:f4:6c:d7:f0:fd:90:27:48:c0: f8:d9:4a:2d:63:48:6f:a2:2d:f7:52:e5:6c:8e:48: 7f:9d:d0:f0:ac:24:d5:8c:6d:63:1c:dd:6a:90:d7: a6:fb:33:74:2f:ec:33:16:34:94:6f:79:00:34:05: 87:11:32:3e:ec:0c:20:91:6e:c8:68:f1:c8:47:f7: 1e:2a:a0:9c:3c:1d:bf:1e:77:55:08:9c:fa:09:45: 27:f5:53:fa:d4:4a:f4:bf:14:e8:12:b5:e1:1b:72: 9e:ab:d4:99:ab:59:da:a7:8d:98:e2:00:1b:8e:1a: 0c:4c:ad:07:ae:e0:4c:1e:05:fe:e9:73:84:c3:23: 8a:7e:ba:02:fc:ca:32:37:53:1a:95:e5:53:09:2b: 00:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:75:7F:2C:30:53:5E:38:03:7C:D3:CC:CE:BF:D1:C6:7A:B1:23:DF X509v3 Authority Key Identifier: keyid:B2:AB:D4:72:89:CC:6C:D9:C1:C8:02:74:2A:2C:ED:50:C6:34:BD:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqvUconMbNnByAJ0KiztUMY0vTs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4bf4c5-02ac-4346-afbc-e879a6027907/1/sqvUconMbNnByAJ0KiztUMY0vTs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:9c:e9:73:78:6b:3e:06:d4:0b:46:52:db:d8:46:ff:41:13: 19:b8:b1:66:12:77:55:4a:4d:a5:94:04:40:45:26:f1:c3:31: 9e:71:68:a1:29:a2:38:84:89:87:95:01:95:fe:b8:20:60:c5: 04:db:f1:78:30:56:ee:51:3a:d5:e0:e3:65:10:c6:f6:7d:4b: be:97:2c:db:5e:2c:cb:cd:46:3b:a7:73:5e:69:74:96:65:c0: e1:a2:4d:ef:4a:ab:02:07:7a:d4:a6:4e:dc:29:2d:1d:5b:82: 14:ce:4d:d6:40:bf:fa:77:a7:69:a3:b1:60:fa:6f:56:e9:55: 27:75:17:e9:6b:a6:4e:cc:b9:67:eb:51:da:23:36:f4:8f:9b: 8e:59:b4:e7:2d:74:ac:e1:8a:51:a2:8b:3d:fd:0d:ea:be:6d: b5:34:ce:0b:53:6e:07:9a:ce:32:c2:ce:d6:6d:e1:3d:40:fe: 4b:5f:c9:e4:29:b5:19:4d:a2:21:b0:51:38:3d:94:56:2c:e9: d5:b7:53:ca:a4:b0:ff:c6:b4:0e:28:6e:4c:b9:a7:24:88:e6: f1:67:a6:50:fc:0e:83:65:c5:c5:26:65:81:93:5a:8f:cd:da: 96:ab:ab:6f:8e:6f:8d:bd:f3:5f:32:2e:54:6a:2d:f3:8c:cc: 2b:36:00:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxfpVMz9S3O6DT6xYNb0PKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyYWJkNDcyODljYzZjZDljMWM4MDI3NDJhMmNlZDUwYzYz NGJkM2IwHhcNMjUxMjMwMjMwMTE5WhcNMjUxMjMxMjMwMTE5WjAzMTEwLwYDVQQD EygwZDc1N2YyYzMwNTM1ZTM4MDM3Y2QzY2NjZWJmZDFjNjdhYjEyM2RmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2FXsOn3biog2JsuZh2JvDW5Rvts bfJCN9tpP02xeX+2lVChvfipGKSq4EifefSebqELrxSknMETVkgQ6rFbqUMhSsUL vMFbCuEerVWCb/ZhZvbpl7/dm97znu4cXw86mOzmaY1hgY8E24yf8U30bNfw/ZAn SMD42UotY0hvoi33UuVsjkh/ndDwrCTVjG1jHN1qkNem+zN0L+wzFjSUb3kANAWH ETI+7AwgkW7IaPHIR/ceKqCcPB2/HndVCJz6CUUn9VP61Er0vxToErXhG3Keq9SZ q1nap42Y4gAbjhoMTK0HruBMHgX+6XOEwyOKfroC/MoyN1MaleVTCSsALQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA11fywwU144A3zTzM6/0cZ6sSPfMB8GA1UdIwQY MBaAFLKr1HKJzGzZwcgCdCos7VDGNL07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3F2VWNvbk1iTm5CeUFKMEtpenRVTVkwdlRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80YmY0YzUtMDJhYy00MzQ2LWFmYmMt ZTg3OWE2MDI3OTA3LzEvc3F2VWNvbk1iTm5CeUFKMEtpenRVTVkwdlRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS80YmY0YzUtMDJhYy00MzQ2LWFmYmMtZTg3OWE2MDI3OTA3 LzEvc3F2VWNvbk1iTm5CeUFKMEtpenRVTVkwdlRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZzpc3hr PgbUC0ZS29hG/0ETGbixZhJ3VUpNpZQEQEUm8cMxnnFooSmiOISJh5UBlf64IGDF BNvxeDBW7lE61eDjZRDG9n1Lvpcs214sy81GO6dzXml0lmXA4aJN70qrAgd61KZO 3CktHVuCFM5N1kC/+nenaaOxYPpvVulVJ3UX6WumTsy5Z+tR2iM29I+bjlm05y10 rOGKUaKLPf0N6r5ttTTOC1NuB5rOMsLO1m3hPUD+S1/J5Cm1GU2iIbBROD2UVizp 1bdTyqSw/8a0DihuTLmnJIjm8WemUPwOg2XFxSZlgZNaj83alqurb45vjb3zXzIu VGot84zMKzYArw== -----END CERTIFICATE-----Generated at Wed Dec 31 03:31:30 2025 by rpki-client