This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.mft File: qnv9Qg21yuutoaIFXYe8faKwnAc.mft (raw, json) Hash identifier: NyIphLPG2Wdxb3SfIC9jsH6tlOKn3W4Lyfmf97cw0jw= Subject key identifier: 0B:97:8B:DA:20:6A:7F:9C:74:49:27:DA:CC:87:37:0F:59:69:84:95 Authority key identifier: AA:7B:FD:42:0D:B5:CA:EB:AD:A1:A2:05:5D:87:BC:7D:A2:B0:9C:07 Certificate issuer: /CN=aa7bfd420db5caebada1a2055d87bc7da2b09c07 Certificate serial: 019B3D90F53B798C606E6268CEBA5D5F71F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.mft Manifest number: 0228 Signing time: Sat 20 Dec 2025 21:01:08 +0000 Manifest this update: Sat 20 Dec 2025 21:01:08 +0000 Manifest next update: Sun 21 Dec 2025 21:01:08 +0000 Files and hashes: 1: du9Q9bL5BOWedJK9qhvdrfuTC6E.roa (hash: yMHVcCfWCQ3tfd7XRi0bmpwcyLFeWTkztgI3BA0HK6Y=) 2: qnv9Qg21yuutoaIFXYe8faKwnAc.crl (hash: K2NDMwaZcOuXv1ORrA9kHcss4D9aHg7ZtEioieMkbh8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.crl rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.mft rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 21:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:f5:3b:79:8c:60:6e:62:68:ce:ba:5d:5f:71:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa7bfd420db5caebada1a2055d87bc7da2b09c07 Validity Not Before: Dec 20 21:01:08 2025 GMT Not After : Dec 21 21:01:08 2025 GMT Subject: CN=0b978bda206a7f9c744927dacc87370f59698495 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:4c:3d:11:32:d8:64:45:1d:f2:7c:81:e6:dd: f0:c1:f5:a2:fb:e3:41:96:8e:be:af:51:22:15:af: c5:48:c9:74:3c:3c:77:d5:ff:f1:54:d2:90:02:ba: 75:4e:78:e7:a4:11:be:2e:c6:84:3b:f0:76:e4:fb: aa:ba:8d:63:25:a7:ee:ac:85:9f:b0:65:ca:30:15: aa:ba:e1:95:2e:37:cc:11:f6:e7:fe:2b:69:73:86: ac:20:76:b6:fe:a8:53:ce:fb:2e:33:76:3f:f6:8f: 7c:76:9d:57:e5:bc:d2:bf:6c:9d:3f:5f:b8:11:62: 3a:05:4b:ee:d4:00:01:04:ee:22:df:22:60:6b:95: 2c:1d:a2:44:44:ba:4a:3d:a1:b0:75:a6:42:dd:f6: 71:c8:94:27:4f:af:1f:d8:d4:e7:44:9b:fe:96:8a: ce:46:94:83:49:ce:5a:10:6e:65:71:41:a1:7e:08: 34:64:0a:3a:e2:af:ac:0b:00:d4:98:0f:57:2e:88: ea:7e:da:2c:54:ff:37:7d:06:17:b8:5f:c1:8b:e2: 1f:c5:02:a2:7b:06:e5:00:ab:ce:4c:f0:87:2e:f9: 43:c7:44:2c:4f:02:31:a2:10:cd:0b:23:32:a8:3a: 40:d6:63:c5:56:43:89:c6:f5:d3:aa:bd:6a:98:bf: 83:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:97:8B:DA:20:6A:7F:9C:74:49:27:DA:CC:87:37:0F:59:69:84:95 X509v3 Authority Key Identifier: keyid:AA:7B:FD:42:0D:B5:CA:EB:AD:A1:A2:05:5D:87:BC:7D:A2:B0:9C:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnv9Qg21yuutoaIFXYe8faKwnAc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/55bd95-c637-451b-b07c-79b409c1bd38/1/qnv9Qg21yuutoaIFXYe8faKwnAc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:72:93:ad:7a:93:73:4f:11:a8:14:79:51:41:04:2d:b1:98: 89:4b:68:f2:11:49:09:0b:0e:c1:cf:cc:ea:8e:46:cf:d8:f5: d8:9f:7a:25:df:b1:9f:c4:28:a0:da:1c:08:7f:13:3f:1b:cc: 4d:8b:46:00:fa:3a:cc:32:5d:6d:05:c6:70:63:fa:ce:b4:5f: b5:6a:94:b9:46:06:66:51:96:a6:c9:26:a9:ab:3d:e8:07:e6: 7b:d0:57:8d:2a:03:f7:aa:cc:45:8b:25:43:4a:e2:e5:fa:1e: 35:e4:f9:9b:fc:f4:f5:2c:50:a8:13:be:9e:1f:38:fa:e3:03: e4:f1:00:4d:f3:bc:21:9d:1a:0f:52:bd:a6:ee:99:e0:c1:f1: 0f:e8:09:9b:8c:88:cd:4e:82:b2:24:0c:e2:72:f2:24:c9:2c: e1:a6:f0:72:a3:0c:0e:56:9d:2b:e4:01:cd:f5:4b:b4:37:74: ff:ed:43:a4:82:a7:3c:60:fb:56:25:72:6b:dd:76:11:b2:ea: fe:f1:06:e5:0f:23:b6:c9:81:58:16:a0:e4:3a:dd:21:a0:b0: e6:ba:52:24:fd:fb:fc:ee:84:b8:f4:c0:24:93:4c:2f:cf:0c: fb:41:76:47:3f:6d:3d:90:29:6f:b8:b5:5f:55:16:d4:41:14: ce:35:91:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kPU7eYxgbmJozrpdX3HyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhN2JmZDQyMGRiNWNhZWJhZGExYTIwNTVkODdiYzdkYTJi MDljMDcwHhcNMjUxMjIwMjEwMTA4WhcNMjUxMjIxMjEwMTA4WjAzMTEwLwYDVQQD EygwYjk3OGJkYTIwNmE3ZjljNzQ0OTI3ZGFjYzg3MzcwZjU5Njk4NDk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ew9ETLYZEUd8nyB5t3wwfWi++NB lo6+r1EiFa/FSMl0PDx31f/xVNKQArp1TnjnpBG+LsaEO/B25Puquo1jJafurIWf sGXKMBWquuGVLjfMEfbn/itpc4asIHa2/qhTzvsuM3Y/9o98dp1X5bzSv2ydP1+4 EWI6BUvu1AABBO4i3yJga5UsHaJERLpKPaGwdaZC3fZxyJQnT68f2NTnRJv+lorO RpSDSc5aEG5lcUGhfgg0ZAo64q+sCwDUmA9XLojqftosVP83fQYXuF/Bi+IfxQKi ewblAKvOTPCHLvlDx0QsTwIxohDNCyMyqDpA1mPFVkOJxvXTqr1qmL+D3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAuXi9ogan+cdEkn2syHNw9ZaYSVMB8GA1UdIwQY MBaAFKp7/UINtcrrraGiBV2HvH2isJwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS81NWJkOTUtYzYzNy00NTFiLWIwN2Mt NzliNDA5YzFiZDM4LzEvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS81NWJkOTUtYzYzNy00NTFiLWIwN2MtNzliNDA5YzFiZDM4 LzEvcW52OVFnMjF5dXV0b2FJRlhZZThmYUt3bkFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATHKTrXqT c08RqBR5UUEELbGYiUto8hFJCQsOwc/M6o5Gz9j12J96Jd+xn8QooNocCH8TPxvM TYtGAPo6zDJdbQXGcGP6zrRftWqUuUYGZlGWpskmqas96Afme9BXjSoD96rMRYsl Q0ri5foeNeT5m/z09SxQqBO+nh84+uMD5PEATfO8IZ0aD1K9pu6Z4MHxD+gJm4yI zU6CsiQM4nLyJMks4abwcqMMDladK+QBzfVLtDd0/+1DpIKnPGD7ViVya912EbLq /vEG5Q8jtsmBWBag5DrdIaCw5rpSJP37/O6EuPTAJJNML88M+0F2Rz9tPZApb7i1 X1UW1EEUzjWRmA== -----END CERTIFICATE-----Generated at Sun Dec 21 06:01:52 2025 by rpki-client