This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json) Hash identifier: broSxh45E7BJJUeY5Bkh2iTBGkhZxP7RRR212iEeXX0= Subject key identifier: 46:D5:6D:13:76:2D:1E:F1:7D:60:99:B5:85:4B:49:80:80:39:D0:B5 Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba Certificate serial: 019B74ED15ED18169EA722AFC39D7E3E198C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft Manifest number: 1492 Signing time: Wed 31 Dec 2025 15:00:53 +0000 Manifest this update: Wed 31 Dec 2025 15:00:53 +0000 Manifest next update: Thu 01 Jan 2026 15:00:53 +0000 Files and hashes: 1: 3U4MivbAgZFFTzpri9v9qzr-9Dg.roa (hash: OpxoqQJPTPV/7nPesTeS09o0jfmFmQcqEJLqODzVTIM=) 2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: M4fKb35UHizSOdzs2fejDjeKH9hAzi3M4mwnoErt09k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 15:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:74:ed:15:ed:18:16:9e:a7:22:af:c3:9d:7e:3e:19:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba Validity Not Before: Dec 31 15:00:53 2025 GMT Not After : Jan 1 15:00:53 2026 GMT Subject: CN=46d56d13762d1ef17d6099b5854b49808039d0b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7f:e9:8f:d6:fc:29:44:11:d8:7a:42:5f:da: 23:e6:2c:93:cd:6c:66:04:33:d2:4f:05:10:a0:81: 5d:89:da:8a:10:df:29:75:23:b8:b6:e8:d3:4b:2d: 0f:0a:98:0f:21:00:8b:30:85:f5:76:3b:bb:43:1b: 8d:c0:98:b8:16:d4:23:af:c6:e8:5e:23:c7:06:8e: ef:af:66:0f:f1:7f:cb:e0:7d:6a:3e:68:2a:37:8f: 04:46:0d:d6:99:d1:26:c1:b7:a5:12:e6:97:91:72: b6:45:c8:92:61:96:a7:05:f1:31:ec:f6:78:d2:06: 5f:cc:67:24:e2:aa:b7:fc:e0:ef:6b:91:ec:29:e3: e5:e2:63:82:94:21:94:5c:6b:78:00:7e:06:2e:2d: 27:1c:46:d4:66:17:d2:16:f6:20:d7:49:d1:0e:3d: 94:f8:4f:94:4e:98:be:c1:ed:8c:85:9b:0a:ef:a8: 78:a0:da:07:70:16:9d:5a:d4:f2:93:f7:57:34:23: 6d:01:e9:2a:77:33:89:bc:e0:28:54:eb:5e:d8:91: 14:87:be:26:33:95:44:cb:2f:72:54:ad:ca:e9:7c: 60:5f:9b:d3:85:ca:07:54:7c:fa:2e:23:7c:ae:0b: 58:ab:c3:87:4c:4c:8e:f2:47:42:88:42:d4:f3:2d: e0:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:D5:6D:13:76:2D:1E:F1:7D:60:99:B5:85:4B:49:80:80:39:D0:B5 X509v3 Authority Key Identifier: keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:94:f8:4d:6e:ec:94:ca:31:ce:c4:44:dd:22:4d:46:50:26: 01:18:80:51:4b:90:06:46:86:e6:50:74:b8:85:af:eb:6c:0b: 11:f7:1e:f1:4d:c0:ad:b7:7d:69:94:ea:ac:96:fd:4a:b7:f9: d1:04:82:32:36:26:f0:63:37:3d:8d:8e:58:33:ea:b6:a9:22: 69:18:e3:e5:67:36:1c:ed:98:12:c3:29:86:68:8f:32:a4:3e: ca:f6:3d:18:df:9b:f0:e1:19:5b:43:37:54:30:bf:9a:78:bd: 98:80:8e:9f:b3:25:47:e4:b5:64:34:1a:59:bf:8e:21:20:7c: 76:f7:a7:67:c4:9f:ec:b0:69:c7:e0:24:2e:e5:9d:ea:68:4e: 54:e8:1b:59:49:ae:ff:59:bd:dd:9a:5a:91:1f:14:bc:c7:77: d7:10:dd:64:8b:aa:76:50:fd:eb:db:33:23:61:77:3e:c5:10: d4:77:b2:66:e3:a2:e4:26:52:69:ce:15:94:f8:b1:1e:79:0b: 7a:fc:b9:aa:1c:d1:8b:3e:de:f0:bd:2b:1b:34:85:6e:59:dd: b1:c4:e6:b6:5d:03:35:e7:68:98:a3:e2:d5:b0:4d:53:4b:e7: 85:27:d1:3e:d9:b8:aa:fd:34:d5:45:6d:3e:8f:35:ac:04:f7: c5:33:f6:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt07RXtGBaepyKvw51+PhmMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj NDQ5YmEwHhcNMjUxMjMxMTUwMDUzWhcNMjYwMTAxMTUwMDUzWjAzMTEwLwYDVQQD Eyg0NmQ1NmQxMzc2MmQxZWYxN2Q2MDk5YjU4NTRiNDk4MDgwMzlkMGI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX/pj9b8KUQR2HpCX9oj5iyTzWxm BDPSTwUQoIFdidqKEN8pdSO4tujTSy0PCpgPIQCLMIX1dju7QxuNwJi4FtQjr8bo XiPHBo7vr2YP8X/L4H1qPmgqN48ERg3WmdEmwbelEuaXkXK2RciSYZanBfEx7PZ4 0gZfzGck4qq3/ODva5HsKePl4mOClCGUXGt4AH4GLi0nHEbUZhfSFvYg10nRDj2U +E+UTpi+we2MhZsK76h4oNoHcBadWtTyk/dXNCNtAekqdzOJvOAoVOte2JEUh74m M5VEyy9yVK3K6XxgX5vThcoHVHz6LiN8rgtYq8OHTEyO8kdCiELU8y3g/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbVbRN2LR7xfWCZtYVLSYCAOdC1MB8GA1UdIwQY MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASpT4TW7s lMoxzsRE3SJNRlAmARiAUUuQBkaG5lB0uIWv62wLEfce8U3Arbd9aZTqrJb9Srf5 0QSCMjYm8GM3PY2OWDPqtqkiaRjj5Wc2HO2YEsMphmiPMqQ+yvY9GN+b8OEZW0M3 VDC/mni9mICOn7MlR+S1ZDQaWb+OISB8dvenZ8Sf7LBpx+AkLuWd6mhOVOgbWUmu /1m93ZpakR8UvMd31xDdZIuqdlD969szI2F3PsUQ1HeyZuOi5CZSac4VlPixHnkL evy5qhzRiz7e8L0rGzSFblndscTmtl0DNedomKPi1bBNU0vnhSfRPtm4qv001UVt Po81rAT3xTP2VA== -----END CERTIFICATE-----Generated at Wed Dec 31 23:03:48 2025 by rpki-client