This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft File: q9lqrojvmbTVDknsrpyuSPN4gfc.mft (raw, json) Hash identifier: B0zwh5DOC0IoQawS9ymgXEgbrlRTXN4fRiISSt2yKCY= Subject key identifier: D4:D9:8B:73:00:07:FF:6D:F7:A8:AA:0F:8B:BD:6D:CF:D7:BD:99:50 Authority key identifier: AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7 Certificate issuer: /CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7 Certificate serial: 019B72227626EC6F282F445CE3D8A1727065 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft Manifest number: 03F2 Signing time: Wed 31 Dec 2025 02:00:19 +0000 Manifest this update: Wed 31 Dec 2025 02:00:19 +0000 Manifest next update: Thu 01 Jan 2026 02:00:19 +0000 Files and hashes: 1: jOBsmTZZQR2oFpHPynuOSfcKlhQ.roa (hash: HS2UqrHXUPTUg04Ke/uHXIU8tldEPiGgxWt1zu5k5H0=) 2: q9lqrojvmbTVDknsrpyuSPN4gfc.crl (hash: JN84opfDHItABxeE3mvUTZeOq449jb8cfi7bdhQLWiM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:72:22:76:26:ec:6f:28:2f:44:5c:e3:d8:a1:72:70:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7 Validity Not Before: Dec 31 02:00:19 2025 GMT Not After : Jan 1 02:00:19 2026 GMT Subject: CN=d4d98b730007ff6df7a8aa0f8bbd6dcfd7bd9950 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f2:6a:ec:26:be:9e:4e:4f:f0:a8:c6:fa:be: ea:3c:da:09:28:6a:bc:2a:dd:7c:8f:9a:1c:74:01: 97:ef:33:5e:d6:f7:18:43:24:cb:60:cf:83:44:8c: 06:3a:dc:29:00:6e:5e:29:dc:9d:2b:f9:6c:43:27: 12:af:59:dc:b4:db:7a:9f:c4:69:9f:d4:ad:cf:69: 1b:f1:bd:17:b0:1e:92:5a:fe:d3:09:a9:4a:71:2d: b2:18:04:a4:90:ac:3b:10:b2:e0:5f:a4:00:4e:87: 35:16:1a:81:0a:cc:a5:57:cd:3d:56:9f:2d:63:26: e5:b7:94:0b:84:35:01:4d:d3:a3:ad:5f:11:8b:b8: aa:f6:58:c6:a6:8a:29:0c:1f:65:16:f7:02:4b:2c: 72:b1:01:72:55:ae:3a:61:80:a7:75:0b:ac:61:85: e5:59:27:4e:1e:3d:14:ef:4d:e6:ff:8f:cd:1a:f4: b9:e1:d1:dd:9f:dd:c6:24:8e:68:c4:07:a3:e3:33: 94:ea:82:67:d4:e6:e1:14:5a:47:24:76:a2:50:c5: b6:a8:f4:85:90:d3:13:86:0f:6f:82:a5:4a:70:cf: c3:71:09:6e:eb:32:ca:3a:bb:4e:8c:05:01:e9:cc: d4:c1:e8:84:2b:9e:ee:e0:d0:96:14:53:5a:e0:ce: ff:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:D9:8B:73:00:07:FF:6D:F7:A8:AA:0F:8B:BD:6D:CF:D7:BD:99:50 X509v3 Authority Key Identifier: keyid:AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:9c:2f:4d:03:39:8f:58:b2:2d:49:7a:3a:d5:7b:d7:72:0d: 29:c5:07:ea:37:9a:88:5f:ac:7d:f2:0b:ea:7e:da:b0:a8:b0: 27:c7:ce:85:7d:8e:d9:1f:ce:0f:35:bd:07:02:7f:09:df:02: 14:a6:83:0a:fe:00:2b:c7:ad:b7:d5:29:5d:4a:75:47:32:bd: a6:bb:33:a5:97:62:90:d8:d0:2a:91:f2:92:ff:fb:29:d2:89: 6a:1f:25:c6:a5:e4:5e:58:9d:ba:51:5b:a0:4b:04:98:70:14: c7:c2:1c:78:d2:f1:eb:d4:f1:9f:9b:30:3b:11:68:74:a4:c5: 31:8d:f1:75:75:c2:d4:48:b2:8e:28:98:b2:e9:75:16:b6:c9: f2:d6:72:26:ed:06:59:c3:8d:fa:6a:85:09:4f:86:73:f4:d0: 02:0a:8f:be:99:8b:a3:76:3c:a3:09:f3:eb:70:7a:eb:da:27: 92:76:e8:d4:0f:88:e0:7b:0f:af:8b:c5:bf:a2:af:19:b5:f7: f7:08:d9:70:55:9b:53:ff:f1:5a:8a:7f:d5:c6:58:26:f1:3f: 38:3a:e6:2a:c2:fc:15:6c:15:90:14:6b:fd:71:8d:1c:d3:b9: b4:4d:84:35:a5:36:82:f7:e0:eb:50:19:c0:64:8f:e5:85:f1: 81:e0:0d:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtyInYm7G8oL0Rc49ihcnBlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiZDk2YWFlODhlZjk5YjRkNTBlNDllY2FlOWNhZTQ4ZjM3 ODgxZjcwHhcNMjUxMjMxMDIwMDE5WhcNMjYwMTAxMDIwMDE5WjAzMTEwLwYDVQQD EyhkNGQ5OGI3MzAwMDdmZjZkZjdhOGFhMGY4YmJkNmRjZmQ3YmQ5OTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufJq7Ca+nk5P8KjG+r7qPNoJKGq8 Kt18j5ocdAGX7zNe1vcYQyTLYM+DRIwGOtwpAG5eKdydK/lsQycSr1nctNt6n8Rp n9Stz2kb8b0XsB6SWv7TCalKcS2yGASkkKw7ELLgX6QAToc1FhqBCsylV809Vp8t Yyblt5QLhDUBTdOjrV8Ri7iq9ljGpoopDB9lFvcCSyxysQFyVa46YYCndQusYYXl WSdOHj0U703m/4/NGvS54dHdn93GJI5oxAej4zOU6oJn1ObhFFpHJHaiUMW2qPSF kNMThg9vgqVKcM/DcQlu6zLKOrtOjAUB6czUweiEK57u4NCWFFNa4M7/TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNTZi3MAB/9t96iqD4u9bc/XvZlQMB8GA1UdIwQY MBaAFKvZaq6I75m01Q5J7K6crkjzeIH3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTIt N2MzZjhjNDBjNTEwLzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTItN2MzZjhjNDBjNTEw LzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZpwvTQM5 j1iyLUl6OtV713INKcUH6jeaiF+sffIL6n7asKiwJ8fOhX2O2R/ODzW9BwJ/Cd8C FKaDCv4AK8ett9UpXUp1RzK9prszpZdikNjQKpHykv/7KdKJah8lxqXkXlidulFb oEsEmHAUx8IceNLx69Txn5swOxFodKTFMY3xdXXC1EiyjiiYsul1FrbJ8tZyJu0G WcON+mqFCU+Gc/TQAgqPvpmLo3Y8ownz63B669onknbo1A+I4HsPr4vFv6KvGbX3 9wjZcFWbU//xWop/1cZYJvE/ODrmKsL8FWwVkBRr/XGNHNO5tE2ENaU2gvfg61AZ wGSP5YXxgeANew== -----END CERTIFICATE-----Generated at Wed Dec 31 03:42:08 2025 by rpki-client