This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft File: q9lqrojvmbTVDknsrpyuSPN4gfc.mft (raw, json) Hash identifier: QYUQq3jrxOT4kxplnaF1rpPHyLDcT+E3DvqVkrXAJcM= Subject key identifier: 99:0B:46:B9:9A:FD:B7:9D:01:E1:A8:0D:B0:16:9C:C4:92:74:B1:B3 Authority key identifier: AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7 Certificate issuer: /CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7 Certificate serial: 019BA07C9D62A3E677626911BBE63B9C6410 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft Manifest number: 040B Signing time: Fri 09 Jan 2026 02:01:19 +0000 Manifest this update: Fri 09 Jan 2026 02:01:19 +0000 Manifest next update: Sat 10 Jan 2026 02:01:19 +0000 Files and hashes: 1: 1-DN9R_xhKOI4mV80WkUcPVaagQc.roa (hash: ASJpdR212uLae0GK1ckKJRJ0hpliZAorVI6HruZ1pYo=) 2: q9lqrojvmbTVDknsrpyuSPN4gfc.crl (hash: RCLRAEo0S0Dsaemwg9Dz8+rpZqsoWsZrFmAqfmrTqbk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 02:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a0:7c:9d:62:a3:e6:77:62:69:11:bb:e6:3b:9c:64:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7 Validity Not Before: Jan 9 02:01:19 2026 GMT Not After : Jan 10 02:01:19 2026 GMT Subject: CN=990b46b99afdb79d01e1a80db0169cc49274b1b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f1:77:10:fd:a3:be:4a:72:1f:0e:05:16:08: a3:10:97:ee:01:1d:ae:fb:33:0e:f8:25:28:4d:06: 46:e6:7a:19:8c:fb:44:04:b2:42:ad:e9:22:1b:da: 06:bb:4c:61:71:9c:51:1f:a1:8d:90:d5:bb:90:bf: c4:1a:ce:ab:8a:22:d9:e1:fc:8d:97:88:9e:9a:cc: dc:b0:88:9e:42:b9:d8:a3:20:1c:23:15:56:56:46: bc:36:4c:4d:4b:e5:f8:d2:42:f6:96:41:1f:c1:45: e2:d8:3c:5f:4e:1d:ca:94:e7:7c:75:31:2b:9d:02: b9:8f:7e:da:78:78:e1:07:c8:7e:5a:4f:f2:1a:e6: 4a:78:57:85:ee:91:a7:69:dc:58:6f:cb:a6:34:a6: 40:33:8c:c3:95:d4:af:d6:30:5e:ee:42:04:d8:b0: 9a:bb:c3:02:15:05:1f:03:8b:d0:23:85:7a:e7:4b: 70:9c:da:57:78:22:9e:56:f1:80:2b:eb:79:c6:6f: 27:52:73:45:22:ad:c1:71:6e:7b:31:26:8e:8c:d9: 14:04:aa:f6:c0:18:44:9b:d7:15:79:9f:4e:ec:56: bd:fc:5e:f6:8b:bb:8d:4b:22:3e:b9:49:85:40:b2: c9:c5:0f:db:dc:e4:b9:95:52:ca:1d:af:76:d8:87: a4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:0B:46:B9:9A:FD:B7:9D:01:E1:A8:0D:B0:16:9C:C4:92:74:B1:B3 X509v3 Authority Key Identifier: keyid:AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:ed:df:b0:6b:a9:e6:ac:67:24:fc:b3:e0:ce:86:a5:ef:c0: 52:df:f9:ba:b9:1c:ad:fd:17:f9:3c:82:07:ca:37:c3:9e:e9: 4b:35:13:aa:45:5d:94:0d:fb:7f:0d:2c:76:af:5b:fc:6d:f7: 92:c9:2c:94:a6:02:21:fb:6f:00:b7:7e:7f:a9:b0:55:e5:2f: 1e:94:d5:41:1e:8b:99:24:84:ac:1d:5c:d3:72:88:ae:b3:90: 20:80:d6:70:c9:cc:d7:e5:1a:d7:8a:57:e7:40:81:7c:ad:1f: b7:7b:31:2f:91:95:96:d5:07:a1:ad:56:cd:aa:61:e0:74:db: 73:58:28:a0:a0:97:5b:f8:af:c1:34:cb:d5:f9:a8:20:8c:32: 84:52:ce:c7:9e:13:2a:e0:84:8c:72:49:88:9b:5c:c8:a1:0f: 90:d1:c0:4b:90:cd:62:f2:34:70:23:ec:0f:71:6d:45:14:10: 20:69:8d:9c:9a:91:09:5d:ce:58:5f:5b:26:9d:30:2e:00:28: 81:ae:80:ca:81:38:16:4c:01:0b:94:c8:91:99:3e:3f:0e:41: 6d:23:22:10:0b:f7:60:96:8a:d3:85:3a:c3:29:a5:6c:04:c8: 25:35:72:73:e2:f1:8e:54:c0:46:8b:f7:91:8c:cb:f7:d2:35: 95:d7:cd:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZugfJ1io+Z3YmkRu+Y7nGQQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiZDk2YWFlODhlZjk5YjRkNTBlNDllY2FlOWNhZTQ4ZjM3 ODgxZjcwHhcNMjYwMTA5MDIwMTE5WhcNMjYwMTEwMDIwMTE5WjAzMTEwLwYDVQQD Eyg5OTBiNDZiOTlhZmRiNzlkMDFlMWE4MGRiMDE2OWNjNDkyNzRiMWIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfF3EP2jvkpyHw4FFgijEJfuAR2u +zMO+CUoTQZG5noZjPtEBLJCrekiG9oGu0xhcZxRH6GNkNW7kL/EGs6riiLZ4fyN l4iemszcsIieQrnYoyAcIxVWVka8NkxNS+X40kL2lkEfwUXi2DxfTh3KlOd8dTEr nQK5j37aeHjhB8h+Wk/yGuZKeFeF7pGnadxYb8umNKZAM4zDldSv1jBe7kIE2LCa u8MCFQUfA4vQI4V650twnNpXeCKeVvGAK+t5xm8nUnNFIq3BcW57MSaOjNkUBKr2 wBhEm9cVeZ9O7Fa9/F72i7uNSyI+uUmFQLLJxQ/b3OS5lVLKHa922IekbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJkLRrma/bedAeGoDbAWnMSSdLGzMB8GA1UdIwQY MBaAFKvZaq6I75m01Q5J7K6crkjzeIH3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTIt N2MzZjhjNDBjNTEwLzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTItN2MzZjhjNDBjNTEw LzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMu3fsGup 5qxnJPyz4M6Gpe/AUt/5urkcrf0X+TyCB8o3w57pSzUTqkVdlA37fw0sdq9b/G33 kskslKYCIftvALd+f6mwVeUvHpTVQR6LmSSErB1c03KIrrOQIIDWcMnM1+Ua14pX 50CBfK0ft3sxL5GVltUHoa1Wzaph4HTbc1gooKCXW/ivwTTL1fmoIIwyhFLOx54T KuCEjHJJiJtcyKEPkNHAS5DNYvI0cCPsD3FtRRQQIGmNnJqRCV3OWF9bJp0wLgAo ga6AyoE4FkwBC5TIkZk+Pw5BbSMiEAv3YJaK04U6wymlbATIJTVyc+LxjlTARov3 kYzL99I1ldfNRQ== -----END CERTIFICATE-----Generated at Fri Jan 9 07:50:56 2026 by rpki-client