This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft File: DQh0szPjXfFP2XDhiVgdoJO8gJM.mft (raw, json) Hash identifier: n++JNX1qI/h95O5QQa/ZUKLsM0cpPXLEYAJyEKjslQ4= Subject key identifier: FD:A2:CE:6A:2B:D7:BA:37:68:4A:E6:C4:30:56:8E:D0:94:B2:7D:6B Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93 Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093 Certificate serial: 019B40C8A4ABC1C3CF3D5D40ECA47C66019D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft Manifest number: 1790 Signing time: Sun 21 Dec 2025 12:00:49 +0000 Manifest this update: Sun 21 Dec 2025 12:00:49 +0000 Manifest next update: Mon 22 Dec 2025 12:00:49 +0000 Files and hashes: 1: DQh0szPjXfFP2XDhiVgdoJO8gJM.crl (hash: Hw8WgwWfE+uo/DMQtouZuzIEc7PjAsTlp/RF9xLGn8s=) 2: KXd_5OhpNxA2dAEUBM7BRlNmng0.roa (hash: naKbPeMlQvH49cTjg2nRiud0MzlhFN73NWmhIANkiB0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:a4:ab:c1:c3:cf:3d:5d:40:ec:a4:7c:66:01:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093 Validity Not Before: Dec 21 12:00:49 2025 GMT Not After : Dec 22 12:00:49 2025 GMT Subject: CN=fda2ce6a2bd7ba37684ae6c430568ed094b27d6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:43:60:eb:50:00:7d:4d:b8:b1:ed:64:13:58: 07:6b:b0:5b:74:81:42:de:0d:e8:71:48:28:9f:54: c8:81:f9:e1:97:b1:d3:83:62:04:ea:27:00:f0:87: 9c:95:95:38:c3:5d:a3:c2:f5:d4:b9:1c:90:c8:78: b8:2f:cc:a1:98:4b:29:67:84:a8:46:a9:69:15:fe: e6:b2:95:f0:51:eb:45:42:b6:8b:34:b8:e4:1e:16: 9f:ef:2a:cd:20:cd:b2:4e:dc:99:98:28:92:a4:5c: 25:ad:5c:7e:9b:4e:10:36:e6:81:c9:31:84:8a:62: 4b:10:a3:3f:81:a5:2e:11:b0:e5:ef:6a:b5:b9:7d: 64:11:16:78:34:d0:1e:42:38:09:ff:ef:75:30:dc: 1a:bd:e1:e9:46:e8:c7:63:72:7d:95:ab:ba:d7:18: cb:49:e3:eb:4f:ff:10:e1:36:07:4a:36:f2:a4:5d: 90:ba:bf:4a:e8:a6:ce:b0:e6:11:69:c2:6b:fd:3f: 10:a4:90:f0:30:37:b0:3b:9c:23:d0:63:0f:43:63: 24:e2:fb:da:dc:0c:90:aa:14:7d:65:8b:99:e2:6c: 09:bd:3d:36:88:88:c2:7e:26:73:ac:af:fd:3f:5a: 33:75:e9:fc:5a:ec:9d:d2:5c:63:ef:29:2e:ab:ff: 2e:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:A2:CE:6A:2B:D7:BA:37:68:4A:E6:C4:30:56:8E:D0:94:B2:7D:6B X509v3 Authority Key Identifier: keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:b5:98:28:bb:3c:5f:45:55:af:14:39:24:7c:d8:43:f0:f3: aa:2a:53:99:38:cb:34:49:16:87:37:07:61:97:db:b0:99:ee: 21:43:7b:72:af:d1:1f:2c:74:f4:a0:49:dc:f1:7b:94:15:5d: cc:5d:b4:0e:cb:3e:8b:26:33:9e:17:83:a3:cf:1a:80:19:72: ef:37:c6:28:88:44:43:23:dd:f7:30:dd:41:31:42:14:b2:66: 11:4d:51:e0:18:54:46:f8:fc:be:47:d7:72:8d:c4:02:7a:cf: 6d:10:ce:01:56:49:0e:f2:1f:84:fa:85:15:7b:16:9d:48:9c: be:3d:08:45:2e:51:88:ab:61:cf:c5:30:98:1f:71:b1:83:ba: 6a:1d:9a:4e:b7:9e:7d:d4:fd:50:4c:2e:cf:42:f9:ad:08:2c: 0f:f0:a9:fa:8b:2b:6a:83:57:52:90:33:66:a7:ef:7c:dd:1d: 01:bb:86:28:18:86:ea:ab:c4:aa:fe:ea:a6:c7:bf:a0:ca:ea: a7:35:80:06:fe:7b:c6:f1:2c:e0:bd:6e:04:98:16:2e:c9:85: 36:2b:08:68:c2:da:cc:b0:2a:43:37:7d:30:9d:5c:98:87:c7: a2:88:03:af:bb:fc:e1:c0:44:3a:ba:74:ac:e0:bf:be:28:73: bf:61:24:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyKSrwcPPPV1A7KR8ZgGdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi YzgwOTMwHhcNMjUxMjIxMTIwMDQ5WhcNMjUxMjIyMTIwMDQ5WjAzMTEwLwYDVQQD EyhmZGEyY2U2YTJiZDdiYTM3Njg0YWU2YzQzMDU2OGVkMDk0YjI3ZDZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyENg61AAfU24se1kE1gHa7BbdIFC 3g3ocUgon1TIgfnhl7HTg2IE6icA8IeclZU4w12jwvXUuRyQyHi4L8yhmEspZ4So RqlpFf7mspXwUetFQraLNLjkHhaf7yrNIM2yTtyZmCiSpFwlrVx+m04QNuaByTGE imJLEKM/gaUuEbDl72q1uX1kERZ4NNAeQjgJ/+91MNwaveHpRujHY3J9lau61xjL SePrT/8Q4TYHSjbypF2Qur9K6KbOsOYRacJr/T8QpJDwMDewO5wj0GMPQ2Mk4vva 3AyQqhR9ZYuZ4mwJvT02iIjCfiZzrK/9P1ozden8Wuyd0lxj7ykuq/8uqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP2izmor17o3aErmxDBWjtCUsn1rMB8GA1UdIwQY MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt MzE4MWRiOTExYTEzLzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAbWYKLs8 X0VVrxQ5JHzYQ/DzqipTmTjLNEkWhzcHYZfbsJnuIUN7cq/RHyx09KBJ3PF7lBVd zF20Dss+iyYznheDo88agBly7zfGKIhEQyPd9zDdQTFCFLJmEU1R4BhURvj8vkfX co3EAnrPbRDOAVZJDvIfhPqFFXsWnUicvj0IRS5RiKthz8UwmB9xsYO6ah2aTree fdT9UEwuz0L5rQgsD/Cp+osraoNXUpAzZqfvfN0dAbuGKBiG6qvEqv7qpse/oMrq pzWABv57xvEs4L1uBJgWLsmFNisIaMLazLAqQzd9MJ1cmIfHoogDr7v84cBEOrp0 rOC/vihzv2Ekeg== -----END CERTIFICATE-----Generated at Sun Dec 21 19:17:27 2025 by rpki-client