This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft File: DQh0szPjXfFP2XDhiVgdoJO8gJM.mft (raw, json) Hash identifier: KwcL+b1IW8lxqUDZ01BNU1r24v8P4VhIXBr+McHwcAc= Subject key identifier: 9A:65:76:D4:4B:79:A6:BF:CC:69:8C:9A:9F:B4:21:24:80:87:1E:98 Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93 Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093 Certificate serial: 019B4E4D58C7453569C4BEC0C893CAF4C6EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft Manifest number: 1797 Signing time: Wed 24 Dec 2025 03:00:50 +0000 Manifest this update: Wed 24 Dec 2025 03:00:50 +0000 Manifest next update: Thu 25 Dec 2025 03:00:50 +0000 Files and hashes: 1: DQh0szPjXfFP2XDhiVgdoJO8gJM.crl (hash: KFWV3PSYjs+mVT4Iwht8x18aTPvTeJsynaafVw7RLA0=) 2: KXd_5OhpNxA2dAEUBM7BRlNmng0.roa (hash: naKbPeMlQvH49cTjg2nRiud0MzlhFN73NWmhIANkiB0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:4d:58:c7:45:35:69:c4:be:c0:c8:93:ca:f4:c6:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093 Validity Not Before: Dec 24 03:00:50 2025 GMT Not After : Dec 25 03:00:50 2025 GMT Subject: CN=9a6576d44b79a6bfcc698c9a9fb4212480871e98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d9:e1:d0:00:3e:a5:69:3f:1f:f3:f5:c0:2c: e6:b4:b1:46:d1:14:53:b3:c4:36:ce:25:b4:da:85: 38:4f:75:6f:71:da:d4:2a:3b:11:4f:60:94:2c:e6: 30:06:a5:7b:5b:e4:66:0d:39:6e:e8:b6:d9:9f:50: 1a:9a:cb:f1:6c:b8:5a:9b:95:b2:12:eb:89:c9:1f: 1e:73:4f:65:bc:cd:5b:de:b3:bb:46:e1:31:1f:34: e9:f0:c3:ef:8f:66:68:29:ac:47:d6:af:2f:80:1e: df:44:98:4e:27:b4:21:9b:70:24:74:82:38:1f:ea: 7f:ee:a1:ad:1a:01:c4:0a:15:e8:f7:38:f9:15:87: c9:ca:fb:7a:f4:3b:a2:15:39:1b:67:83:7b:f9:48: e3:05:57:f0:27:b2:dc:7b:a6:a7:15:e0:ed:d2:88: df:14:5d:ce:3a:06:bc:9c:a3:6d:ad:32:b0:6b:5e: f8:08:29:96:c0:5e:a8:e9:dd:66:18:4d:55:da:47: 93:5a:21:b8:5e:d2:ad:e9:70:2d:bd:b8:5c:d3:1a: ef:1c:e7:58:92:b6:ad:3e:61:6c:50:62:32:36:3a: 37:05:5e:38:36:cf:62:24:71:1a:4c:f9:76:98:62: 2e:fe:18:bc:f3:ab:59:28:fb:c7:fc:ed:52:f6:9a: 2b:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:65:76:D4:4B:79:A6:BF:CC:69:8C:9A:9F:B4:21:24:80:87:1E:98 X509v3 Authority Key Identifier: keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:88:ba:f9:03:22:9e:70:d7:b5:9b:6e:4a:af:82:55:bb:f2: a5:6a:30:ea:56:6a:5c:56:ec:27:02:ef:a1:dc:a3:a2:ae:75: a5:43:44:a7:45:a9:e2:fb:21:94:84:49:4c:55:0b:90:9f:b3: 90:07:02:cd:b4:ab:5b:08:66:ea:4b:b6:d9:eb:c7:8d:73:6f: 73:b1:24:db:43:c2:56:6b:cd:b5:ca:a4:87:d8:de:c3:40:5b: 72:89:33:ce:0d:ab:21:9e:70:b1:f3:b8:40:db:fd:1a:94:e5: db:9f:e3:b7:8c:7d:00:cc:23:de:6d:55:a1:23:55:20:cb:3b: 81:ec:87:8d:f8:b4:19:79:44:3a:21:f8:3b:9d:02:35:44:c6: 06:91:8a:ad:a5:ee:d4:c8:f5:8e:ab:d6:34:75:71:00:7d:24: 55:87:1f:73:f0:54:5b:60:b8:e8:1c:46:e9:b0:d4:1f:97:e9: 82:a7:4b:85:e4:96:c2:6f:2a:11:2f:e4:41:71:66:92:b2:39: bf:2b:b8:8b:fc:4a:60:48:5d:69:39:4e:ca:73:9f:00:f2:c8: 2a:6a:f3:85:59:af:53:ef:c3:ac:a4:79:44:b8:be:07:06:95: ef:86:8a:fd:e8:f1:0e:39:72:2c:c5:74:3d:14:bc:7f:8c:a4: 31:45:b3:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOTVjHRTVpxL7AyJPK9MbvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi YzgwOTMwHhcNMjUxMjI0MDMwMDUwWhcNMjUxMjI1MDMwMDUwWjAzMTEwLwYDVQQD Eyg5YTY1NzZkNDRiNzlhNmJmY2M2OThjOWE5ZmI0MjEyNDgwODcxZTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdnh0AA+pWk/H/P1wCzmtLFG0RRT s8Q2ziW02oU4T3VvcdrUKjsRT2CULOYwBqV7W+RmDTlu6LbZn1AamsvxbLham5Wy EuuJyR8ec09lvM1b3rO7RuExHzTp8MPvj2ZoKaxH1q8vgB7fRJhOJ7Qhm3AkdII4 H+p/7qGtGgHEChXo9zj5FYfJyvt69DuiFTkbZ4N7+UjjBVfwJ7Lce6anFeDt0ojf FF3OOga8nKNtrTKwa174CCmWwF6o6d1mGE1V2keTWiG4XtKt6XAtvbhc0xrvHOdY kratPmFsUGIyNjo3BV44Ns9iJHEaTPl2mGIu/hi886tZKPvH/O1S9porZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJpldtRLeaa/zGmMmp+0ISSAhx6YMB8GA1UdIwQY MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt MzE4MWRiOTExYTEzLzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaoi6+QMi nnDXtZtuSq+CVbvypWow6lZqXFbsJwLvodyjoq51pUNEp0Wp4vshlIRJTFULkJ+z kAcCzbSrWwhm6ku22evHjXNvc7Ek20PCVmvNtcqkh9jew0Bbcokzzg2rIZ5wsfO4 QNv9GpTl25/jt4x9AMwj3m1VoSNVIMs7geyHjfi0GXlEOiH4O50CNUTGBpGKraXu 1Mj1jqvWNHVxAH0kVYcfc/BUW2C46BxG6bDUH5fpgqdLheSWwm8qES/kQXFmkrI5 vyu4i/xKYEhdaTlOynOfAPLIKmrzhVmvU+/DrKR5RLi+BwaV74aK/ejxDjlyLMV0 PRS8f4ykMUWzuw== -----END CERTIFICATE-----Generated at Wed Dec 24 08:48:01 2025 by rpki-client