This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1ac3a0-4716-4be0-8ba2-fa84f3974990/1/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.mft File: Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.mft (raw, json) Hash identifier: bFpIjnOTmSrcmSvexoq1sWdnGWiNv+GZGbhSuemWeRA= Subject key identifier: 05:EA:C7:69:29:92:01:9E:13:8D:A1:4E:C7:13:4D:13:6F:2C:7B:32 Authority key identifier: 43:B8:B1:3F:7E:2E:49:7E:D1:C7:B0:A3:41:7B:DD:F1:9B:CC:61:1A Certificate issuer: /CN=43b8b13f7e2e497ed1c7b0a3417bddf19bcc611a Certificate serial: 019B4136C9DED752F7FD566F452F579E25ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1ac3a0-4716-4be0-8ba2-fa84f3974990/1/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.mft Manifest number: 12 Signing time: Sun 21 Dec 2025 14:01:08 +0000 Manifest this update: Sun 21 Dec 2025 14:01:08 +0000 Manifest next update: Mon 22 Dec 2025 14:01:08 +0000 Files and hashes: 1: 06EJyalnsYZndusaE_4AMc563fU.roa (hash: zok3sDaWrSAVanDhqY6piMCfghJFn1OjbeGQ5zbS4cc=) 2: Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.crl (hash: 03Z54oWN21sgvzxhG3BnFU6rF9ENv3naCKKHoE0Jf2c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/1ac3a0-4716-4be0-8ba2-fa84f3974990/1/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/1ac3a0-4716-4be0-8ba2-fa84f3974990/1/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.mft rsync://rpki.ripe.net/repository/DEFAULT/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:c9:de:d7:52:f7:fd:56:6f:45:2f:57:9e:25:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43b8b13f7e2e497ed1c7b0a3417bddf19bcc611a Validity Not Before: Dec 21 14:01:08 2025 GMT Not After : Dec 22 14:01:08 2025 GMT Subject: CN=05eac7692992019e138da14ec7134d136f2c7b32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:49:52:6b:05:83:d4:c5:7d:42:dc:26:2c:8f: 5c:79:43:91:dc:bf:82:65:72:11:a0:d9:b8:ba:1e: 79:40:43:f5:1a:08:17:0b:21:2a:74:ed:68:2f:3e: 2c:bf:a5:5a:a9:65:72:ab:00:c5:9b:cf:26:ab:27: dd:2f:71:c4:9f:be:d6:e1:6f:f6:36:77:d3:0c:c4: f8:a7:cf:3f:99:0c:25:2b:1f:74:74:32:6c:0c:d1: 4f:cc:29:b4:e7:08:a9:5a:70:de:8f:27:4f:cb:1f: 34:b1:63:41:21:76:7f:95:b8:d2:a4:63:ea:d4:82: fc:43:19:d2:aa:af:e5:22:7e:44:7d:38:72:fe:b9: 1d:11:1c:3d:97:1b:f3:3d:bf:0a:9f:2c:76:97:fc: cc:62:3f:e3:20:31:d4:8c:50:eb:ac:ce:81:65:ad: 29:e9:39:d4:65:cb:f4:44:82:36:9a:22:0c:d9:d8: 34:58:ca:0f:b1:48:3a:3b:f4:3c:97:98:56:3c:09: 72:c1:ed:cd:77:bb:d7:46:33:93:cf:5e:4d:f3:33: 92:49:9c:45:90:3b:84:b8:43:28:e2:a0:29:01:9c: f0:8d:9c:cc:eb:03:dc:32:d4:15:ee:5c:22:2c:4a: 0e:5c:36:bf:b5:0c:bd:1a:e7:94:80:12:09:d6:0e: c6:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:EA:C7:69:29:92:01:9E:13:8D:A1:4E:C7:13:4D:13:6F:2C:7B:32 X509v3 Authority Key Identifier: keyid:43:B8:B1:3F:7E:2E:49:7E:D1:C7:B0:A3:41:7B:DD:F1:9B:CC:61:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1ac3a0-4716-4be0-8ba2-fa84f3974990/1/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1ac3a0-4716-4be0-8ba2-fa84f3974990/1/Q7ixP34uSX7Rx7CjQXvd8ZvMYRo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:a8:45:b6:1f:23:74:37:b2:f7:ec:3f:58:65:fb:0c:62:9d: f5:91:46:1d:62:b0:58:e1:40:15:ff:aa:0e:14:7b:54:3d:61: a2:aa:90:c1:ea:56:80:98:e0:97:37:9f:dd:d9:b6:9f:69:70: b7:85:d2:58:52:ec:11:c4:84:f9:3c:4d:f3:9a:38:07:9e:84: 0c:6a:f9:a2:f8:b9:cf:d1:53:75:a6:66:0a:5c:64:de:5b:5d: 0d:22:f6:da:cc:7c:af:78:f8:6d:29:81:8b:be:21:57:1a:22: 82:7d:00:d6:ad:75:01:70:78:b4:c8:20:a4:6b:87:a4:88:74: 1c:8a:f5:9e:18:76:66:b3:4d:17:e4:4e:7f:b8:21:c2:ef:1c: c5:0f:b9:d0:3d:a1:52:14:46:54:a1:d3:df:72:53:2a:bf:b7: 34:05:f1:16:6c:35:eb:30:96:74:9e:dc:6c:b1:d6:99:db:3f: 43:27:e4:22:56:de:66:21:dd:93:d5:e7:86:f3:90:90:a2:c7: ee:51:03:6f:5c:87:98:0d:b9:15:8b:52:99:34:af:ea:d4:73: 21:6a:5e:dc:46:a0:a6:f9:99:2a:c0:4f:2b:03:7c:0e:42:0a: b3:1b:55:d0:59:e4:56:bb:59:12:9c:74:3c:53:f0:e8:8d:68: c3:5a:e0:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNsne11L3/VZvRS9XniXtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzYjhiMTNmN2UyZTQ5N2VkMWM3YjBhMzQxN2JkZGYxOWJj YzYxMWEwHhcNMjUxMjIxMTQwMTA4WhcNMjUxMjIyMTQwMTA4WjAzMTEwLwYDVQQD EygwNWVhYzc2OTI5OTIwMTllMTM4ZGExNGVjNzEzNGQxMzZmMmM3YjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0lSawWD1MV9QtwmLI9ceUOR3L+C ZXIRoNm4uh55QEP1GggXCyEqdO1oLz4sv6VaqWVyqwDFm88mqyfdL3HEn77W4W/2 NnfTDMT4p88/mQwlKx90dDJsDNFPzCm05wipWnDejydPyx80sWNBIXZ/lbjSpGPq 1IL8QxnSqq/lIn5EfThy/rkdERw9lxvzPb8Knyx2l/zMYj/jIDHUjFDrrM6BZa0p 6TnUZcv0RII2miIM2dg0WMoPsUg6O/Q8l5hWPAlywe3Nd7vXRjOTz15N8zOSSZxF kDuEuEMo4qApAZzwjZzM6wPcMtQV7lwiLEoOXDa/tQy9GueUgBIJ1g7GCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAXqx2kpkgGeE42hTscTTRNvLHsyMB8GA1UdIwQY MBaAFEO4sT9+Lkl+0cewo0F73fGbzGEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTdpeFAzNHVTWDdSeDdDalFYdmQ4WnZNWVJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYWMzYTAtNDcxNi00YmUwLThiYTIt ZmE4NGYzOTc0OTkwLzEvUTdpeFAzNHVTWDdSeDdDalFYdmQ4WnZNWVJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi8xYWMzYTAtNDcxNi00YmUwLThiYTItZmE4NGYzOTc0OTkw LzEvUTdpeFAzNHVTWDdSeDdDalFYdmQ4WnZNWVJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe6hFth8j dDey9+w/WGX7DGKd9ZFGHWKwWOFAFf+qDhR7VD1hoqqQwepWgJjglzef3dm2n2lw t4XSWFLsEcSE+TxN85o4B56EDGr5ovi5z9FTdaZmClxk3ltdDSL22sx8r3j4bSmB i74hVxoign0A1q11AXB4tMggpGuHpIh0HIr1nhh2ZrNNF+ROf7ghwu8cxQ+50D2h UhRGVKHT33JTKr+3NAXxFmw16zCWdJ7cbLHWmds/QyfkIlbeZiHdk9XnhvOQkKLH 7lEDb1yHmA25FYtSmTSv6tRzIWpe3EagpvmZKsBPKwN8DkIKsxtV0FnkVrtZEpx0 PFPw6I1ow1rgsQ== -----END CERTIFICATE-----Generated at Sun Dec 21 20:31:01 2025 by rpki-client