This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft File: qmWvaX3x9s2vTLvWbePUO-2GnpA.mft (raw, json) Hash identifier: iVYOUzcbomRLiC2p79t5tieHsKWi6+9l4MXMO84t5gQ= Subject key identifier: 21:F5:F8:33:22:C1:E8:B1:F2:09:DD:6C:26:31:63:FC:E7:02:2A:B0 Authority key identifier: AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90 Certificate issuer: /CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90 Certificate serial: 019B41A4BB930212845FEED51365DFB35E8A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft Manifest number: 0DA7 Signing time: Sun 21 Dec 2025 16:01:13 +0000 Manifest this update: Sun 21 Dec 2025 16:01:13 +0000 Manifest next update: Mon 22 Dec 2025 16:01:13 +0000 Files and hashes: 1: qmWvaX3x9s2vTLvWbePUO-2GnpA.crl (hash: t6uIzrRZQ3HrT+B7CSCjH6wNbMwVJXm9qYuwKZ0Xdtk=) 2: u25_l7rqpA4jc9Mn9X_nn6jE1D8.roa (hash: XxkiW8kKfa52GpQHHiGBtUNZJLczRvJy5PTfiodYsrs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:a4:bb:93:02:12:84:5f:ee:d5:13:65:df:b3:5e:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa65af697df1f6cdaf4cbbd66de3d43bed869e90 Validity Not Before: Dec 21 16:01:13 2025 GMT Not After : Dec 22 16:01:13 2025 GMT Subject: CN=21f5f83322c1e8b1f209dd6c263163fce7022ab0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b4:5a:53:95:07:37:0f:1c:66:ff:c5:0d:d4: d1:93:3d:1e:7e:52:d9:01:3b:7d:34:41:e2:8d:d6: c4:2f:b8:e2:a5:8a:84:cb:13:d8:13:76:7b:12:6f: 20:dc:fd:10:89:c3:ee:79:df:f7:bb:c0:bb:06:66: 03:ea:2b:db:8a:fd:0a:66:cf:09:62:40:3d:ed:44: 4c:ec:a5:74:f3:11:b8:a4:ed:01:d6:56:fb:fa:c1: de:98:16:77:ca:b5:8f:35:11:89:d9:ac:0a:a4:c7: d5:e0:a3:18:11:fc:0a:03:70:cf:24:3c:7f:00:cc: eb:28:c6:84:53:39:80:e0:ca:e6:8e:29:d5:52:0c: 6c:71:09:44:fd:c0:31:19:e2:fb:5f:d5:f8:3d:54: 70:bc:c2:2d:fd:8b:1b:dd:42:c1:25:1c:0a:40:51: e1:ef:d5:58:ad:76:f1:7a:b3:ba:7e:47:74:77:83: fa:40:e2:0d:8d:ab:02:1c:bc:de:f7:ab:7b:8f:99: 26:bc:0d:d7:f9:45:97:38:04:6c:c3:69:e4:ff:2a: 06:6f:4f:8a:0d:c0:7f:d3:d5:72:9d:27:b9:ba:25: 97:df:ea:2b:ae:ce:af:be:1a:4f:96:92:93:b8:16: 1f:d9:d5:23:db:c8:5c:23:2b:78:e2:4a:77:f1:57: 38:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:F5:F8:33:22:C1:E8:B1:F2:09:DD:6C:26:31:63:FC:E7:02:2A:B0 X509v3 Authority Key Identifier: keyid:AA:65:AF:69:7D:F1:F6:CD:AF:4C:BB:D6:6D:E3:D4:3B:ED:86:9E:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qmWvaX3x9s2vTLvWbePUO-2GnpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/04019c-ad17-428d-b3a2-1be13ba8d456/1/qmWvaX3x9s2vTLvWbePUO-2GnpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:09:7e:3f:8b:86:30:c0:82:15:8d:dd:34:14:08:88:4b:18: 23:0c:66:95:aa:ab:50:fb:de:02:41:8b:51:b0:24:9f:2f:c3: 84:d8:7e:c3:e7:87:3a:c3:98:05:17:ab:31:4e:5e:59:2c:0c: 05:f7:08:e1:46:80:c8:fe:94:1a:b8:cf:e8:76:dc:f7:aa:10: dd:3b:ed:33:bf:01:53:12:c7:30:17:61:79:de:66:74:a4:b8: a1:72:17:af:a2:8e:00:c1:2c:73:b9:9a:d3:74:f3:53:74:82: be:ef:fb:ee:04:c2:24:3c:4a:57:40:29:d6:97:ce:b1:14:81: f5:a7:41:57:a1:e8:02:38:06:de:c4:f6:c2:ce:f7:aa:7d:da: 10:23:72:d3:c8:2f:84:93:41:04:5f:51:70:b1:5a:69:48:ea: ad:01:1f:06:e9:26:ed:93:02:5a:39:ef:b2:55:41:ec:15:c7: 52:ab:a6:97:db:94:9f:e0:f8:f5:5d:4d:a4:5a:be:59:71:9f: 10:79:9f:a1:16:0f:20:ef:99:0b:a7:e2:93:80:43:5a:35:78: 3c:f6:ba:e7:75:52:91:21:56:24:07:95:4b:91:32:9a:94:27: 15:21:33:15:ea:d4:fc:f3:65:3d:7a:a3:71:61:57:21:2d:59: 4f:fa:dc:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBpLuTAhKEX+7VE2Xfs16KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNjVhZjY5N2RmMWY2Y2RhZjRjYmJkNjZkZTNkNDNiZWQ4 NjllOTAwHhcNMjUxMjIxMTYwMTEzWhcNMjUxMjIyMTYwMTEzWjAzMTEwLwYDVQQD EygyMWY1ZjgzMzIyYzFlOGIxZjIwOWRkNmMyNjMxNjNmY2U3MDIyYWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLRaU5UHNw8cZv/FDdTRkz0eflLZ ATt9NEHijdbEL7jipYqEyxPYE3Z7Em8g3P0QicPued/3u8C7BmYD6ivbiv0KZs8J YkA97URM7KV08xG4pO0B1lb7+sHemBZ3yrWPNRGJ2awKpMfV4KMYEfwKA3DPJDx/ AMzrKMaEUzmA4MrmjinVUgxscQlE/cAxGeL7X9X4PVRwvMIt/Ysb3ULBJRwKQFHh 79VYrXbxerO6fkd0d4P6QOINjasCHLze96t7j5kmvA3X+UWXOARsw2nk/yoGb0+K DcB/09VynSe5uiWX3+orrs6vvhpPlpKTuBYf2dUj28hcIyt44kp38Vc4bQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCH1+DMiweix8gndbCYxY/znAiqwMB8GA1UdIwQY MBaAFKplr2l98fbNr0y71m3j1Dvthp6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTIt MWJlMTNiYThkNDU2LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy8wNDAxOWMtYWQxNy00MjhkLWIzYTItMWJlMTNiYThkNDU2 LzEvcW1XdmFYM3g5czJ2VEx2V2JlUFVPLTJHbnBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgwl+P4uG MMCCFY3dNBQIiEsYIwxmlaqrUPveAkGLUbAkny/DhNh+w+eHOsOYBRerMU5eWSwM BfcI4UaAyP6UGrjP6Hbc96oQ3TvtM78BUxLHMBdhed5mdKS4oXIXr6KOAMEsc7ma 03TzU3SCvu/77gTCJDxKV0Ap1pfOsRSB9adBV6HoAjgG3sT2ws73qn3aECNy08gv hJNBBF9RcLFaaUjqrQEfBukm7ZMCWjnvslVB7BXHUquml9uUn+D49V1NpFq+WXGf EHmfoRYPIO+ZC6fik4BDWjV4PPa653VSkSFWJAeVS5EympQnFSEzFerU/PNlPXqj cWFXIS1ZT/rc9A== -----END CERTIFICATE-----Generated at Sun Dec 21 20:34:30 2025 by rpki-client