This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft File: qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft (raw, json) Hash identifier: WGWwR5Z0Z/fxg+ZDrEb7ev5EyMfQaaTOqdyX+p8/h48= Subject key identifier: 62:00:18:7F:63:E3:27:B1:36:8F:32:45:13:85:AF:E0:EC:52:D4:87 Authority key identifier: A9:8E:59:43:C3:55:D4:8C:00:4E:6B:F4:A3:B6:CD:B8:C3:0A:DC:4C Certificate issuer: /CN=a98e5943c355d48c004e6bf4a3b6cdb8c30adc4c Certificate serial: 019B39B4148EF1D0047F5A9222E428C60C5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 03:01:01 +0000 Manifest this update: Sat 20 Dec 2025 03:01:01 +0000 Manifest next update: Sun 21 Dec 2025 03:01:01 +0000 Files and hashes: 1: KE4XnKQhqPguqlRYcxIoqo981UE.roa (hash: az71zExo8C/1i/65qlceZGsCGShh0tDnt7kF10fzzW0=) 2: qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.crl (hash: 0IEcjcMb0/0odrKMJSQCaZg76jAxpUiPJ2TuURbUvoI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft rsync://rpki.ripe.net/repository/DEFAULT/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:b4:14:8e:f1:d0:04:7f:5a:92:22:e4:28:c6:0c:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a98e5943c355d48c004e6bf4a3b6cdb8c30adc4c Validity Not Before: Dec 20 03:01:01 2025 GMT Not After : Dec 21 03:01:01 2025 GMT Subject: CN=6200187f63e327b1368f32451385afe0ec52d487 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:e0:8c:12:25:4c:54:88:45:ff:d9:11:09:ae: a4:1c:d9:7f:2b:a4:99:0a:c9:5f:d3:ca:0c:82:f5: b9:02:46:54:22:76:2a:68:89:61:ea:5a:f3:81:30: b8:49:47:f0:de:41:d2:91:78:f4:65:f0:83:c0:10: 42:b3:b5:4e:dd:63:52:1d:7b:06:e0:84:c5:d5:ae: 30:96:cb:49:6e:7f:25:4d:7c:c2:2b:56:0d:17:b2: f8:40:45:ca:cf:ff:36:92:15:34:fb:75:27:90:bd: f6:44:75:d9:72:d1:99:84:99:be:08:f8:9b:ef:1f: 60:f3:c7:f3:13:00:b9:7f:e5:de:6b:64:6f:17:64: f8:3c:99:17:d0:98:c0:cc:82:42:f9:a2:b0:b3:59: 95:d8:f2:ff:c6:7e:f5:62:7c:cf:58:a8:70:57:8a: 1c:08:e1:c5:8c:db:06:1a:5d:bc:1d:ed:0b:30:35: 65:d5:ca:ed:f5:69:31:84:fa:8e:dc:83:76:d1:b9: c3:57:09:ff:d5:9f:64:64:76:6c:18:2f:bb:30:37: 2a:87:a1:b0:21:92:f9:8a:e0:fe:d4:42:7c:7a:d5: b1:09:59:c5:8d:d2:87:56:95:e3:31:f3:a9:67:3c: 9d:cb:56:61:00:46:91:18:42:4a:b3:78:f0:ea:0d: 2b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:00:18:7F:63:E3:27:B1:36:8F:32:45:13:85:AF:E0:EC:52:D4:87 X509v3 Authority Key Identifier: keyid:A9:8E:59:43:C3:55:D4:8C:00:4E:6B:F4:A3:B6:CD:B8:C3:0A:DC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd92cd-7fe3-4223-8350-3c773a6c42f9/1/qY5ZQ8NV1IwATmv0o7bNuMMK3Ew.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:95:d2:ce:ff:7a:2f:ce:1f:a6:8b:a3:31:cb:c8:44:d5:62: 0e:80:a0:51:b6:27:b6:c0:91:88:03:9f:0d:af:e8:59:b3:85: 54:8b:08:71:6e:3c:c0:48:23:fc:c1:22:54:05:88:66:95:78: d9:44:99:55:03:2b:2a:3b:c6:d2:ce:0a:6b:f8:56:77:79:b6: 87:4a:fd:09:12:d4:49:e0:94:6f:68:e4:5b:82:42:7d:cc:d4: 30:d9:34:c6:28:6a:fc:fe:5e:da:33:77:3d:61:59:ac:46:38: 09:0f:d8:5b:24:45:98:27:2d:61:c1:1a:09:16:c0:72:f0:93: 4d:0a:5b:b9:c7:8e:3c:a6:c2:56:d2:41:f0:3e:9d:95:7f:6c: a3:ac:4e:6a:d7:6a:a1:41:c1:65:20:c8:09:d5:96:e3:98:2c: 2f:06:a4:a4:20:b7:bb:0b:4c:6c:f7:7c:d8:79:78:7a:f9:98: 70:d6:38:ca:bb:f1:7e:72:03:50:09:79:a9:c7:a6:af:03:b4: a4:0f:cd:1a:50:c1:66:ef:2f:64:87:0c:f0:f1:26:8e:d9:34: 3f:0f:2a:c0:94:8e:c2:b1:08:d0:6d:8b:3b:f6:97:31:ba:53: 85:e1:e7:18:3e:16:dd:19:94:e1:ac:92:b6:a8:00:f7:8b:d9: a0:b8:76:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5tBSO8dAEf1qSIuQoxgxeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5OGU1OTQzYzM1NWQ0OGMwMDRlNmJmNGEzYjZjZGI4YzMw YWRjNGMwHhcNMjUxMjIwMDMwMTAxWhcNMjUxMjIxMDMwMTAxWjAzMTEwLwYDVQQD Eyg2MjAwMTg3ZjYzZTMyN2IxMzY4ZjMyNDUxMzg1YWZlMGVjNTJkNDg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuCMEiVMVIhF/9kRCa6kHNl/K6SZ Cslf08oMgvW5AkZUInYqaIlh6lrzgTC4SUfw3kHSkXj0ZfCDwBBCs7VO3WNSHXsG 4ITF1a4wlstJbn8lTXzCK1YNF7L4QEXKz/82khU0+3UnkL32RHXZctGZhJm+CPib 7x9g88fzEwC5f+Xea2RvF2T4PJkX0JjAzIJC+aKws1mV2PL/xn71YnzPWKhwV4oc COHFjNsGGl28He0LMDVl1crt9WkxhPqO3IN20bnDVwn/1Z9kZHZsGC+7MDcqh6Gw IZL5iuD+1EJ8etWxCVnFjdKHVpXjMfOpZzydy1ZhAEaRGEJKs3jw6g0rMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGIAGH9j4yexNo8yRROFr+DsUtSHMB8GA1UdIwQY MBaAFKmOWUPDVdSMAE5r9KO2zbjDCtxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcVk1WlE4TlYxSXdBVG12MG83Yk51TU1LM0V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDkyY2QtN2ZlMy00MjIzLTgzNTAt M2M3NzNhNmM0MmY5LzEvcVk1WlE4TlYxSXdBVG12MG83Yk51TU1LM0V3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9jZDkyY2QtN2ZlMy00MjIzLTgzNTAtM2M3NzNhNmM0MmY5 LzEvcVk1WlE4TlYxSXdBVG12MG83Yk51TU1LM0V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXZXSzv96 L84fpoujMcvIRNViDoCgUbYntsCRiAOfDa/oWbOFVIsIcW48wEgj/MEiVAWIZpV4 2USZVQMrKjvG0s4Ka/hWd3m2h0r9CRLUSeCUb2jkW4JCfczUMNk0xihq/P5e2jN3 PWFZrEY4CQ/YWyRFmCctYcEaCRbAcvCTTQpbuceOPKbCVtJB8D6dlX9so6xOatdq oUHBZSDICdWW45gsLwakpCC3uwtMbPd82Hl4evmYcNY4yrvxfnIDUAl5qcemrwO0 pA/NGlDBZu8vZIcM8PEmjtk0Pw8qwJSOwrEI0G2LO/aXMbpTheHnGD4W3RmU4ayS tqgA94vZoLh2xw== -----END CERTIFICATE-----Generated at Sat Dec 20 09:24:56 2025 by rpki-client