This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft File: q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft (raw, json) Hash identifier: VZaRDwMLWuWqW08ldjeJ4jtBSX10vIhR/bRR7S3XwM8= Subject key identifier: 0B:5D:C9:A1:A0:94:D0:A5:DE:3B:99:80:B3:2D:B1:99:BB:07:AE:91 Authority key identifier: AB:85:20:EC:83:E3:0E:B7:93:8B:80:02:F4:70:F0:D1:C5:05:C4:51 Certificate issuer: /CN=ab8520ec83e30eb7938b8002f470f0d1c505c451 Certificate serial: 019B3EDAC1FE8C71E11EA1F27074116BE8B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft Manifest number: 0D7C Signing time: Sun 21 Dec 2025 03:01:22 +0000 Manifest this update: Sun 21 Dec 2025 03:01:22 +0000 Manifest next update: Mon 22 Dec 2025 03:01:22 +0000 Files and hashes: 1: 0SSsSk3JYtZfVKoUdIXep-skUls.roa (hash: lo1rRlcKmSiP/o5fsPXMsNzyze1q/0lfZDjTXaH15HI=) 2: q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl (hash: rYpGP00nbFm9qvl9juI58M84igvPR2w1HocV4rVc6TA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 03:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:c1:fe:8c:71:e1:1e:a1:f2:70:74:11:6b:e8:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab8520ec83e30eb7938b8002f470f0d1c505c451 Validity Not Before: Dec 21 03:01:22 2025 GMT Not After : Dec 22 03:01:22 2025 GMT Subject: CN=0b5dc9a1a094d0a5de3b9980b32db199bb07ae91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:bd:bc:b9:6a:9e:35:29:74:09:6a:62:02:d0: 22:9a:1f:ea:13:7c:d0:cb:23:ce:ea:d3:01:68:d8: 69:d2:86:31:be:a7:20:ce:9c:7b:4b:d6:cb:07:64: 88:0b:9b:6d:f6:31:3c:bc:bc:f5:47:4b:86:29:fe: f4:34:fb:75:fc:0e:6b:b8:96:1c:f7:4e:9b:15:29: a3:74:e7:eb:06:e8:c5:4b:80:7e:11:55:eb:f4:d8: 90:7b:99:3f:4f:be:bb:93:e9:bc:f1:3f:21:cb:1d: f9:f0:8e:a0:a8:24:9f:56:05:84:c2:bc:40:be:c2: c6:19:25:31:eb:0c:74:25:3d:31:71:cd:e5:ec:7a: b1:bf:48:fe:c1:17:14:b0:58:c6:3e:aa:34:74:44: b3:5d:e8:d5:f3:ef:17:15:bd:56:0a:28:98:2d:38: ab:ea:b3:fa:d0:fc:3e:ce:d6:86:ab:d0:50:89:59: da:cb:23:74:1c:4d:34:85:70:fd:48:46:93:b0:a8: dd:3f:14:bc:4f:bc:e2:df:cf:20:0a:c4:30:c5:8b: 61:88:3a:e5:33:d2:ed:24:49:f2:36:4a:39:f9:67: 8b:d5:16:ed:e4:66:81:64:61:d4:bc:39:2d:78:8f: c9:56:7b:39:46:41:a3:a8:7a:5c:69:9a:2f:52:db: 30:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:5D:C9:A1:A0:94:D0:A5:DE:3B:99:80:B3:2D:B1:99:BB:07:AE:91 X509v3 Authority Key Identifier: keyid:AB:85:20:EC:83:E3:0E:B7:93:8B:80:02:F4:70:F0:D1:C5:05:C4:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:3e:4d:26:cc:6f:99:3c:d5:5b:57:bb:cb:bb:29:b2:0c:b7: e6:99:8b:0c:60:e9:a2:fb:24:74:db:0a:60:34:5d:a4:1e:14: a9:64:d1:72:d1:23:db:bf:6e:7a:0f:02:cf:be:1b:8c:e0:3d: b3:4e:51:6e:65:b6:91:94:65:90:c8:64:b3:72:26:27:d1:38: c0:8f:9c:df:6d:93:c7:f0:5d:e2:50:a1:db:a2:1e:11:44:70: 8f:37:28:7c:c5:fa:f8:35:46:9c:4c:b9:86:b5:f0:66:f3:dc: 13:c1:c3:70:20:4a:e1:45:02:96:ad:75:62:56:98:dc:e5:df: 96:16:92:82:37:ca:ea:80:62:72:a2:7c:53:83:97:3e:8d:c1: 4f:cc:71:2e:b6:59:c6:22:56:31:96:52:6f:3c:6d:a6:6e:a5: 61:f5:9e:81:53:87:a0:41:92:2e:f2:de:d1:84:92:d6:cf:60: 1c:86:2c:4a:cc:e7:1c:96:74:81:90:bc:34:e7:4a:8b:68:14: 01:be:90:23:89:07:5d:6d:b8:26:22:ac:02:fa:ea:e2:cc:bc: 1c:f1:43:2b:f1:3c:39:de:85:6b:cd:17:7f:f7:c6:ef:b8:26: 2a:af:07:03:b1:c0:f0:8a:09:48:f0:02:1b:f4:6d:bf:8d:05: df:fb:fa:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2sH+jHHhHqHycHQRa+i0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiODUyMGVjODNlMzBlYjc5MzhiODAwMmY0NzBmMGQxYzUw NWM0NTEwHhcNMjUxMjIxMDMwMTIyWhcNMjUxMjIyMDMwMTIyWjAzMTEwLwYDVQQD EygwYjVkYzlhMWEwOTRkMGE1ZGUzYjk5ODBiMzJkYjE5OWJiMDdhZTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb28uWqeNSl0CWpiAtAimh/qE3zQ yyPO6tMBaNhp0oYxvqcgzpx7S9bLB2SIC5tt9jE8vLz1R0uGKf70NPt1/A5ruJYc 906bFSmjdOfrBujFS4B+EVXr9NiQe5k/T767k+m88T8hyx358I6gqCSfVgWEwrxA vsLGGSUx6wx0JT0xcc3l7Hqxv0j+wRcUsFjGPqo0dESzXejV8+8XFb1WCiiYLTir 6rP60Pw+ztaGq9BQiVnayyN0HE00hXD9SEaTsKjdPxS8T7zi388gCsQwxYthiDrl M9LtJEnyNko5+WeL1Rbt5GaBZGHUvDkteI/JVns5RkGjqHpcaZovUtswrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAtdyaGglNCl3juZgLMtsZm7B66RMB8GA1UdIwQY MBaAFKuFIOyD4w63k4uAAvRw8NHFBcRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mYWVhNjUtOTBiNC00NmRiLWJlZWYt ODRiNDczYjllYmNkLzEvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mYWVhNjUtOTBiNC00NmRiLWJlZWYtODRiNDczYjllYmNk LzEvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMT5NJsxv mTzVW1e7y7spsgy35pmLDGDpovskdNsKYDRdpB4UqWTRctEj279ueg8Cz74bjOA9 s05RbmW2kZRlkMhks3ImJ9E4wI+c322Tx/Bd4lCh26IeEURwjzcofMX6+DVGnEy5 hrXwZvPcE8HDcCBK4UUClq11YlaY3OXflhaSgjfK6oBicqJ8U4OXPo3BT8xxLrZZ xiJWMZZSbzxtpm6lYfWegVOHoEGSLvLe0YSS1s9gHIYsSsznHJZ0gZC8NOdKi2gU Ab6QI4kHXW24JiKsAvrq4sy8HPFDK/E8Od6Fa80Xf/fG77gmKq8HA7HA8IoJSPAC G/Rtv40F3/v60A== -----END CERTIFICATE-----Generated at Sun Dec 21 12:04:03 2025 by rpki-client