This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft File: CQKHJW4l-jQNOvungOrGDVVq3sA.mft (raw, json) Hash identifier: EoXn4rb6EwihIP4YP3NAJNxdPo+Wr1vVaucM5LmDDPc= Subject key identifier: 02:40:83:7D:BF:0B:3B:91:31:E3:33:2E:3F:4F:8B:BE:B0:47:99:38 Authority key identifier: 09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0 Certificate issuer: /CN=090287256e25fa340d3afba780eac60d556adec0 Certificate serial: 019B6CC67BA0EB79C817C65CAB1796044055 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft Manifest number: 0ABE Signing time: Tue 30 Dec 2025 01:01:45 +0000 Manifest this update: Tue 30 Dec 2025 01:01:45 +0000 Manifest next update: Wed 31 Dec 2025 01:01:45 +0000 Files and hashes: 1: CQKHJW4l-jQNOvungOrGDVVq3sA.crl (hash: 5o6xDnjzP4C+h4ljzHOdQTUOdNERSSZJLMj8KjHhsL4=) 2: EOgnkpCGO25TfSV28ABNiElbHMI.roa (hash: xamMOb/MG2jklBJl6shRJRNZ2UW4izFBKtZBvXEcSVg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 23:52:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c6:7b:a0:eb:79:c8:17:c6:5c:ab:17:96:04:40:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=090287256e25fa340d3afba780eac60d556adec0 Validity Not Before: Dec 30 01:01:45 2025 GMT Not After : Dec 31 01:01:45 2025 GMT Subject: CN=0240837dbf0b3b9131e3332e3f4f8bbeb0479938 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:35:63:1a:6a:a5:5a:17:99:16:6e:16:cf:c5: 9c:da:45:df:92:c8:e5:dc:79:11:1e:07:1e:5f:39: d7:91:6d:68:8f:01:47:7e:60:1c:4b:f8:4a:f8:5b: 73:b6:92:48:f3:d6:de:71:1f:d8:26:28:97:5c:1d: 9f:59:90:b0:86:63:40:4f:d2:aa:9c:0e:00:f7:8d: 5d:f6:f8:14:84:7f:ba:dd:95:f6:ca:d8:d5:64:9a: 40:a3:41:64:e6:f8:75:a3:61:56:c5:79:ff:2f:7d: 03:04:d6:e8:81:28:f2:60:f6:01:cf:ce:1e:b8:dd: b7:cc:1b:c9:99:ca:c7:44:33:fa:e9:8f:f2:ef:86: d0:32:7c:e6:c5:03:af:c4:c4:b0:83:83:08:a4:ee: 25:12:1c:23:cf:d4:20:4b:0b:5f:18:1c:83:cc:f6: 8b:0b:95:8b:8e:03:62:02:d5:3a:7c:a2:a4:3c:f2: 30:dd:92:d3:a2:09:bf:54:bc:e2:0a:11:e4:3f:88: e9:a4:43:75:f7:49:e5:4c:1f:e8:0a:3e:bb:c0:f5: 5c:87:f8:61:f5:c1:93:5e:0f:be:a0:f2:b4:ee:ae: 27:8a:8b:fc:e0:e4:ce:b1:f4:90:22:17:c0:62:fa: 57:72:4a:60:3c:19:6e:af:4d:88:d3:32:53:f2:18: 8f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:40:83:7D:BF:0B:3B:91:31:E3:33:2E:3F:4F:8B:BE:B0:47:99:38 X509v3 Authority Key Identifier: keyid:09:02:87:25:6E:25:FA:34:0D:3A:FB:A7:80:EA:C6:0D:55:6A:DE:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQKHJW4l-jQNOvungOrGDVVq3sA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b0ff5-84c3-49bb-9fab-77b21c04bc7d/1/CQKHJW4l-jQNOvungOrGDVVq3sA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:7e:58:aa:ac:14:16:53:48:42:25:a7:6f:c6:58:37:de:be: 89:df:00:5a:b3:3d:13:0a:c1:a2:8d:55:36:bf:26:d0:e1:fd: 84:e4:54:fe:76:0b:fc:1d:cf:59:17:35:5a:3e:5d:cf:54:f0: ad:93:ac:bb:b9:c5:b9:ca:49:ad:4c:c6:68:74:67:d1:48:28: a8:1b:de:b7:86:5b:3d:81:e3:c8:22:ea:f7:f6:97:18:e5:fc: 97:9d:d3:71:c4:0e:3a:28:89:a7:64:db:36:c8:7c:3a:ae:18: a7:91:3b:c5:51:60:13:14:31:cf:93:5c:1b:b6:c7:46:06:15: cf:b3:94:83:7c:81:d4:87:e3:56:d1:d8:9b:19:99:5d:b7:45: 03:ee:8e:c2:2e:72:5d:15:0e:25:2d:24:3e:79:e2:5f:f6:c8: df:5f:45:82:30:52:89:f4:9c:e7:29:b1:73:d3:42:74:ee:01: 40:0c:59:59:02:a4:eb:cf:7b:a7:bc:8b:29:af:43:36:5e:5e: 2b:11:91:55:8e:ba:96:d4:c0:a7:cf:ae:d0:de:38:6d:6f:85: 50:62:a5:7f:64:10:28:57:cf:91:0a:d9:c3:62:67:d0:fc:4b: dd:23:2c:f3:05:66:ca:47:39:0c:c3:ff:bf:f6:f3:f7:09:f2: 3a:82:f2:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxnug63nIF8ZcqxeWBEBVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MDI4NzI1NmUyNWZhMzQwZDNhZmJhNzgwZWFjNjBkNTU2 YWRlYzAwHhcNMjUxMjMwMDEwMTQ1WhcNMjUxMjMxMDEwMTQ1WjAzMTEwLwYDVQQD EygwMjQwODM3ZGJmMGIzYjkxMzFlMzMzMmUzZjRmOGJiZWIwNDc5OTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zVjGmqlWheZFm4Wz8Wc2kXfksjl 3HkRHgceXznXkW1ojwFHfmAcS/hK+FtztpJI89becR/YJiiXXB2fWZCwhmNAT9Kq nA4A941d9vgUhH+63ZX2ytjVZJpAo0Fk5vh1o2FWxXn/L30DBNbogSjyYPYBz84e uN23zBvJmcrHRDP66Y/y74bQMnzmxQOvxMSwg4MIpO4lEhwjz9QgSwtfGByDzPaL C5WLjgNiAtU6fKKkPPIw3ZLTogm/VLziChHkP4jppEN190nlTB/oCj67wPVch/hh 9cGTXg++oPK07q4niov84OTOsfSQIhfAYvpXckpgPBlur02I0zJT8hiPzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAJAg32/CzuRMeMzLj9Pi76wR5k4MB8GA1UdIwQY MBaAFAkChyVuJfo0DTr7p4Dqxg1Vat7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWIt NzdiMjFjMDRiYzdkLzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC81YjBmZjUtODRjMy00OWJiLTlmYWItNzdiMjFjMDRiYzdk LzEvQ1FLSEpXNGwtalFOT3Z1bmdPckdEVlZxM3NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW35YqqwU FlNIQiWnb8ZYN96+id8AWrM9EwrBoo1VNr8m0OH9hORU/nYL/B3PWRc1Wj5dz1Tw rZOsu7nFucpJrUzGaHRn0UgoqBvet4ZbPYHjyCLq9/aXGOX8l53TccQOOiiJp2Tb Nsh8Oq4Yp5E7xVFgExQxz5NcG7bHRgYVz7OUg3yB1IfjVtHYmxmZXbdFA+6Owi5y XRUOJS0kPnniX/bI319FgjBSifSc5ymxc9NCdO4BQAxZWQKk6897p7yLKa9DNl5e KxGRVY66ltTAp8+u0N44bW+FUGKlf2QQKFfPkQrZw2Jn0PxL3SMs8wVmykc5DMP/ v/bz9wnyOoLyNg== -----END CERTIFICATE-----Generated at Tue Dec 30 03:16:51 2025 by rpki-client