This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft File: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft (raw, json) Hash identifier: HV6TNkMLckAFxXltKP/pXrfOU36TO+Nq4Xmq6FAdjsA= Subject key identifier: DF:A7:83:A5:1C:97:52:C6:7D:7A:C9:40:BE:F0:1E:4C:6D:6C:1E:BB Authority key identifier: AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87 Certificate issuer: /CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187 Certificate serial: 019B4A71ADF7601D5B35D4FD097372293B94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft Manifest number: 118A Signing time: Tue 23 Dec 2025 09:02:02 +0000 Manifest this update: Tue 23 Dec 2025 09:02:02 +0000 Manifest next update: Wed 24 Dec 2025 09:02:02 +0000 Files and hashes: 1: 1Z36oEX0lkx8ndMTGV0SwL3pu6s.roa (hash: oLjRdDjCa874D2Ohi+4lYwxZSVZ663VZAUA47G0Sbic=) 2: rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl (hash: A8MB+MYe3Q6GcNtk2fBwRcsRBmwqiUDjzNBj/4Zxgqg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:71:ad:f7:60:1d:5b:35:d4:fd:09:73:72:29:3b:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aea84d7e64ba3e85b57036c7318f93cc3d94d187 Validity Not Before: Dec 23 09:02:02 2025 GMT Not After : Dec 24 09:02:02 2025 GMT Subject: CN=dfa783a51c9752c67d7ac940bef01e4c6d6c1ebb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:58:f9:9d:74:96:36:cb:48:22:ed:04:9e:1d: 96:d6:fd:ab:ed:82:60:01:52:c9:c4:4a:8a:ba:09: 39:4a:80:bd:98:df:f7:8e:b1:e6:f9:b1:26:85:7d: 6c:6c:fa:bc:ab:cd:9b:d0:2f:b0:18:63:a7:80:15: 8d:1e:8f:0b:0a:ba:45:e0:83:d4:61:cb:f1:5f:b2: 2d:14:3e:43:f8:9f:ee:fd:18:6c:75:9c:8d:10:87: 07:96:2d:92:49:ad:82:5b:39:2f:66:08:7b:66:75: 3f:44:26:3a:f7:79:bd:34:0d:ce:7a:cb:3f:cd:5b: 1b:9f:37:ba:8e:cd:95:ae:4e:22:9f:71:05:14:28: d2:b6:61:1b:86:68:96:a7:85:1b:9d:06:9a:ad:45: d3:6a:ad:e8:6e:94:7d:9d:2e:ef:dd:a6:b1:0e:c6: e8:8c:ab:17:e3:71:40:07:11:02:4e:c2:60:27:a8: ba:0d:d3:c7:3b:78:71:21:87:a5:48:80:a0:12:b5: 73:29:e6:28:2e:25:ba:bf:48:19:c9:63:be:aa:f2: 78:c7:0b:0d:18:21:6f:14:25:8c:7c:c8:b5:36:cc: 0e:b2:c8:69:2e:20:05:ac:25:77:1e:c9:48:db:cd: 2f:cc:8d:00:cb:0b:49:3e:18:87:7e:ba:66:dc:12: 79:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:A7:83:A5:1C:97:52:C6:7D:7A:C9:40:BE:F0:1E:4C:6D:6C:1E:BB X509v3 Authority Key Identifier: keyid:AE:A8:4D:7E:64:BA:3E:85:B5:70:36:C7:31:8F:93:CC:3D:94:D1:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/157f1e-7cf8-4d98-a924-97c332f7239d/1/rqhNfmS6PoW1cDbHMY-TzD2U0Yc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d8:4b:5c:f5:25:de:c8:41:75:0b:22:d8:5f:fa:fd:b1:51:c7: 52:c9:74:b6:f6:16:b0:65:48:8c:91:ee:9b:76:3c:1e:bc:0b: 4d:75:e6:31:1d:b2:07:76:c6:32:de:bf:38:e5:2d:c6:dd:1a: c1:2c:57:d4:e2:ba:31:ed:24:f0:86:f0:22:c8:8b:0c:4e:75: d6:fa:5d:d9:ba:12:0f:db:00:80:03:e5:ba:6e:15:46:a6:5d: 38:fb:5d:41:b8:08:c2:e0:85:95:94:fb:6f:76:f3:03:c3:5a: c0:86:3f:60:87:f2:87:9c:a8:f5:fd:97:b3:87:e5:47:01:72: 92:e8:76:e6:4d:ad:35:1f:dd:da:56:0c:fc:bf:0b:fe:0d:1b: f4:a7:54:a4:e3:d3:ca:bc:a2:16:f1:a9:bd:22:02:52:b5:c4: e0:15:76:3d:6a:54:d3:83:9d:87:83:40:cc:2a:2e:91:f5:6f: 2e:48:60:be:01:63:8c:91:24:e1:07:72:72:ed:4b:4a:4e:7c: 74:2a:06:7f:9a:cc:12:0b:d1:cd:66:d2:f3:dc:3d:a5:4c:0e: 0f:00:69:fa:6a:81:09:ae:fb:f0:70:3d:e9:22:fe:e3:a5:56: 8e:36:36:94:b1:55:e8:b2:08:0a:02:5a:e5:40:ae:bf:ea:80: 29:a4:97:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKca33YB1bNdT9CXNyKTuUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlYTg0ZDdlNjRiYTNlODViNTcwMzZjNzMxOGY5M2NjM2Q5 NGQxODcwHhcNMjUxMjIzMDkwMjAyWhcNMjUxMjI0MDkwMjAyWjAzMTEwLwYDVQQD EyhkZmE3ODNhNTFjOTc1MmM2N2Q3YWM5NDBiZWYwMWU0YzZkNmMxZWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVj5nXSWNstIIu0Enh2W1v2r7YJg AVLJxEqKugk5SoC9mN/3jrHm+bEmhX1sbPq8q82b0C+wGGOngBWNHo8LCrpF4IPU YcvxX7ItFD5D+J/u/RhsdZyNEIcHli2SSa2CWzkvZgh7ZnU/RCY693m9NA3Oess/ zVsbnze6js2Vrk4in3EFFCjStmEbhmiWp4UbnQaarUXTaq3obpR9nS7v3aaxDsbo jKsX43FABxECTsJgJ6i6DdPHO3hxIYelSICgErVzKeYoLiW6v0gZyWO+qvJ4xwsN GCFvFCWMfMi1NswOsshpLiAFrCV3HslI280vzI0AywtJPhiHfrpm3BJ5LwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN+ng6Ucl1LGfXrJQL7wHkxtbB67MB8GA1UdIwQY MBaAFK6oTX5kuj6FtXA2xzGPk8w9lNGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQt OTdjMzMyZjcyMzlkLzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xNTdmMWUtN2NmOC00ZDk4LWE5MjQtOTdjMzMyZjcyMzlk LzEvcnFoTmZtUzZQb1cxY0RiSE1ZLVR6RDJVMFljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2Etc9SXe yEF1CyLYX/r9sVHHUsl0tvYWsGVIjJHum3Y8HrwLTXXmMR2yB3bGMt6/OOUtxt0a wSxX1OK6Me0k8IbwIsiLDE511vpd2boSD9sAgAPlum4VRqZdOPtdQbgIwuCFlZT7 b3bzA8NawIY/YIfyh5yo9f2Xs4flRwFykuh25k2tNR/d2lYM/L8L/g0b9KdUpOPT yryiFvGpvSICUrXE4BV2PWpU04Odh4NAzCoukfVvLkhgvgFjjJEk4Qdycu1LSk58 dCoGf5rMEgvRzWbS89w9pUwODwBp+mqBCa778HA96SL+46VWjjY2lLFV6LIICgJa 5UCuv+qAKaSX+w== -----END CERTIFICATE-----Generated at Tue Dec 23 12:38:53 2025 by rpki-client