This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.mft File: fQGl2Q3DqDbOtjge_HU04Sn0Okw.mft (raw, json) Hash identifier: NIF/pk4t2bDPtC0DtREgZMc3STDaTzwvNCK6zmgt/2E= Subject key identifier: 32:8C:F3:15:14:5F:32:49:D7:0F:48:A8:8A:A2:54:CE:9F:5D:EE:2E Authority key identifier: 7D:01:A5:D9:0D:C3:A8:36:CE:B6:38:1E:FC:75:34:E1:29:F4:3A:4C Certificate issuer: /CN=7d01a5d90dc3a836ceb6381efc7534e129f43a4c Certificate serial: 019B3CB4C337BE7999211386EFE87B9A665A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQGl2Q3DqDbOtjge_HU04Sn0Okw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 17:00:37 +0000 Manifest this update: Sat 20 Dec 2025 17:00:37 +0000 Manifest next update: Sun 21 Dec 2025 17:00:37 +0000 Files and hashes: 1: UkqG3VMYAz9uABWF42sKAydGWoA.roa (hash: /dg3EZ5BvktCoE6vyv9z5Q4gql01gT6XeimrmuNAS5k=) 2: fQGl2Q3DqDbOtjge_HU04Sn0Okw.crl (hash: VbdRjOWv8A8srv+xK3n7p+h5Qz09iQtA/nn0vRv6FXM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.mft rsync://rpki.ripe.net/repository/DEFAULT/fQGl2Q3DqDbOtjge_HU04Sn0Okw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 17:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b4:c3:37:be:79:99:21:13:86:ef:e8:7b:9a:66:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d01a5d90dc3a836ceb6381efc7534e129f43a4c Validity Not Before: Dec 20 17:00:37 2025 GMT Not After : Dec 21 17:00:37 2025 GMT Subject: CN=328cf315145f3249d70f48a88aa254ce9f5dee2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:64:26:88:24:30:0a:90:96:55:a8:34:3d:53: d9:00:ad:b2:bc:0c:e3:ad:27:0c:19:01:be:d6:e0: 78:b3:92:06:91:d8:ad:84:a8:e2:f2:3d:b8:73:ae: 85:1a:78:19:42:0e:34:c4:e8:79:cf:7f:35:9c:16: cc:9c:d9:c4:0f:af:93:32:b4:ce:2b:9d:7e:19:c6: 09:b1:cf:bd:ac:72:a7:c0:b6:38:b2:24:24:68:cb: 51:19:42:f3:b0:fc:7f:28:5c:ea:71:f6:67:2b:5f: ea:c9:f3:64:a4:96:fe:1c:98:77:f9:8e:6b:69:e0: 63:37:63:8e:fc:26:4e:dd:be:d2:9c:48:fc:f1:d3: 38:7c:58:a5:ec:20:b1:ea:e6:97:dc:59:cd:a6:ed: b1:31:ee:ac:18:d1:ab:ed:84:9b:39:09:09:5e:66: c4:a8:27:0a:ce:36:d7:48:cf:88:2e:c6:b2:a8:84: b8:ea:a8:7b:f6:f2:82:eb:3e:c1:09:75:96:fc:7d: 53:51:ef:4e:7c:fe:fb:15:2d:11:0b:00:69:9a:0d: 96:42:b9:36:01:8b:b9:96:aa:c9:0e:37:0b:d0:54: d4:27:77:16:c4:dd:36:a0:1b:08:55:ce:f1:b5:21: fa:c9:0b:5b:87:20:5e:49:98:8f:db:f0:4a:ec:bc: d8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:8C:F3:15:14:5F:32:49:D7:0F:48:A8:8A:A2:54:CE:9F:5D:EE:2E X509v3 Authority Key Identifier: keyid:7D:01:A5:D9:0D:C3:A8:36:CE:B6:38:1E:FC:75:34:E1:29:F4:3A:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQGl2Q3DqDbOtjge_HU04Sn0Okw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21b007-a086-4312-9d23-62f666473b21/1/fQGl2Q3DqDbOtjge_HU04Sn0Okw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:96:ae:ae:c0:35:b0:eb:e5:ee:77:cf:0d:06:c8:d3:1e:b1: 0d:a6:fb:f7:eb:b9:9a:6c:c3:b3:04:fe:cb:48:a3:a2:e2:5e: 1f:60:8f:76:34:b4:f1:a6:e5:3f:f9:eb:78:ba:48:44:46:5d: c3:d9:53:19:d7:09:1e:78:37:7b:c3:27:2e:c4:8d:b6:d1:5b: 72:72:4a:5d:74:8e:12:14:08:0b:15:d7:05:1e:88:1a:f0:1c: 92:41:3e:c8:80:16:a0:5a:25:c6:ef:c0:93:27:2e:c5:78:fd: 37:3d:6d:c4:5d:bf:23:a1:30:c7:2b:3a:80:44:dc:d1:cf:d1: 90:67:0c:90:73:70:6d:8b:8f:7c:e4:ae:d7:84:ff:8d:92:45: 42:55:4d:c3:64:6b:66:49:59:10:1a:c9:ec:dc:97:05:94:11: 15:5e:f0:19:1f:a2:05:19:ea:76:c8:ed:01:00:8d:aa:62:0a: 9f:3c:7e:9a:a1:2f:e3:7a:e2:1e:93:e2:ee:26:21:59:16:3d: 05:d6:58:be:48:f8:75:1a:ed:6d:2c:f6:5f:dc:ba:8a:57:26: 3a:17:af:2f:a7:1d:9f:fa:55:7b:f2:5e:f6:54:dd:20:eb:98: 9a:e7:f8:26:14:60:f0:c0:8a:ad:7e:8c:8e:53:5c:f4:6c:1c: 23:51:b4:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tMM3vnmZIROG7+h7mmZaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkMDFhNWQ5MGRjM2E4MzZjZWI2MzgxZWZjNzUzNGUxMjlm NDNhNGMwHhcNMjUxMjIwMTcwMDM3WhcNMjUxMjIxMTcwMDM3WjAzMTEwLwYDVQQD EygzMjhjZjMxNTE0NWYzMjQ5ZDcwZjQ4YTg4YWEyNTRjZTlmNWRlZTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2QmiCQwCpCWVag0PVPZAK2yvAzj rScMGQG+1uB4s5IGkdithKji8j24c66FGngZQg40xOh5z381nBbMnNnED6+TMrTO K51+GcYJsc+9rHKnwLY4siQkaMtRGULzsPx/KFzqcfZnK1/qyfNkpJb+HJh3+Y5r aeBjN2OO/CZO3b7SnEj88dM4fFil7CCx6uaX3FnNpu2xMe6sGNGr7YSbOQkJXmbE qCcKzjbXSM+ILsayqIS46qh79vKC6z7BCXWW/H1TUe9OfP77FS0RCwBpmg2WQrk2 AYu5lqrJDjcL0FTUJ3cWxN02oBsIVc7xtSH6yQtbhyBeSZiP2/BK7LzYowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDKM8xUUXzJJ1w9IqIqiVM6fXe4uMB8GA1UdIwQY MBaAFH0BpdkNw6g2zrY4Hvx1NOEp9DpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlFHbDJRM0RxRGJPdGpnZV9IVTA0U24wT2t3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMWIwMDctYTA4Ni00MzEyLTlkMjMt NjJmNjY2NDczYjIxLzEvZlFHbDJRM0RxRGJPdGpnZV9IVTA0U24wT2t3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8yMWIwMDctYTA4Ni00MzEyLTlkMjMtNjJmNjY2NDczYjIx LzEvZlFHbDJRM0RxRGJPdGpnZV9IVTA0U24wT2t3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOJaursA1 sOvl7nfPDQbI0x6xDab79+u5mmzDswT+y0ijouJeH2CPdjS08ablP/nreLpIREZd w9lTGdcJHng3e8MnLsSNttFbcnJKXXSOEhQICxXXBR6IGvAckkE+yIAWoFolxu/A kycuxXj9Nz1txF2/I6Ewxys6gETc0c/RkGcMkHNwbYuPfOSu14T/jZJFQlVNw2Rr ZklZEBrJ7NyXBZQRFV7wGR+iBRnqdsjtAQCNqmIKnzx+mqEv43riHpPi7iYhWRY9 BdZYvkj4dRrtbSz2X9y6ilcmOhevL6cdn/pVe/Je9lTdIOuYmuf4JhRg8MCKrX6M jlNc9GwcI1G0aw== -----END CERTIFICATE-----Generated at Sun Dec 21 02:33:36 2025 by rpki-client