This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft File: qyt5QmiS7R2nsuYYZ3DPsErmA80.mft (raw, json) Hash identifier: kx8CqXn/MXHWTzq4z3KPGwZsq+rWFoY0kEIxZFfszyI= Subject key identifier: C6:17:4F:46:B0:E6:A8:F3:C8:18:73:F0:27:61:A1:B5:7A:60:43:2C Authority key identifier: AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD Certificate issuer: /CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd Certificate serial: 019B4AA7E41DE06EC1488C08EC782D8C2799 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft Manifest number: 0A35 Signing time: Tue 23 Dec 2025 10:01:15 +0000 Manifest this update: Tue 23 Dec 2025 10:01:15 +0000 Manifest next update: Wed 24 Dec 2025 10:01:15 +0000 Files and hashes: 1: qyt5QmiS7R2nsuYYZ3DPsErmA80.crl (hash: 32t00FbNje/95OVCT8uTYvmRKHJbgwlN8+gwFLYYJUQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:a7:e4:1d:e0:6e:c1:48:8c:08:ec:78:2d:8c:27:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd Validity Not Before: Dec 23 10:01:15 2025 GMT Not After : Dec 24 10:01:15 2025 GMT Subject: CN=c6174f46b0e6a8f3c81873f02761a1b57a60432c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:ea:cd:3b:2e:3c:4b:f8:d0:61:47:44:8e:9f: b2:90:d3:fb:1c:e2:91:6d:c4:60:14:47:e8:73:ca: 6f:81:51:0b:91:c8:7c:67:f4:87:19:a5:76:61:b1: e6:99:c2:b5:3e:e0:14:eb:7b:61:f0:1b:08:8d:e6: b3:71:26:e7:19:0c:77:5b:38:fb:49:ce:08:63:23: 59:5d:02:e4:f6:5d:c8:57:f5:14:4c:26:75:8f:91: 84:fe:82:82:21:dc:a5:bc:90:6d:f4:dc:63:17:48: 67:f0:62:92:89:4a:25:18:0b:20:dd:93:2d:53:07: d9:4e:37:80:28:67:5e:a1:83:00:cb:96:98:4d:54: 6c:a5:e8:53:e3:52:f9:ae:00:f5:4d:01:8d:6f:c9: 4c:ea:d3:a9:12:95:a3:6c:2e:ea:5a:61:a8:f2:40: fe:d3:6b:c9:8e:ec:7b:8f:7d:b6:e3:f2:47:b1:2b: 1a:14:4a:e0:f4:48:86:c2:aa:fd:ba:53:dc:43:ce: 16:6d:2f:fe:b4:b3:fb:95:21:9f:94:5d:f2:4a:76: fb:dc:75:a9:b5:96:ca:c2:6d:c4:e2:58:a5:b7:e3: 5a:d8:97:d4:e8:96:e6:7c:f8:93:56:fe:53:2c:8f: a2:dd:62:85:a8:c0:58:53:b9:e1:1a:ed:99:03:b2: 10:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:17:4F:46:B0:E6:A8:F3:C8:18:73:F0:27:61:A1:B5:7A:60:43:2C X509v3 Authority Key Identifier: keyid:AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:58:ec:e0:da:31:99:d2:2e:85:d1:49:fd:8f:b8:74:87:61: 4c:4a:8b:9d:92:78:66:e9:0d:0b:ca:db:4f:99:04:8d:db:20: 08:65:7b:5b:23:82:2e:7f:14:20:a9:17:09:93:ab:16:a6:2b: aa:5d:0c:8e:2d:af:7e:58:8e:49:01:da:8b:69:b2:58:f0:25: 95:8f:00:54:fd:20:ba:64:41:2b:9b:a2:ad:a2:c2:3b:9b:57: d2:9e:2b:3a:b0:da:a7:e7:08:d6:56:34:36:0b:c1:06:7c:fb: b3:fc:76:5d:cb:a8:ef:f6:78:3c:e1:01:87:f2:f8:da:a2:12: 7f:d7:8f:86:7d:66:b6:3d:c9:d8:ba:95:f4:6c:1b:42:7e:3a: 4d:1d:d3:07:88:84:4d:2d:14:7c:d7:ed:51:7b:05:5e:26:f6: 31:ce:07:e0:7a:05:30:a0:ce:df:e1:eb:96:78:5b:50:6f:42: df:8d:4e:49:57:b6:11:a4:e2:a9:fb:de:6d:6f:72:dc:e0:ee: 34:49:49:70:57:cd:5d:8e:db:cd:4e:8d:d3:e0:7e:08:19:d8: 84:50:d5:e4:20:05:a5:d8:34:97:f9:48:ad:b6:e8:f9:70:88: f0:1f:10:55:d3:cd:51:f5:fd:bd:79:ba:8c:2d:b7:cb:90:0e: 99:37:e3:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKp+Qd4G7BSIwI7HgtjCeZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiMmI3OTQyNjg5MmVkMWRhN2IyZTYxODY3NzBjZmIwNGFl NjAzY2QwHhcNMjUxMjIzMTAwMTE1WhcNMjUxMjI0MTAwMTE1WjAzMTEwLwYDVQQD EyhjNjE3NGY0NmIwZTZhOGYzYzgxODczZjAyNzYxYTFiNTdhNjA0MzJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+rNOy48S/jQYUdEjp+ykNP7HOKR bcRgFEfoc8pvgVELkch8Z/SHGaV2YbHmmcK1PuAU63th8BsIjeazcSbnGQx3Wzj7 Sc4IYyNZXQLk9l3IV/UUTCZ1j5GE/oKCIdylvJBt9NxjF0hn8GKSiUolGAsg3ZMt UwfZTjeAKGdeoYMAy5aYTVRspehT41L5rgD1TQGNb8lM6tOpEpWjbC7qWmGo8kD+ 02vJjux7j3224/JHsSsaFErg9EiGwqr9ulPcQ84WbS/+tLP7lSGflF3ySnb73HWp tZbKwm3E4lilt+Na2JfU6JbmfPiTVv5TLI+i3WKFqMBYU7nhGu2ZA7IQpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMYXT0aw5qjzyBhz8CdhobV6YEMsMB8GA1UdIwQY MBaAFKsreUJoku0dp7LmGGdwz7BK5gPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAt ZTU0NTM3MDdhNThlLzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAtZTU0NTM3MDdhNThl LzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1js4Nox mdIuhdFJ/Y+4dIdhTEqLnZJ4ZukNC8rbT5kEjdsgCGV7WyOCLn8UIKkXCZOrFqYr ql0Mji2vfliOSQHai2myWPAllY8AVP0gumRBK5uiraLCO5tX0p4rOrDap+cI1lY0 NgvBBnz7s/x2Xcuo7/Z4POEBh/L42qISf9ePhn1mtj3J2LqV9GwbQn46TR3TB4iE TS0UfNftUXsFXib2Mc4H4HoFMKDO3+HrlnhbUG9C341OSVe2EaTiqfvebW9y3ODu NElJcFfNXY7bzU6N0+B+CBnYhFDV5CAFpdg0l/lIrbbo+XCI8B8QVdPNUfX9vXm6 jC23y5AOmTfjrA== -----END CERTIFICATE-----Generated at Tue Dec 23 15:24:12 2025 by rpki-client