This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft File: qyt5QmiS7R2nsuYYZ3DPsErmA80.mft (raw, json) Hash identifier: kq3DwjPEmISrDxjpi/E68F11qtMw9W2nwahdZx4X8/E= Subject key identifier: C9:39:11:E9:89:67:14:81:93:EC:62:55:AC:E9:68:4E:A4:A2:36:ED Authority key identifier: AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD Certificate issuer: /CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd Certificate serial: 019B563E1CF94C5FB3AD490B45F1A379C576 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft Manifest number: 0A3B Signing time: Thu 25 Dec 2025 16:01:09 +0000 Manifest this update: Thu 25 Dec 2025 16:01:09 +0000 Manifest next update: Fri 26 Dec 2025 16:01:09 +0000 Files and hashes: 1: qyt5QmiS7R2nsuYYZ3DPsErmA80.crl (hash: BMbepuHHNhIbQZSMb7anxn/YCjEPO8WVmgTEmwzSAqg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 16:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:56:3e:1c:f9:4c:5f:b3:ad:49:0b:45:f1:a3:79:c5:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd Validity Not Before: Dec 25 16:01:09 2025 GMT Not After : Dec 26 16:01:09 2025 GMT Subject: CN=c93911e98967148193ec6255ace9684ea4a236ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:7f:7f:cb:20:1e:55:c8:07:67:03:2d:a7:f5: 62:f7:7d:95:6e:76:a5:ce:14:83:31:a2:2a:ef:94: e9:67:22:39:69:3d:4d:98:7e:d3:15:39:ae:01:47: dc:34:6d:7d:5c:e3:a1:a3:78:76:f0:f0:fc:9c:ff: d7:b3:92:75:d2:7f:92:6a:cc:e4:5a:11:ff:a4:06: 4d:1c:f0:b0:57:a7:76:ae:de:e2:ae:89:be:f8:df: 48:97:07:e9:8f:4d:cf:57:ca:c0:34:ea:c8:ae:d0: 69:e6:17:08:07:3e:2b:b1:f1:b0:a8:44:f2:47:81: f5:a3:23:03:36:99:0b:19:a9:14:b2:20:fc:52:e6: 39:ae:17:b3:19:8c:4f:ac:ee:b3:76:f3:05:1b:0a: f4:1b:23:9b:c9:ce:73:09:ec:2c:06:e2:50:99:c4: 3d:59:bf:3b:aa:01:49:18:86:f9:8d:9f:a5:b7:ab: 07:a1:a7:99:a5:0c:3e:d9:8d:57:06:96:4c:bd:bd: 33:40:91:70:71:40:bf:b9:bc:b1:3a:c4:eb:c9:63: 8e:7b:db:4e:2d:3f:53:87:c5:83:f7:fa:60:d6:1e: 30:f7:2f:b5:23:48:56:43:9c:bc:0c:70:0d:83:0e: 4b:ac:62:78:40:6c:65:5a:ff:59:7a:3e:0d:3a:24: 61:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:39:11:E9:89:67:14:81:93:EC:62:55:AC:E9:68:4E:A4:A2:36:ED X509v3 Authority Key Identifier: keyid:AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:cd:6a:4f:81:f6:a1:28:bf:c8:a1:5a:1e:0b:2e:1f:e3:c0: 73:8c:2c:e4:d6:47:89:82:a0:25:f1:2e:89:23:2b:ea:81:ce: ff:58:e0:35:51:88:44:7f:81:7f:36:d7:0f:2b:26:c0:4f:df: 8b:3b:95:52:73:30:2a:6a:73:36:77:bb:9b:52:92:69:ea:00: e0:a3:30:3f:a2:8b:9f:ad:f9:8a:2b:e1:52:93:65:82:2e:14: a2:80:a1:8b:bd:bc:97:c2:7f:7f:5d:0f:16:94:3e:74:d8:9c: de:25:b7:bd:38:97:a0:06:60:e4:c1:75:e4:3f:dc:e8:2a:52: d1:f0:6f:87:37:ba:d7:3a:ea:08:68:5f:d3:9b:00:72:f5:f3: bd:05:87:69:33:85:cb:1b:61:97:e7:f3:2f:ed:b0:d4:d4:10: 0a:e6:aa:92:f5:68:d4:83:a7:f4:9f:6c:3a:5c:0e:73:90:0a: c6:58:77:ff:06:43:69:a8:c2:49:52:30:d9:55:e8:f0:fc:00: 6e:cf:0e:d5:96:75:9c:87:b2:b3:ac:81:78:f2:c7:4e:73:38: 41:59:22:09:d3:6f:d6:c4:ec:7f:06:12:88:78:43:41:d1:44: 90:d8:c8:17:df:20:f0:d0:2d:46:3a:cd:8e:9d:e9:26:1c:3a: 07:f2:d5:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtWPhz5TF+zrUkLRfGjecV2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiMmI3OTQyNjg5MmVkMWRhN2IyZTYxODY3NzBjZmIwNGFl NjAzY2QwHhcNMjUxMjI1MTYwMTA5WhcNMjUxMjI2MTYwMTA5WjAzMTEwLwYDVQQD EyhjOTM5MTFlOTg5NjcxNDgxOTNlYzYyNTVhY2U5Njg0ZWE0YTIzNmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH9/yyAeVcgHZwMtp/Vi932Vbnal zhSDMaIq75TpZyI5aT1NmH7TFTmuAUfcNG19XOOho3h28PD8nP/Xs5J10n+Saszk WhH/pAZNHPCwV6d2rt7irom++N9Ilwfpj03PV8rANOrIrtBp5hcIBz4rsfGwqETy R4H1oyMDNpkLGakUsiD8UuY5rhezGYxPrO6zdvMFGwr0GyObyc5zCewsBuJQmcQ9 Wb87qgFJGIb5jZ+lt6sHoaeZpQw+2Y1XBpZMvb0zQJFwcUC/ubyxOsTryWOOe9tO LT9Th8WD9/pg1h4w9y+1I0hWQ5y8DHANgw5LrGJ4QGxlWv9Zej4NOiRhnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMk5EemJZxSBk+xiVazpaE6kojbtMB8GA1UdIwQY MBaAFKsreUJoku0dp7LmGGdwz7BK5gPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAt ZTU0NTM3MDdhNThlLzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAtZTU0NTM3MDdhNThl LzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWs1qT4H2 oSi/yKFaHgsuH+PAc4ws5NZHiYKgJfEuiSMr6oHO/1jgNVGIRH+BfzbXDysmwE/f izuVUnMwKmpzNne7m1KSaeoA4KMwP6KLn635iivhUpNlgi4UooChi728l8J/f10P FpQ+dNic3iW3vTiXoAZg5MF15D/c6CpS0fBvhze61zrqCGhf05sAcvXzvQWHaTOF yxthl+fzL+2w1NQQCuaqkvVo1IOn9J9sOlwOc5AKxlh3/wZDaajCSVIw2VXo8PwA bs8O1ZZ1nIeys6yBePLHTnM4QVkiCdNv1sTsfwYSiHhDQdFEkNjIF98g8NAtRjrN jp3pJhw6B/LV+w== -----END CERTIFICATE-----Generated at Fri Dec 26 01:27:36 2025 by rpki-client