This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft File: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft (raw, json) Hash identifier: tJdNImawfzPI7hrYSqb2wXRx+Sd769mGQYWXIVgylj4= Subject key identifier: D0:A7:22:8C:13:73:8F:39:31:F4:67:D5:A2:F3:91:2A:49:8A:A3:BF Authority key identifier: 40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A Certificate issuer: /CN=40aa949d31c66888cb4758f23dd5f312141dec4a Certificate serial: 019AF12D6C49C1B87D3C8B283755E3A97E21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft Manifest number: 0E82 Signing time: Sat 06 Dec 2025 01:01:17 +0000 Manifest this update: Sat 06 Dec 2025 01:01:17 +0000 Manifest next update: Sun 07 Dec 2025 01:01:17 +0000 Files and hashes: 1: Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa (hash: +bhZNarT7FFMkSZsUhSIu2eb8t+79YYtheiLS/N1UY0=) 2: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl (hash: gg133XpzvaMcHX20wkpeXbZ7DrjbUeLVSF9Ig5DAzmk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:6c:49:c1:b8:7d:3c:8b:28:37:55:e3:a9:7e:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40aa949d31c66888cb4758f23dd5f312141dec4a Validity Not Before: Dec 6 01:01:17 2025 GMT Not After : Dec 7 01:01:17 2025 GMT Subject: CN=d0a7228c13738f3931f467d5a2f3912a498aa3bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:3c:df:a7:90:10:b8:1f:71:ea:41:d0:c9:58: f8:a0:87:9c:e1:5d:b4:66:6c:e3:92:53:62:f8:cd: 35:06:d7:9b:b7:b0:11:aa:c8:04:65:6b:f8:a9:12: b3:fd:93:cf:4b:cd:b9:e3:86:d8:18:c9:be:31:db: 52:ab:71:bf:b8:64:89:56:05:9d:ad:3d:21:3e:a6: 1f:90:76:ef:16:56:38:c5:5f:53:ab:cf:61:65:4b: 09:56:e8:47:b6:84:e1:37:7b:9a:8f:96:bf:47:91: 31:f9:e7:06:8a:84:9c:46:af:cd:d8:2d:00:33:67: 43:e1:1c:6f:33:a9:4c:c7:97:b8:5e:4c:e6:35:cf: ec:87:f0:dd:12:d1:b8:0e:02:97:4d:8d:7e:a2:7f: 1d:b5:83:a5:6d:2e:69:bb:97:26:94:29:88:28:21: ab:37:4c:a8:45:7c:f9:ac:7f:4f:18:37:6b:cd:3f: 8d:ae:4b:a8:ce:d8:4e:ce:a0:63:64:f0:f8:8f:25: 92:c3:20:f9:8f:0c:a7:a2:5c:a5:f6:c6:65:39:57: 72:45:b5:49:8b:c6:ce:dd:fb:1b:dd:36:29:db:ec: 60:f1:46:eb:a2:b3:9e:d0:b6:e8:da:a1:a0:66:48: f0:aa:f4:89:ec:2b:01:49:c9:32:ca:0e:ee:c0:3c: d3:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:A7:22:8C:13:73:8F:39:31:F4:67:D5:A2:F3:91:2A:49:8A:A3:BF X509v3 Authority Key Identifier: keyid:40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:15:30:c4:f6:21:55:3e:e6:6f:bf:61:10:76:9f:71:3b:a8: 42:5e:98:5e:05:df:96:a9:90:6a:55:a2:d6:6f:cb:30:86:28: 16:f5:eb:83:c1:c3:49:54:60:0b:6b:73:5a:d8:f9:8d:33:28: f3:cd:59:71:62:20:13:7a:7a:12:e6:07:c1:69:22:dd:10:41: 05:36:48:6d:2f:2b:dc:09:6a:a2:e9:14:cf:fc:f8:e7:cc:0c: a8:ef:5f:c0:67:81:9c:1c:01:21:9c:88:ed:66:bb:05:52:0a: b9:49:11:f3:c0:d6:e9:1a:77:a5:9f:14:64:c9:1a:0a:09:9d: 98:64:43:d1:c0:54:ab:0c:22:bc:b6:cb:dd:84:14:16:dc:ed: b0:ff:e6:98:5c:90:54:20:33:7b:76:de:cd:44:15:1d:6a:e4: 34:b2:bd:9a:f3:c2:e9:d1:b8:d5:1a:0b:83:4b:7f:a6:e8:e4: 31:85:0e:3f:5e:2a:ec:e8:f0:ff:74:cf:7a:d6:00:67:67:a9: b7:5d:c5:17:29:a4:c4:56:65:c8:bd:e1:3f:3b:dc:be:f4:49: 19:76:a4:8f:3b:d3:ff:f3:f6:28:75:2b:9c:b1:73:24:cb:7e: 93:a2:c3:0f:17:d5:2b:02:a7:23:d8:a8:e4:e3:77:99:9d:f8: fd:03:ea:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLWxJwbh9PIsoN1XjqX4hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYWE5NDlkMzFjNjY4ODhjYjQ3NThmMjNkZDVmMzEyMTQx ZGVjNGEwHhcNMjUxMjA2MDEwMTE3WhcNMjUxMjA3MDEwMTE3WjAzMTEwLwYDVQQD EyhkMGE3MjI4YzEzNzM4ZjM5MzFmNDY3ZDVhMmYzOTEyYTQ5OGFhM2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzzfp5AQuB9x6kHQyVj4oIec4V20 ZmzjklNi+M01Btebt7ARqsgEZWv4qRKz/ZPPS82544bYGMm+MdtSq3G/uGSJVgWd rT0hPqYfkHbvFlY4xV9Tq89hZUsJVuhHtoThN3uaj5a/R5Ex+ecGioScRq/N2C0A M2dD4RxvM6lMx5e4XkzmNc/sh/DdEtG4DgKXTY1+on8dtYOlbS5pu5cmlCmIKCGr N0yoRXz5rH9PGDdrzT+NrkuozthOzqBjZPD4jyWSwyD5jwynolyl9sZlOVdyRbVJ i8bO3fsb3TYp2+xg8UbrorOe0Lbo2qGgZkjwqvSJ7CsBSckyyg7uwDzTAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNCnIowTc485MfRn1aLzkSpJiqO/MB8GA1UdIwQY MBaAFECqlJ0xxmiIy0dY8j3V8xIUHexKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgt ZmQxMWJiMWNjODJkLzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgtZmQxMWJiMWNjODJk LzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhRUwxPYh VT7mb79hEHafcTuoQl6YXgXflqmQalWi1m/LMIYoFvXrg8HDSVRgC2tzWtj5jTMo 881ZcWIgE3p6EuYHwWki3RBBBTZIbS8r3AlqoukUz/z458wMqO9fwGeBnBwBIZyI 7Wa7BVIKuUkR88DW6Rp3pZ8UZMkaCgmdmGRD0cBUqwwivLbL3YQUFtztsP/mmFyQ VCAze3bezUQVHWrkNLK9mvPC6dG41RoLg0t/pujkMYUOP14q7Ojw/3TPetYAZ2ep t13FFymkxFZlyL3hPzvcvvRJGXakjzvT//P2KHUrnLFzJMt+k6LDDxfVKwKnI9io 5ON3mZ34/QPqvg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:25:39 2025 by rpki-client