This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.mft File: QIyWuStsaY_TT6x9WB1MCQjczpk.mft (raw, json) Hash identifier: TtbAWqR5zWZU8PZsT4aeQ6lXTrr4JE5/ATJLAOOrqX8= Subject key identifier: F1:57:04:6C:B2:27:F1:94:7C:24:73:8A:43:B7:EE:85:59:B3:60:45 Authority key identifier: 40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99 Certificate issuer: /CN=408c96b92b6c698fd34fac7d581d4c0908dcce99 Certificate serial: 019AF38973C2882A341B55F959DB45C70291 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.mft Manifest number: 1332 Signing time: Sat 06 Dec 2025 12:01:02 +0000 Manifest this update: Sat 06 Dec 2025 12:01:02 +0000 Manifest next update: Sun 07 Dec 2025 12:01:02 +0000 Files and hashes: 1: QIyWuStsaY_TT6x9WB1MCQjczpk.crl (hash: kZ+ToEb6FnwAdDSeKz6Hqll/vXvrbzu14tO9h+BCiLo=) 2: o7v3w6s-TtM4FqHNx2KIzrdDfyg.roa (hash: E/bv9FlRfrfb8DUNG3s4m8ELhpH6SWFAZyVqbfxptQo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.crl rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.mft rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:73:c2:88:2a:34:1b:55:f9:59:db:45:c7:02:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408c96b92b6c698fd34fac7d581d4c0908dcce99 Validity Not Before: Dec 6 12:01:02 2025 GMT Not After : Dec 7 12:01:02 2025 GMT Subject: CN=f157046cb227f1947c24738a43b7ee8559b36045 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:2c:77:86:83:72:75:a2:35:ca:58:fb:3a:f6: bc:ea:d9:98:55:9a:33:e3:14:ea:8b:1d:df:5b:80: e5:54:32:76:1f:d0:fe:c4:83:79:c2:3e:25:1f:e8: 82:1f:fa:8a:8a:68:5c:43:22:64:d1:af:7b:e6:14: 60:c5:ce:e1:38:ca:c4:b3:a5:d3:42:f8:e5:75:5b: 25:e8:e2:82:f4:e2:20:56:b6:eb:b2:2e:b5:75:28: e8:14:51:15:2c:59:6f:39:46:c1:8d:2d:ff:3e:4c: b9:a5:c4:e4:ba:be:f1:98:ce:7a:f7:95:29:57:9e: d0:41:9f:9a:c3:cd:2f:16:5b:bb:9e:f2:42:46:90: 26:14:8f:ec:6e:02:af:c4:2d:fa:d3:3d:61:5d:9b: 86:29:8a:5a:a3:9e:b7:6f:cc:96:10:b5:b1:07:da: e6:40:64:aa:ab:f9:a4:1f:ea:14:5c:ed:9e:79:20: 09:21:1f:ad:b7:d2:a5:ce:21:23:2d:23:1d:d2:d5: ba:4c:c8:10:2c:5d:50:90:51:38:87:0d:f5:fe:00: 66:1b:0f:e0:1c:e4:8e:87:23:71:3f:19:8f:57:77: 81:d3:0f:15:04:ab:7e:e3:f6:7d:35:38:c8:05:a9: af:3f:86:c4:ba:62:65:7a:e9:3a:a7:48:c9:74:65: ec:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:57:04:6C:B2:27:F1:94:7C:24:73:8A:43:B7:EE:85:59:B3:60:45 X509v3 Authority Key Identifier: keyid:40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:9a:2f:20:67:83:96:32:2d:cb:d4:d6:cf:60:d0:52:7e:fd: 40:0d:56:f6:fe:fb:ac:f2:97:48:cc:65:48:b0:97:b2:7a:e8: 40:af:c0:a3:b6:f2:f0:5a:84:f0:1a:ca:da:43:bc:9c:7c:50: a7:ee:10:ee:a9:dc:25:f0:03:5d:81:d7:31:e2:31:a8:20:17: fc:7c:26:7e:c4:ea:d3:8b:62:e4:3a:be:85:ed:d9:0f:e5:49: 8a:12:c2:f0:d5:26:5f:88:f3:47:e9:75:19:20:11:75:5f:a2: 84:bc:65:25:53:c5:1a:29:8d:2d:87:13:f3:b2:a1:12:4f:fe: 78:cd:c7:bd:e0:44:1e:8d:1b:be:ae:ae:4f:9d:37:9a:e6:e9: 72:b0:c7:df:ae:bb:ea:6f:91:21:f6:56:96:74:42:0f:54:b3: f2:f6:ca:c6:56:08:af:6f:47:b8:91:fc:82:8c:fd:86:f0:07: f0:6c:5e:4f:6c:83:45:31:3a:33:19:ae:dd:b3:6d:ca:09:1f: 19:08:29:e3:28:cd:9e:c5:f7:36:1e:cc:fa:b5:38:29:28:dc: c3:7c:72:58:f9:fa:07:02:26:70:a1:e6:fb:63:fd:1f:94:0c: a7:05:09:cb:fe:23:f8:1c:10:08:d5:93:30:b5:38:1a:0d:ed: b6:b5:d4:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziXPCiCo0G1X5WdtFxwKRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwOGM5NmI5MmI2YzY5OGZkMzRmYWM3ZDU4MWQ0YzA5MDhk Y2NlOTkwHhcNMjUxMjA2MTIwMTAyWhcNMjUxMjA3MTIwMTAyWjAzMTEwLwYDVQQD EyhmMTU3MDQ2Y2IyMjdmMTk0N2MyNDczOGE0M2I3ZWU4NTU5YjM2MDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCx3hoNydaI1ylj7Ova86tmYVZoz 4xTqix3fW4DlVDJ2H9D+xIN5wj4lH+iCH/qKimhcQyJk0a975hRgxc7hOMrEs6XT QvjldVsl6OKC9OIgVrbrsi61dSjoFFEVLFlvOUbBjS3/Pky5pcTkur7xmM5695Up V57QQZ+aw80vFlu7nvJCRpAmFI/sbgKvxC360z1hXZuGKYpao563b8yWELWxB9rm QGSqq/mkH+oUXO2eeSAJIR+tt9KlziEjLSMd0tW6TMgQLF1QkFE4hw31/gBmGw/g HOSOhyNxPxmPV3eB0w8VBKt+4/Z9NTjIBamvP4bEumJleuk6p0jJdGXs2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPFXBGyyJ/GUfCRzikO37oVZs2BFMB8GA1UdIwQY MBaAFECMlrkrbGmP00+sfVgdTAkI3M6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yMjlmYTItMzJjYy00YjU5LTkzNzct NTZiYmYwYmVhZjQ3LzEvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy8yMjlmYTItMzJjYy00YjU5LTkzNzctNTZiYmYwYmVhZjQ3 LzEvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKpovIGeD ljIty9TWz2DQUn79QA1W9v77rPKXSMxlSLCXsnroQK/Ao7by8FqE8BrK2kO8nHxQ p+4Q7qncJfADXYHXMeIxqCAX/HwmfsTq04ti5Dq+he3ZD+VJihLC8NUmX4jzR+l1 GSARdV+ihLxlJVPFGimNLYcT87KhEk/+eM3HveBEHo0bvq6uT503mubpcrDH3667 6m+RIfZWlnRCD1Sz8vbKxlYIr29HuJH8goz9hvAH8GxeT2yDRTE6Mxmu3bNtygkf GQgp4yjNnsX3Nh7M+rU4KSjcw3xyWPn6BwImcKHm+2P9H5QMpwUJy/4j+BwQCNWT MLU4Gg3ttrXUSA== -----END CERTIFICATE-----Generated at Sat Dec 6 17:46:32 2025 by rpki-client