This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft File: QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json) Hash identifier: fE1bJldOpd411+hwr65b0cMcHXh6r726TnvdvpjCX7U= Subject key identifier: 81:FA:74:0A:8B:89:4A:48:A3:85:D2:E7:E6:FE:66:16:3B:3A:88:EA Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47 Certificate issuer: /CN=40471b34c21a5008f6f096e48fe8e35519d6b847 Certificate serial: 019AF31D1942B2D43848231DE8D6215D3BED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft Manifest number: 0F03 Signing time: Sat 06 Dec 2025 10:02:41 +0000 Manifest this update: Sat 06 Dec 2025 10:02:41 +0000 Manifest next update: Sun 07 Dec 2025 10:02:41 +0000 Files and hashes: 1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: KviYVMPpUULWRLMSrDpvCkMs9IFzrqpLhKK6HP6DN3k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:19:42:b2:d4:38:48:23:1d:e8:d6:21:5d:3b:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847 Validity Not Before: Dec 6 10:02:41 2025 GMT Not After : Dec 7 10:02:41 2025 GMT Subject: CN=81fa740a8b894a48a385d2e7e6fe66163b3a88ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a2:e8:f9:02:90:67:2e:f4:a6:1d:65:70:93: 98:e2:18:eb:6d:e8:df:30:2e:35:b5:57:67:8a:03: 1c:74:cc:d5:87:37:84:50:85:62:66:6f:10:5c:7c: 03:0e:aa:60:c1:3f:68:28:c4:56:2a:d3:cf:0d:61: 63:92:68:bd:44:29:dd:6f:c4:b4:24:65:6e:23:d2: 94:f7:ee:9f:3f:41:02:06:7c:f8:27:6d:c8:07:85: 08:82:07:39:8e:6a:d3:13:ad:3f:9f:72:6c:d3:00: 5e:06:9d:a1:63:e5:38:a5:00:96:87:f6:71:63:f5: da:8f:15:64:1c:d1:94:be:5a:2e:b9:1e:4b:84:05: 85:19:55:4a:de:ea:10:d2:96:ac:33:96:34:a3:55: 03:50:08:6c:74:0e:d9:48:79:6e:bc:f5:cf:0a:a5: 74:2d:1f:37:10:37:44:57:fc:b3:00:2c:f0:a3:0d: 41:3a:95:90:aa:18:26:42:43:ed:72:4a:24:86:77: 0b:06:21:11:74:bd:3a:da:cf:42:92:d9:c0:31:f5: 19:96:f0:4c:81:ac:a1:2b:c5:d6:16:48:5f:a7:dc: 4c:60:e5:75:3f:20:62:72:96:e8:8a:43:f3:e4:44: e6:14:e2:7c:ba:c5:3d:58:9b:8a:17:06:49:a2:57: 14:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:FA:74:0A:8B:89:4A:48:A3:85:D2:E7:E6:FE:66:16:3B:3A:88:EA X509v3 Authority Key Identifier: keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:e5:45:62:79:99:79:03:08:69:ca:7a:f9:90:b3:b9:01:84: bd:4b:83:5b:45:66:b3:b7:66:f5:73:c1:87:c6:76:d2:a2:93: 28:77:dd:9d:76:2a:db:9a:27:fe:d0:25:70:f4:12:b5:55:ef: dc:46:af:58:10:d2:ff:9d:60:38:9c:1d:64:54:7d:3f:e7:6a: 59:50:c6:a3:13:d6:48:aa:0d:63:2d:90:3f:5c:bc:49:b4:7b: 21:e5:45:fe:aa:10:23:1d:0c:6a:82:5f:a0:b8:ae:6c:3b:b1: a3:84:89:42:dc:64:88:89:71:00:c6:0c:a5:74:12:11:ff:98: 00:f8:da:ea:f3:72:9d:05:6b:e6:c0:10:9a:0e:b7:2a:92:f4: f3:31:19:32:1c:b7:99:6f:8b:7f:81:3b:42:4f:90:d5:a4:fe: 35:5d:e2:26:46:2c:b3:55:1e:e2:c1:26:e1:7d:d5:fd:51:db: 31:44:1b:94:15:9f:72:4d:ab:1a:75:46:59:2c:ea:1d:8d:f2: 2a:0c:3f:37:37:70:4c:38:69:57:25:59:1d:68:2b:1d:bb:3f: 08:95:66:61:26:15:ec:9b:86:e1:9e:96:a3:4a:9a:71:e9:32: e0:b0:21:21:3d:ae:ea:2f:e0:5a:02:16:3f:c8:3c:83:63:ba: ba:dc:c0:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHRlCstQ4SCMd6NYhXTvtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk NmI4NDcwHhcNMjUxMjA2MTAwMjQxWhcNMjUxMjA3MTAwMjQxWjAzMTEwLwYDVQQD Eyg4MWZhNzQwYThiODk0YTQ4YTM4NWQyZTdlNmZlNjYxNjNiM2E4OGVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6Lo+QKQZy70ph1lcJOY4hjrbejf MC41tVdnigMcdMzVhzeEUIViZm8QXHwDDqpgwT9oKMRWKtPPDWFjkmi9RCndb8S0 JGVuI9KU9+6fP0ECBnz4J23IB4UIggc5jmrTE60/n3Js0wBeBp2hY+U4pQCWh/Zx Y/XajxVkHNGUvlouuR5LhAWFGVVK3uoQ0pasM5Y0o1UDUAhsdA7ZSHluvPXPCqV0 LR83EDdEV/yzACzwow1BOpWQqhgmQkPtckokhncLBiERdL062s9CktnAMfUZlvBM gayhK8XWFkhfp9xMYOV1PyBicpboikPz5ETmFOJ8usU9WJuKFwZJolcUHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIH6dAqLiUpIo4XS5+b+ZhY7OojqMB8GA1UdIwQY MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+VFYnmZ eQMIacp6+ZCzuQGEvUuDW0Vms7dm9XPBh8Z20qKTKHfdnXYq25on/tAlcPQStVXv 3EavWBDS/51gOJwdZFR9P+dqWVDGoxPWSKoNYy2QP1y8SbR7IeVF/qoQIx0MaoJf oLiubDuxo4SJQtxkiIlxAMYMpXQSEf+YAPja6vNynQVr5sAQmg63KpL08zEZMhy3 mW+Lf4E7Qk+Q1aT+NV3iJkYss1Ue4sEm4X3V/VHbMUQblBWfck2rGnVGWSzqHY3y Kgw/NzdwTDhpVyVZHWgrHbs/CJVmYSYV7JuG4Z6Wo0qaceky4LAhIT2u6i/gWgIW P8g8g2O6utzARw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:47:58 2025 by rpki-client