This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft File: QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json) Hash identifier: ok7R8fFSFVa4UZqQW+oaGUzneS7cZse1xhjqtLKKW1Q= Subject key identifier: B5:ED:80:E5:58:39:4C:7B:34:31:A1:97:52:23:C6:91:E7:3B:BF:EA Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99 Certificate issuer: /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99 Certificate serial: 019AF27676788A5C101956768394228B3727 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft Manifest number: 1606 Signing time: Sat 06 Dec 2025 07:00:41 +0000 Manifest this update: Sat 06 Dec 2025 07:00:41 +0000 Manifest next update: Sun 07 Dec 2025 07:00:41 +0000 Files and hashes: 1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: RtSz8rwUgV5fUS41rmqgqrYFXWZ4zmvWefkpk0lFFHQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:76:78:8a:5c:10:19:56:76:83:94:22:8b:37:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99 Validity Not Before: Dec 6 07:00:41 2025 GMT Not After : Dec 7 07:00:41 2025 GMT Subject: CN=b5ed80e558394c7b3431a1975223c691e73bbfea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:db:52:36:34:c2:cb:d3:5f:f4:b6:47:8e:7c: 10:d8:45:3f:69:22:e6:ba:4e:47:37:c6:c9:73:4f: 37:59:cd:4f:2e:0e:01:fe:c7:e4:9c:08:5f:f5:fe: 15:68:36:ae:02:2e:fb:f9:64:7f:d8:3f:2f:5f:ca: 73:c5:f4:89:9d:3c:fa:46:60:f3:03:18:5d:c3:59: d4:4d:d1:7a:9d:a4:89:67:51:d8:a0:a3:4d:b6:12: 54:91:f7:8e:7a:b0:a3:23:55:fc:bf:c0:40:33:9f: 17:16:33:3b:d4:90:39:0c:fc:1b:bf:a2:d3:1e:48: fc:0d:d8:e1:f3:99:46:f1:c1:88:af:91:fe:51:26: 57:c1:17:f9:a7:26:07:92:42:a3:a1:b3:4d:5a:d8: 3f:b0:c1:0a:6a:af:7d:2a:f3:a3:b4:f1:5c:b7:ee: 07:d2:0d:af:13:ee:99:f2:c6:01:f4:3c:97:98:d3: c6:80:b3:55:5b:34:65:fa:9d:59:37:9d:fd:b6:22: 09:93:e9:b4:4a:96:5f:bc:d3:f0:7a:e0:6a:53:bd: 8f:d4:40:7c:59:09:7f:05:51:15:b7:ae:77:80:2b: 07:a9:7e:e3:5c:6f:d0:27:ae:e9:7f:ec:3b:72:95: 30:24:ad:a4:4d:7c:0f:6f:34:86:1c:24:1f:31:17: c8:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:ED:80:E5:58:39:4C:7B:34:31:A1:97:52:23:C6:91:E7:3B:BF:EA X509v3 Authority Key Identifier: keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:1f:10:6f:7d:28:5a:a2:33:e7:a1:33:bf:fb:b8:25:e6:09: 6a:11:8b:96:c2:c4:f5:f1:8b:d8:fc:a8:15:96:a7:8f:2c:9e: 53:31:cb:2e:56:4c:61:3a:3e:9a:31:e1:15:88:d7:0c:86:43: 88:bf:2f:77:d2:41:84:6f:ca:67:eb:12:d8:2b:08:fe:0b:99: df:4d:44:45:83:f9:6b:a7:d2:34:93:f1:10:0a:1d:e1:2d:c7: 17:2e:fc:a6:6b:8a:4c:20:2d:f7:4c:73:bc:c4:73:cb:40:8c: 51:e2:b5:77:d2:e5:bd:77:bc:ea:74:5b:c7:36:17:6e:91:57: 72:12:ea:68:0a:c2:d2:ae:91:07:86:2b:6d:05:c2:dc:03:8e: 2b:3d:48:a5:39:3a:b4:b9:a0:b6:a6:f6:e3:95:b4:09:8c:6c: 85:10:b5:02:9c:52:76:95:10:bb:dc:b2:0d:18:ba:8a:3e:5b: 28:a5:d5:4c:94:44:d1:a9:a3:b0:e4:07:78:3e:37:3f:95:a4: 19:83:5d:16:12:15:11:25:95:ee:1c:a5:5a:25:97:0e:49:d2: a4:d2:1b:61:c0:a6:f9:88:f0:7c:1c:a8:96:e5:fe:c3:21:ad: 89:f3:7d:8e:a2:40:c6:42:19:75:cc:bb:78:f2:b1:1d:65:e2: 4d:2d:71:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydnZ4ilwQGVZ2g5QiizcnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk NGRlOTkwHhcNMjUxMjA2MDcwMDQxWhcNMjUxMjA3MDcwMDQxWjAzMTEwLwYDVQQD EyhiNWVkODBlNTU4Mzk0YzdiMzQzMWExOTc1MjIzYzY5MWU3M2JiZmVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNtSNjTCy9Nf9LZHjnwQ2EU/aSLm uk5HN8bJc083Wc1PLg4B/sfknAhf9f4VaDauAi77+WR/2D8vX8pzxfSJnTz6RmDz Axhdw1nUTdF6naSJZ1HYoKNNthJUkfeOerCjI1X8v8BAM58XFjM71JA5DPwbv6LT Hkj8Ddjh85lG8cGIr5H+USZXwRf5pyYHkkKjobNNWtg/sMEKaq99KvOjtPFct+4H 0g2vE+6Z8sYB9DyXmNPGgLNVWzRl+p1ZN539tiIJk+m0SpZfvNPweuBqU72P1EB8 WQl/BVEVt653gCsHqX7jXG/QJ67pf+w7cpUwJK2kTXwPbzSGHCQfMRfIOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLXtgOVYOUx7NDGhl1IjxpHnO7/qMB8GA1UdIwQY MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfh8Qb30o WqIz56Ezv/u4JeYJahGLlsLE9fGL2PyoFZanjyyeUzHLLlZMYTo+mjHhFYjXDIZD iL8vd9JBhG/KZ+sS2CsI/guZ301ERYP5a6fSNJPxEAod4S3HFy78pmuKTCAt90xz vMRzy0CMUeK1d9LlvXe86nRbxzYXbpFXchLqaArC0q6RB4YrbQXC3AOOKz1IpTk6 tLmgtqb245W0CYxshRC1ApxSdpUQu9yyDRi6ij5bKKXVTJRE0amjsOQHeD43P5Wk GYNdFhIVESWV7hylWiWXDknSpNIbYcCm+YjwfByoluX+wyGtifN9jqJAxkIZdcy7 ePKxHWXiTS1x8g== -----END CERTIFICATE-----Generated at Sat Dec 6 09:59:01 2025 by rpki-client