This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft File: QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft (raw, json) Hash identifier: Hfcw8wPOZVZqxwe9X0neYAjqp141m98y58244dcedI0= Subject key identifier: CC:19:C1:DB:67:33:F2:A2:57:43:64:94:BC:1E:12:0F:85:F2:DE:73 Authority key identifier: 40:36:A6:4F:1A:06:6B:AB:B8:BE:B8:64:E6:95:FA:99:76:92:DD:48 Certificate issuer: /CN=4036a64f1a066babb8beb864e695fa997692dd48 Certificate serial: 019B3C7E2E0758DE0CE312041D22025D04CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft Manifest number: 11E2 Signing time: Sat 20 Dec 2025 16:01:00 +0000 Manifest this update: Sat 20 Dec 2025 16:01:00 +0000 Manifest next update: Sun 21 Dec 2025 16:01:00 +0000 Files and hashes: 1: QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl (hash: TTKK27phF27Oh8Cce6FvMmkmfKEISKyz+5hQ69c6oj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:2e:07:58:de:0c:e3:12:04:1d:22:02:5d:04:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4036a64f1a066babb8beb864e695fa997692dd48 Validity Not Before: Dec 20 16:01:00 2025 GMT Not After : Dec 21 16:01:00 2025 GMT Subject: CN=cc19c1db6733f2a257436494bc1e120f85f2de73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:8c:d0:77:ee:68:89:48:69:7c:2b:88:2b:ab: cf:03:d9:3f:e0:96:67:90:8a:42:41:fd:68:ac:78: 7a:00:4a:9e:35:c6:09:02:bc:b0:2b:9c:84:67:02: 56:05:ae:41:32:3d:60:9a:bc:01:9e:4e:37:51:25: 75:ad:4d:31:7d:24:5a:1e:f9:f9:ca:84:46:ea:4c: 4f:74:d9:36:36:e2:98:cb:57:c4:b5:17:1f:e0:5c: dd:b0:06:3e:bb:e5:e4:a1:0a:1d:fa:c1:a9:73:e7: 46:2f:10:22:86:0d:a6:0a:bf:fc:9c:38:c5:21:76: 8d:67:64:b3:b9:e6:63:cb:bd:41:29:f7:5e:17:31: 6e:09:cd:8f:0e:a6:49:d4:92:7e:36:79:d0:4c:f9: c9:65:0c:9e:4e:23:b0:7e:e7:4a:4e:b3:9e:6a:11: 39:14:67:a2:f5:48:6c:07:70:ff:92:99:b7:df:9c: 74:b9:7c:a7:01:4f:36:d4:81:c3:9a:75:13:c7:c9: 1a:6d:3d:03:a7:d0:a5:fe:75:e7:73:8a:fe:3a:c0: a1:f5:a7:c2:64:e8:8e:e4:04:f7:4d:08:6a:7c:61: bd:27:cb:87:42:39:da:d4:07:90:c7:88:8b:3d:26: 2c:5f:a4:43:8d:b8:69:91:8a:12:97:f1:9c:69:38: 07:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:19:C1:DB:67:33:F2:A2:57:43:64:94:BC:1E:12:0F:85:F2:DE:73 X509v3 Authority Key Identifier: keyid:40:36:A6:4F:1A:06:6B:AB:B8:BE:B8:64:E6:95:FA:99:76:92:DD:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:02:7d:91:92:2f:64:9d:3b:d4:ea:02:8f:09:a0:d1:11:4d: 0a:33:df:ae:fb:8f:25:6f:99:52:fd:67:91:20:2a:b6:07:c3: 50:4c:11:40:b3:d1:f1:f5:d4:81:83:cb:84:2b:d1:53:9c:dd: be:dc:4a:df:2b:9b:7c:a5:66:83:d0:f3:c8:68:f5:54:ff:60: 35:0b:c3:de:9d:59:da:ba:cb:76:df:d0:25:b3:67:f8:ac:b1: c2:55:02:ca:d2:77:64:c0:34:48:a9:01:a6:81:fc:81:64:22: ae:b6:68:cf:5a:f6:6b:5e:d3:2e:2f:75:fb:c4:4d:68:75:b6: 97:5c:e8:e6:16:e3:ee:a1:4a:63:5e:79:bc:95:ad:0c:14:1d: e1:74:a1:2e:f5:41:d5:0c:ad:b3:ec:77:76:b1:9b:3b:c2:3d: 81:c4:a0:00:e7:d7:7e:e2:11:4a:fd:cd:3a:a5:96:56:b7:8d: 3a:39:6d:fa:38:34:00:0b:af:ee:f4:9a:72:4f:11:55:73:da: 9c:ea:4a:bb:cc:65:eb:07:c0:95:4f:f1:7c:3c:f3:8d:48:1d: 68:14:19:4c:2f:94:8f:5d:6c:5d:6b:3f:aa:3d:22:6e:3d:6b: af:ef:e5:6a:3c:d0:f9:7a:59:1b:97:e7:f5:03:85:d6:d6:2e: c6:1d:d2:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fi4HWN4M4xIEHSICXQTPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMzZhNjRmMWEwNjZiYWJiOGJlYjg2NGU2OTVmYTk5NzY5 MmRkNDgwHhcNMjUxMjIwMTYwMTAwWhcNMjUxMjIxMTYwMTAwWjAzMTEwLwYDVQQD EyhjYzE5YzFkYjY3MzNmMmEyNTc0MzY0OTRiYzFlMTIwZjg1ZjJkZTczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YzQd+5oiUhpfCuIK6vPA9k/4JZn kIpCQf1orHh6AEqeNcYJArywK5yEZwJWBa5BMj1gmrwBnk43USV1rU0xfSRaHvn5 yoRG6kxPdNk2NuKYy1fEtRcf4FzdsAY+u+XkoQod+sGpc+dGLxAihg2mCr/8nDjF IXaNZ2SzueZjy71BKfdeFzFuCc2PDqZJ1JJ+NnnQTPnJZQyeTiOwfudKTrOeahE5 FGei9UhsB3D/kpm335x0uXynAU821IHDmnUTx8kabT0Dp9Cl/nXnc4r+OsCh9afC ZOiO5AT3TQhqfGG9J8uHQjna1AeQx4iLPSYsX6RDjbhpkYoSl/GcaTgH4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMwZwdtnM/KiV0NklLweEg+F8t5zMB8GA1UdIwQY MBaAFEA2pk8aBmuruL64ZOaV+pl2kt1IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS81NmQ1MGQtMTdjZi00YmRiLTkyZjYt MjA0NzIxYmQ1ZjkzLzEvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS81NmQ1MGQtMTdjZi00YmRiLTkyZjYtMjA0NzIxYmQ1Zjkz LzEvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQJ9kZIv ZJ071OoCjwmg0RFNCjPfrvuPJW+ZUv1nkSAqtgfDUEwRQLPR8fXUgYPLhCvRU5zd vtxK3yubfKVmg9DzyGj1VP9gNQvD3p1Z2rrLdt/QJbNn+KyxwlUCytJ3ZMA0SKkB poH8gWQirrZoz1r2a17TLi91+8RNaHW2l1zo5hbj7qFKY155vJWtDBQd4XShLvVB 1Qyts+x3drGbO8I9gcSgAOfXfuIRSv3NOqWWVreNOjlt+jg0AAuv7vSack8RVXPa nOpKu8xl6wfAlU/xfDzzjUgdaBQZTC+Uj11sXWs/qj0ibj1rr+/lajzQ+XpZG5fn 9QOF1tYuxh3S9Q== -----END CERTIFICATE-----Generated at Sat Dec 20 20:27:57 2025 by rpki-client