This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft File: QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft (raw, json) Hash identifier: T664nmYTpkqqPjUM0dYlLzR7xKAQJ6i6gQcXOAJ62rg= Subject key identifier: 33:75:DD:C9:12:08:32:6B:DA:93:65:76:C9:CE:25:B2:8F:FE:22:70 Authority key identifier: 40:36:A6:4F:1A:06:6B:AB:B8:BE:B8:64:E6:95:FA:99:76:92:DD:48 Certificate issuer: /CN=4036a64f1a066babb8beb864e695fa997692dd48 Certificate serial: 019AF50B34290284E174A8A32BFEA7F7C319 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft Manifest number: 11BD Signing time: Sat 06 Dec 2025 19:02:23 +0000 Manifest this update: Sat 06 Dec 2025 19:02:23 +0000 Manifest next update: Sun 07 Dec 2025 19:02:23 +0000 Files and hashes: 1: QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl (hash: JZbRtaP9IiwR/EgDqcDLEuEsof2EG1foi8AWJ8Dew2s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:34:29:02:84:e1:74:a8:a3:2b:fe:a7:f7:c3:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4036a64f1a066babb8beb864e695fa997692dd48 Validity Not Before: Dec 6 19:02:23 2025 GMT Not After : Dec 7 19:02:23 2025 GMT Subject: CN=3375ddc91208326bda936576c9ce25b28ffe2270 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:98:b0:e4:cd:ef:0e:87:92:18:f3:de:b1:98: 73:5f:77:ab:be:45:3e:76:bf:17:49:91:30:a9:89: ee:b3:1d:6e:4c:16:bf:02:15:30:5a:39:74:99:2d: ea:34:96:9a:ab:d1:a4:0e:dc:dd:fb:27:67:66:5f: df:70:5b:e2:19:35:08:94:f8:b7:cd:04:af:e9:91: 59:8d:b3:f2:99:13:af:3a:04:e5:c5:85:ff:f7:f8: 24:90:4e:7b:e4:51:1d:bd:b2:a2:6f:eb:23:53:47: 2d:2f:39:b3:f5:4f:9e:e1:0d:67:eb:0c:51:e6:eb: 4f:a2:4f:99:40:b0:f5:d9:3b:2f:e2:67:63:8d:69: 8d:4d:7f:cf:79:56:a8:cf:44:aa:f3:54:ad:8d:05: b2:35:7a:a4:34:1c:56:98:b2:38:b6:3c:2b:11:e1: 90:32:a8:bd:c6:4a:9b:19:1e:e6:1d:54:61:7a:fd: 84:d2:da:a9:25:99:3f:14:55:ec:68:7c:20:26:50: eb:58:28:97:12:92:66:f0:e1:29:75:2b:0c:c7:2e: 6a:09:d1:57:82:59:63:e6:15:d4:1a:bf:14:59:24: b6:46:f1:a4:0e:8c:3d:4f:de:5c:7c:c3:61:9b:95: ae:4c:ee:ba:8b:2e:a6:6c:3e:32:16:13:fa:a7:2a: b3:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:75:DD:C9:12:08:32:6B:DA:93:65:76:C9:CE:25:B2:8F:FE:22:70 X509v3 Authority Key Identifier: keyid:40:36:A6:4F:1A:06:6B:AB:B8:BE:B8:64:E6:95:FA:99:76:92:DD:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDamTxoGa6u4vrhk5pX6mXaS3Ug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/56d50d-17cf-4bdb-92f6-204721bd5f93/1/QDamTxoGa6u4vrhk5pX6mXaS3Ug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:70:ba:06:19:7b:0b:17:8d:54:f2:93:e0:aa:45:20:eb:7b: 6a:16:37:79:39:24:d7:6e:4c:cb:87:40:ed:fe:b4:e3:e8:7a: 2e:a7:fa:c8:5b:fe:1c:e9:7a:d4:b1:bf:bd:75:11:1b:fb:6e: 51:4c:74:78:8c:97:f9:10:83:4f:ae:a7:0f:d9:34:8f:9d:a1: d1:f3:f1:5b:f4:28:40:4b:b7:44:f9:1a:98:1c:fd:30:07:39: 45:91:e6:83:05:d5:f8:bd:b9:7c:3e:f9:25:ce:17:f9:47:aa: 78:dd:6f:0c:8a:69:24:f9:fd:f9:79:26:cc:28:ba:7b:4b:a0: 95:6b:91:1e:b3:44:6c:fd:cd:9d:63:79:da:7e:b9:68:5a:eb: 17:fc:41:d7:6d:64:42:f9:c0:4f:24:b9:ba:a5:78:79:a7:5e: 54:20:4b:71:9c:f4:2b:d2:cc:4a:1f:56:aa:f3:37:d4:a8:43: cb:80:24:e5:2b:64:26:ee:34:55:a8:eb:d1:aa:c7:1b:6a:8a: 9e:0c:bd:f1:e2:da:c4:ad:6b:de:ea:1b:90:21:34:c4:ab:7d: d9:79:c6:13:00:27:5d:74:0d:76:b9:b2:c6:60:94:a5:ee:eb: fa:90:54:d7:30:86:4d:0d:41:2c:a8:4a:de:f8:1b:8b:f6:f0: d3:17:8f:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CzQpAoThdKijK/6n98MZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMzZhNjRmMWEwNjZiYWJiOGJlYjg2NGU2OTVmYTk5NzY5 MmRkNDgwHhcNMjUxMjA2MTkwMjIzWhcNMjUxMjA3MTkwMjIzWjAzMTEwLwYDVQQD EygzMzc1ZGRjOTEyMDgzMjZiZGE5MzY1NzZjOWNlMjViMjhmZmUyMjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Jiw5M3vDoeSGPPesZhzX3ervkU+ dr8XSZEwqYnusx1uTBa/AhUwWjl0mS3qNJaaq9GkDtzd+ydnZl/fcFviGTUIlPi3 zQSv6ZFZjbPymROvOgTlxYX/9/gkkE575FEdvbKib+sjU0ctLzmz9U+e4Q1n6wxR 5utPok+ZQLD12Tsv4mdjjWmNTX/PeVaoz0Sq81StjQWyNXqkNBxWmLI4tjwrEeGQ Mqi9xkqbGR7mHVRhev2E0tqpJZk/FFXsaHwgJlDrWCiXEpJm8OEpdSsMxy5qCdFX gllj5hXUGr8UWSS2RvGkDow9T95cfMNhm5WuTO66iy6mbD4yFhP6pyqzQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDN13ckSCDJr2pNldsnOJbKP/iJwMB8GA1UdIwQY MBaAFEA2pk8aBmuruL64ZOaV+pl2kt1IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS81NmQ1MGQtMTdjZi00YmRiLTkyZjYt MjA0NzIxYmQ1ZjkzLzEvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS81NmQ1MGQtMTdjZi00YmRiLTkyZjYtMjA0NzIxYmQ1Zjkz LzEvUURhbVR4b0dhNnU0dnJoazVwWDZtWGFTM1VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARnC6Bhl7 CxeNVPKT4KpFIOt7ahY3eTkk125My4dA7f604+h6Lqf6yFv+HOl61LG/vXURG/tu UUx0eIyX+RCDT66nD9k0j52h0fPxW/QoQEu3RPkamBz9MAc5RZHmgwXV+L25fD75 Jc4X+UeqeN1vDIppJPn9+XkmzCi6e0uglWuRHrNEbP3NnWN52n65aFrrF/xB121k QvnATyS5uqV4eadeVCBLcZz0K9LMSh9WqvM31KhDy4Ak5StkJu40Vajr0arHG2qK ngy98eLaxK1r3uobkCE0xKt92XnGEwAnXXQNdrmyxmCUpe7r+pBU1zCGTQ1BLKhK 3vgbi/bw0xePeg== -----END CERTIFICATE-----Generated at Sun Dec 7 00:55:29 2025 by rpki-client