This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft File: QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json) Hash identifier: v/AiEmOJxNs8CbMBHMNehB8dP7AIOZuueHylYvSUrMg= Subject key identifier: 34:A3:68:50:B5:2E:D1:E7:15:F9:31:7F:3C:E7:0A:FB:C4:A4:C3:14 Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A Certificate issuer: /CN=4132a86b297787e48c55705931ed39351f84171a Certificate serial: 019AF12E66461A78116E2B61D9CE60835E01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft Manifest number: 1147 Signing time: Sat 06 Dec 2025 01:02:21 +0000 Manifest this update: Sat 06 Dec 2025 01:02:21 +0000 Manifest next update: Sun 07 Dec 2025 01:02:21 +0000 Files and hashes: 1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: tUbfXYkqHbyerUDRNZbKY47jzWa3w0FeY8Nqje4w1yY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:66:46:1a:78:11:6e:2b:61:d9:ce:60:83:5e:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4132a86b297787e48c55705931ed39351f84171a Validity Not Before: Dec 6 01:02:21 2025 GMT Not After : Dec 7 01:02:21 2025 GMT Subject: CN=34a36850b52ed1e715f9317f3ce70afbc4a4c314 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:40:e4:34:f1:d1:8f:2b:6e:1f:75:6f:1b:fd: 3e:78:a0:15:50:df:e0:97:f1:a0:b7:7a:ea:6f:a0: 13:f9:dc:ce:f2:ac:6d:0a:1f:56:c1:b2:e5:df:21: 5f:9d:06:9e:e0:c2:ae:b9:b0:e5:a5:cb:36:21:0f: 7f:ae:c0:d0:98:19:f6:59:d3:c3:e1:08:67:94:dc: 85:dc:f5:14:c9:05:a6:56:19:06:b9:f9:ad:44:bc: 7b:74:ec:18:73:0e:7d:eb:6a:cf:2d:d5:30:c2:26: 4f:63:cf:7a:a5:5f:aa:3a:73:fd:30:21:32:0b:02: 00:38:3f:91:d1:92:f7:b3:99:c0:0b:65:27:df:8e: 19:44:05:15:32:e8:9a:b5:30:ad:fb:c2:2b:07:0a: dd:79:7c:01:bd:0c:e3:83:fb:7d:a5:23:bc:12:f3: 23:29:e9:85:20:d7:37:db:db:e0:43:ed:32:91:7b: bb:ed:c3:47:ee:98:dc:90:d7:3e:08:ca:de:f4:0c: 1c:d9:75:83:cb:c9:1d:c1:93:37:a9:e8:69:d4:7a: c4:81:c5:92:fa:9f:25:aa:f9:e8:f1:86:9b:b4:24: 0b:e4:a7:99:3b:d5:8a:87:71:83:0f:3f:a8:32:39: 54:b7:55:b8:3a:cb:ed:40:05:dc:c2:6e:13:37:e1: 0b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:A3:68:50:B5:2E:D1:E7:15:F9:31:7F:3C:E7:0A:FB:C4:A4:C3:14 X509v3 Authority Key Identifier: keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:87:ff:4e:31:ec:95:9c:75:5e:f2:9a:db:25:56:bb:c7:4e: f7:ea:6f:58:43:c3:e4:e8:9c:3d:3a:b7:b8:9f:d2:2f:62:04: bd:6e:34:70:e4:bc:0a:5e:8d:86:09:87:07:c8:f7:6b:02:47: 2e:3e:ff:60:b7:e0:8d:22:e2:bb:d0:9d:7f:10:ec:e2:b4:fb: 03:82:40:44:4c:f5:d6:2b:7a:d7:2a:a4:23:b4:d4:89:ff:a6: db:15:72:5d:6b:2d:31:f9:e3:49:0e:d5:34:8c:ec:09:9a:67: c8:0e:74:5f:89:e9:fc:bf:de:91:06:47:10:f4:91:f0:4b:ec: 01:01:3d:7c:5a:1b:5a:33:f4:95:69:af:da:f2:09:f2:39:5b: 32:f8:a0:3f:4d:8f:06:2b:76:c0:2c:77:54:a4:d4:d3:76:e4: f3:31:9e:e1:02:ff:a2:02:2a:eb:ed:a4:31:52:d4:7d:71:8d: 09:f7:e7:c6:9c:c2:a2:b8:85:fb:62:62:c2:5f:6a:c8:1c:15: 07:ab:81:62:e4:60:94:c8:06:9f:d4:ca:41:7c:ac:c9:a6:b8: e4:f3:69:ec:78:65:7f:83:03:11:60:45:1d:59:80:9d:21:2b: 90:26:62:c7:a2:07:cb:ed:d5:de:6f:a7:6f:df:38:87:c2:75: c0:7d:eb:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLmZGGngRbith2c5gg14BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4 NDE3MWEwHhcNMjUxMjA2MDEwMjIxWhcNMjUxMjA3MDEwMjIxWjAzMTEwLwYDVQQD EygzNGEzNjg1MGI1MmVkMWU3MTVmOTMxN2YzY2U3MGFmYmM0YTRjMzE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkDkNPHRjytuH3VvG/0+eKAVUN/g l/Ggt3rqb6AT+dzO8qxtCh9WwbLl3yFfnQae4MKuubDlpcs2IQ9/rsDQmBn2WdPD 4QhnlNyF3PUUyQWmVhkGufmtRLx7dOwYcw5962rPLdUwwiZPY896pV+qOnP9MCEy CwIAOD+R0ZL3s5nAC2Un344ZRAUVMuiatTCt+8IrBwrdeXwBvQzjg/t9pSO8EvMj KemFINc329vgQ+0ykXu77cNH7pjckNc+CMre9Awc2XWDy8kdwZM3qehp1HrEgcWS +p8lqvno8YabtCQL5KeZO9WKh3GDDz+oMjlUt1W4OsvtQAXcwm4TN+ELhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDSjaFC1LtHnFfkxfzznCvvEpMMUMB8GA1UdIwQY MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATYf/TjHs lZx1XvKa2yVWu8dO9+pvWEPD5OicPTq3uJ/SL2IEvW40cOS8Cl6NhgmHB8j3awJH Lj7/YLfgjSLiu9CdfxDs4rT7A4JAREz11it61yqkI7TUif+m2xVyXWstMfnjSQ7V NIzsCZpnyA50X4np/L/ekQZHEPSR8EvsAQE9fFobWjP0lWmv2vIJ8jlbMvigP02P Bit2wCx3VKTU03bk8zGe4QL/ogIq6+2kMVLUfXGNCffnxpzCoriF+2Jiwl9qyBwV B6uBYuRglMgGn9TKQXysyaa45PNp7Hhlf4MDEWBFHVmAnSErkCZix6IHy+3V3m+n b984h8J1wH3rWg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:16 2025 by rpki-client