This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft File: QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json) Hash identifier: +9yzvdfUnCRmNjU2U46OHM+pm0ZH7/XfvumjpqWqAHc= Subject key identifier: 25:E4:8E:44:B0:8C:00:79:3C:B9:53:6D:54:CB:DC:A4:30:B4:60:AC Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A Certificate issuer: /CN=4132a86b297787e48c55705931ed39351f84171a Certificate serial: 019B34C649B7044363B845F14BEB25A38625 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft Manifest number: 116A Signing time: Fri 19 Dec 2025 04:02:48 +0000 Manifest this update: Fri 19 Dec 2025 04:02:48 +0000 Manifest next update: Sat 20 Dec 2025 04:02:48 +0000 Files and hashes: 1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: LOnEapPbKq7qjbw2j1tktQFr4Jp6lGwOQcAXGy//xUI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c6:49:b7:04:43:63:b8:45:f1:4b:eb:25:a3:86:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4132a86b297787e48c55705931ed39351f84171a Validity Not Before: Dec 19 04:02:48 2025 GMT Not After : Dec 20 04:02:48 2025 GMT Subject: CN=25e48e44b08c00793cb9536d54cbdca430b460ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:1e:56:eb:73:87:83:19:f1:12:9a:60:91:55: 56:fe:e4:4e:f3:3f:11:b1:0b:62:0e:df:61:47:36: 0f:28:05:cc:31:c1:e0:15:cc:34:5c:a1:30:e7:51: 51:92:e4:45:21:97:27:f1:bc:f9:56:72:c3:4d:50: 4c:8f:07:88:c9:1b:12:79:24:b3:c1:f0:2d:d4:19: 0d:d4:4e:8d:95:d2:28:83:49:2c:8b:14:ec:51:98: c3:4b:16:3e:86:c3:1b:9f:77:c5:77:57:bf:32:8d: 31:f3:17:fb:f0:1d:3d:8b:59:5d:43:30:4e:11:d5: d7:79:37:0e:12:91:1a:4d:f0:21:a5:20:0e:2b:70: 32:0b:81:ec:79:d1:60:f0:dd:a4:03:10:d8:c4:91: da:c6:c9:1a:62:7c:23:40:10:3c:7b:8d:59:bd:ec: d9:f3:52:c8:a4:ab:09:a0:da:1c:38:22:d1:84:e6: fd:9e:ff:c3:43:c4:4b:8f:14:0c:66:3f:0f:ec:9d: b0:35:ce:c3:74:4c:7d:32:b0:6a:73:9e:0a:eb:33: 53:6a:56:4d:b3:75:9f:6a:ff:b8:29:04:6c:8d:04: fc:31:bd:9e:38:c9:80:a8:3d:3c:8f:3e:d2:f1:00: cf:4e:dd:72:b1:18:5c:85:cb:b5:0f:33:e5:f8:8a: c7:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:E4:8E:44:B0:8C:00:79:3C:B9:53:6D:54:CB:DC:A4:30:B4:60:AC X509v3 Authority Key Identifier: keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:94:5c:f5:82:32:8e:d6:ec:31:24:1d:9f:c8:20:7b:bc:b4: 90:af:4b:0b:7f:5f:21:94:fc:ff:71:cd:a7:71:b0:fc:92:4c: bd:67:d2:c1:38:a9:47:e3:b1:41:81:92:33:c7:94:69:4e:2e: da:cc:68:e1:46:29:7b:17:2f:13:25:5a:8d:b7:ca:37:39:b4: 40:7a:8b:26:24:d1:6f:c7:df:f6:4d:5c:93:54:e5:ac:f0:5e: 9c:34:56:eb:a8:8d:d2:89:1c:0e:90:c0:b6:3b:c9:b7:fd:38: 65:02:28:7e:0a:e1:b6:3d:d9:42:c4:13:60:3f:f0:a3:e2:ce: 46:3a:fb:65:69:e1:37:ff:8c:4f:52:99:fe:99:56:3b:01:5b: 86:99:da:ed:ed:42:c2:9c:68:d1:59:55:9f:2e:5f:d3:62:c9: 7a:93:dd:ed:cd:46:16:3a:ed:4f:36:c6:17:0e:a1:2a:87:b7: db:8c:fa:f0:e0:75:dc:7a:ca:07:5e:eb:ec:bc:f7:8e:5c:64: ef:82:1e:12:a9:68:c1:fb:a5:75:b8:c5:88:b3:26:cd:e2:4d: 09:cf:1e:ed:12:3d:9e:73:7d:f1:23:f2:de:fa:1c:cd:5e:c9: 7d:9a:60:b1:87:1a:4a:20:4a:d0:41:58:43:87:37:c4:8d:e8: 42:ec:6d:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xkm3BENjuEXxS+slo4YlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4 NDE3MWEwHhcNMjUxMjE5MDQwMjQ4WhcNMjUxMjIwMDQwMjQ4WjAzMTEwLwYDVQQD EygyNWU0OGU0NGIwOGMwMDc5M2NiOTUzNmQ1NGNiZGNhNDMwYjQ2MGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB5W63OHgxnxEppgkVVW/uRO8z8R sQtiDt9hRzYPKAXMMcHgFcw0XKEw51FRkuRFIZcn8bz5VnLDTVBMjweIyRsSeSSz wfAt1BkN1E6NldIog0ksixTsUZjDSxY+hsMbn3fFd1e/Mo0x8xf78B09i1ldQzBO EdXXeTcOEpEaTfAhpSAOK3AyC4HsedFg8N2kAxDYxJHaxskaYnwjQBA8e41ZvezZ 81LIpKsJoNocOCLRhOb9nv/DQ8RLjxQMZj8P7J2wNc7DdEx9MrBqc54K6zNTalZN s3Wfav+4KQRsjQT8Mb2eOMmAqD08jz7S8QDPTt1ysRhchcu1DzPl+IrHgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCXkjkSwjAB5PLlTbVTL3KQwtGCsMB8GA1UdIwQY MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd5Rc9YIy jtbsMSQdn8gge7y0kK9LC39fIZT8/3HNp3Gw/JJMvWfSwTipR+OxQYGSM8eUaU4u 2sxo4UYpexcvEyVajbfKNzm0QHqLJiTRb8ff9k1ck1TlrPBenDRW66iN0okcDpDA tjvJt/04ZQIofgrhtj3ZQsQTYD/wo+LORjr7ZWnhN/+MT1KZ/plWOwFbhpna7e1C wpxo0VlVny5f02LJepPd7c1GFjrtTzbGFw6hKoe324z68OB13HrKB17r7Lz3jlxk 74IeEqlowfuldbjFiLMmzeJNCc8e7RI9nnN98SPy3voczV7JfZpgsYcaSiBK0EFY Q4c3xI3oQuxt8A== -----END CERTIFICATE-----Generated at Fri Dec 19 05:40:50 2025 by rpki-client