This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft File: QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json) Hash identifier: OEJo/G57YaTyRzG6yhlFTrDZSvHLOyEAduVwVug+2Q0= Subject key identifier: FD:22:D4:30:29:A9:F3:19:AF:EC:A3:C8:A4:71:90:D8:4E:97:75:EB Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50 Certificate issuer: /CN=43314f30f3a453ff49221d954ad8028a304a0150 Certificate serial: 019AF19B6C25B3C87A93427FA29B99723086 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 03:01:26 +0000 Manifest this update: Sat 06 Dec 2025 03:01:26 +0000 Manifest next update: Sun 07 Dec 2025 03:01:26 +0000 Files and hashes: 1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: ST18f8XkTwlw93765qwUCYDHBA5n3NchX5zR8vgR9OA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:6c:25:b3:c8:7a:93:42:7f:a2:9b:99:72:30:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150 Validity Not Before: Dec 6 03:01:26 2025 GMT Not After : Dec 7 03:01:26 2025 GMT Subject: CN=fd22d43029a9f319afeca3c8a47190d84e9775eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:27:f3:0f:39:16:5b:2f:cb:7e:00:01:d9:d2: 34:3f:25:df:17:db:da:ca:d8:95:95:74:a8:39:05: 70:43:61:84:c5:9a:20:36:e2:de:c0:88:09:f6:aa: 6d:0e:75:44:70:a4:5f:cc:7e:0a:66:61:f6:66:3d: b0:98:bf:86:a9:47:f8:91:c2:39:5a:4c:d9:99:74: 06:d8:3a:bf:6d:ed:0e:ce:ad:93:b8:ae:a6:37:4b: 36:8a:cd:95:80:3c:7e:16:59:e5:56:7a:4e:e2:f2: b3:cf:66:0a:62:26:1e:88:fd:60:0e:78:54:eb:cf: 85:98:da:6a:94:28:eb:8d:b4:5f:8c:98:2c:5b:4b: d6:e6:54:9c:19:60:36:4e:42:1a:57:60:f7:8c:3f: 08:e6:88:41:db:5d:10:96:f3:e1:fd:a9:b9:c3:f0: 04:a4:38:a7:d2:9a:7f:37:b7:e5:a4:c2:53:48:a5: d4:e9:ce:47:46:41:f4:9b:23:0b:3b:8c:93:f2:23: 86:b4:91:0a:2e:25:fc:92:61:53:4d:61:80:b1:0c: 30:5a:a3:e3:b6:b4:59:e1:df:65:dd:83:ed:dd:9b: 4d:9a:d0:ad:f0:af:7e:b4:a8:0b:10:c5:96:76:9c: 09:95:29:c2:fc:61:cf:06:c8:a4:ab:de:5d:39:15: a8:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:22:D4:30:29:A9:F3:19:AF:EC:A3:C8:A4:71:90:D8:4E:97:75:EB X509v3 Authority Key Identifier: keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:5b:7c:1f:e9:1d:d8:96:02:a8:04:10:34:1a:88:01:d3:fc: f5:fc:d3:9e:34:49:70:39:de:48:c3:7a:f0:7c:93:07:f6:04: 7a:e6:d8:2b:01:7a:30:8b:11:c8:d3:73:b3:7b:8d:1c:9c:c8: 10:1c:e8:d0:fe:a4:92:bb:1b:35:33:40:90:8c:01:87:8e:47: 87:57:c2:9e:02:f9:67:7b:37:1c:e8:38:43:d6:12:94:c3:d1: 98:6b:8b:99:c5:8e:f9:cd:de:5a:df:94:17:b4:90:f6:a2:73: ae:14:1c:4e:92:fd:a1:c7:d8:ff:33:36:f1:39:ea:9f:cd:c4: 84:45:4b:a5:f5:6a:45:e0:92:6f:ed:67:30:c3:dd:6a:ec:00: 46:d5:c7:85:3b:b0:d8:af:0c:08:e6:6e:81:29:94:74:60:67: 76:dc:4d:10:2c:29:85:e9:4a:d5:a7:62:f8:43:fd:61:d8:0c: af:19:a2:37:0a:56:1f:25:3c:58:dd:c8:ee:61:17:9e:a0:60: c2:4a:6f:d8:05:5e:30:0b:a1:e8:be:f2:1c:d4:f5:69:c0:a6: 5e:6c:e0:a0:46:51:c8:2d:a2:0b:0e:3d:af:93:94:35:2a:cf: 07:73:af:a2:9a:29:fa:f9:93:c7:74:5b:8a:a9:ca:4c:07:25: 60:a8:fa:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm2wls8h6k0J/opuZcjCGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0 YTAxNTAwHhcNMjUxMjA2MDMwMTI2WhcNMjUxMjA3MDMwMTI2WjAzMTEwLwYDVQQD EyhmZDIyZDQzMDI5YTlmMzE5YWZlY2EzYzhhNDcxOTBkODRlOTc3NWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCfzDzkWWy/LfgAB2dI0PyXfF9va ytiVlXSoOQVwQ2GExZogNuLewIgJ9qptDnVEcKRfzH4KZmH2Zj2wmL+GqUf4kcI5 WkzZmXQG2Dq/be0Ozq2TuK6mN0s2is2VgDx+FlnlVnpO4vKzz2YKYiYeiP1gDnhU 68+FmNpqlCjrjbRfjJgsW0vW5lScGWA2TkIaV2D3jD8I5ohB210QlvPh/am5w/AE pDin0pp/N7flpMJTSKXU6c5HRkH0myMLO4yT8iOGtJEKLiX8kmFTTWGAsQwwWqPj trRZ4d9l3YPt3ZtNmtCt8K9+tKgLEMWWdpwJlSnC/GHPBsikq95dORWoqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP0i1DApqfMZr+yjyKRxkNhOl3XrMB8GA1UdIwQY MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf1t8H+kd 2JYCqAQQNBqIAdP89fzTnjRJcDneSMN68HyTB/YEeubYKwF6MIsRyNNzs3uNHJzI EBzo0P6kkrsbNTNAkIwBh45Hh1fCngL5Z3s3HOg4Q9YSlMPRmGuLmcWO+c3eWt+U F7SQ9qJzrhQcTpL9ocfY/zM28Tnqn83EhEVLpfVqReCSb+1nMMPdauwARtXHhTuw 2K8MCOZugSmUdGBndtxNECwphelK1adi+EP9YdgMrxmiNwpWHyU8WN3I7mEXnqBg wkpv2AVeMAuh6L7yHNT1acCmXmzgoEZRyC2iCw49r5OUNSrPB3Ovopop+vmTx3Rb iqnKTAclYKj6Fw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:11:44 2025 by rpki-client