This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft File: QA-ULrBzNco-f70Y8GwVjbN8_Us.mft (raw, json) Hash identifier: gCN3K95mZhAxBRFPV5GpfyqmCq+uvpwY+7jRmpnuBMc= Subject key identifier: 53:48:E4:9E:82:55:5B:49:13:8D:98:B4:FC:21:0D:09:A4:FE:BF:37 Authority key identifier: 40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B Certificate issuer: /CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b Certificate serial: 019B3E6DE7A0152FAFA55EB502A46494A5F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft Manifest number: 13ED Signing time: Sun 21 Dec 2025 01:02:28 +0000 Manifest this update: Sun 21 Dec 2025 01:02:28 +0000 Manifest next update: Mon 22 Dec 2025 01:02:28 +0000 Files and hashes: 1: CRyZWe4rqJ2qdiNWuAP-OJQeZow.roa (hash: g+uZ3IirtTKelPa51RylP3yoQBkp1cF9hHY0LUNHp8g=) 2: QA-ULrBzNco-f70Y8GwVjbN8_Us.crl (hash: pMPkvYUDYH/b8WLWqZykik3195WUTDegUEU3nd+Hf9k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:e7:a0:15:2f:af:a5:5e:b5:02:a4:64:94:a5:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b Validity Not Before: Dec 21 01:02:28 2025 GMT Not After : Dec 22 01:02:28 2025 GMT Subject: CN=5348e49e82555b49138d98b4fc210d09a4febf37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:57:cc:da:4e:7e:8f:28:7c:80:a6:2f:2d:dc: a0:37:63:fd:f5:d1:8c:6e:1d:4c:d8:7b:18:db:b4: dc:68:7f:8c:df:a5:da:d7:1f:42:3c:d8:c7:9a:68: 99:88:07:03:d4:e1:61:a8:c1:c7:0c:50:57:79:ee: 49:a6:df:17:f9:61:a7:b0:8f:64:38:ac:16:c2:5b: a5:84:74:b4:5e:af:5b:1c:16:26:1f:06:9b:ef:6b: 35:eb:a6:9e:51:cc:c0:50:1f:70:e2:0d:64:62:cf: 89:76:70:7d:5d:89:fe:1a:05:f5:3a:fb:5c:3f:01: c7:5b:91:be:f0:e1:02:0d:67:85:b3:88:8f:2a:6c: 4e:4f:56:de:6e:6f:cf:64:41:21:b4:bc:fd:44:0b: 8a:02:f9:66:27:71:84:b2:50:18:d6:49:56:4b:66: 61:45:f3:d4:37:7d:4a:2d:62:d1:7a:c3:9e:d9:95: 55:7d:8f:de:a4:21:c3:01:97:be:87:6c:0d:03:9b: 0b:99:58:ef:d6:d7:f0:b6:17:92:33:fc:c5:de:03: 2c:c1:57:27:f7:0f:42:69:ae:e9:f1:20:fd:97:48: 12:43:c0:47:64:5f:d2:4f:87:b7:6e:74:58:8e:64: f8:b2:44:23:d1:91:d5:a1:a2:69:af:7e:65:ab:5b: ae:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:48:E4:9E:82:55:5B:49:13:8D:98:B4:FC:21:0D:09:A4:FE:BF:37 X509v3 Authority Key Identifier: keyid:40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:af:ad:47:b4:c4:56:64:93:54:1e:97:5d:0c:4f:df:62:62: 10:7a:da:4d:f8:f2:61:ff:ec:30:f0:e2:d9:8c:ba:1b:ee:3b: 70:59:76:4f:51:c3:fb:c3:00:57:fc:bf:be:34:9e:d7:6e:02: 41:9b:c8:94:b4:91:77:dd:11:cb:0c:3f:0e:37:aa:66:df:b5: b5:11:91:84:9d:d0:ee:da:9a:09:fb:25:c0:df:91:4e:3e:c0: 91:aa:e4:b2:36:d9:3c:f8:14:d6:76:df:4b:f0:85:e8:b0:80: 84:d5:48:43:25:2c:04:11:a7:40:51:e6:9b:b3:ec:2e:b9:2d: 3f:9f:b3:56:01:27:01:c3:f3:28:18:88:39:2b:18:89:6a:3a: 8f:b8:4e:ca:6f:13:f0:04:d3:e3:69:4c:da:1a:44:09:49:f2: 55:0e:51:25:3d:9c:d4:38:ad:ac:78:3f:15:40:6d:db:93:f6: cf:97:6e:1f:7e:6f:6b:2e:57:56:1a:3d:f1:0e:34:e5:6e:72: 92:56:e3:31:ae:5c:2a:7f:40:31:16:bb:45:e1:10:c9:00:a2: 7f:e8:ed:1d:ac:30:af:5e:22:b9:06:a5:c7:17:de:7e:00:73: 93:d8:af:f7:fd:ce:f0:2b:4e:17:4e:90:b8:bb:26:0b:a9:d4: f5:f2:fb:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+beegFS+vpV61AqRklKX3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMGY5NDJlYjA3MzM1Y2EzZTdmYmQxOGYwNmMxNThkYjM3 Y2ZkNGIwHhcNMjUxMjIxMDEwMjI4WhcNMjUxMjIyMDEwMjI4WjAzMTEwLwYDVQQD Eyg1MzQ4ZTQ5ZTgyNTU1YjQ5MTM4ZDk4YjRmYzIxMGQwOWE0ZmViZjM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlfM2k5+jyh8gKYvLdygN2P99dGM bh1M2HsY27TcaH+M36Xa1x9CPNjHmmiZiAcD1OFhqMHHDFBXee5Jpt8X+WGnsI9k OKwWwlulhHS0Xq9bHBYmHwab72s166aeUczAUB9w4g1kYs+JdnB9XYn+GgX1Ovtc PwHHW5G+8OECDWeFs4iPKmxOT1bebm/PZEEhtLz9RAuKAvlmJ3GEslAY1klWS2Zh RfPUN31KLWLResOe2ZVVfY/epCHDAZe+h2wNA5sLmVjv1tfwtheSM/zF3gMswVcn 9w9Caa7p8SD9l0gSQ8BHZF/ST4e3bnRYjmT4skQj0ZHVoaJpr35lq1uuDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFNI5J6CVVtJE42YtPwhDQmk/r83MB8GA1UdIwQY MBaAFEAPlC6wczXKPn+9GPBsFY2zfP1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUt YWNkNzJkMmM2Y2I2LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUtYWNkNzJkMmM2Y2I2 LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnK+tR7TE VmSTVB6XXQxP32JiEHraTfjyYf/sMPDi2Yy6G+47cFl2T1HD+8MAV/y/vjSe124C QZvIlLSRd90Ryww/DjeqZt+1tRGRhJ3Q7tqaCfslwN+RTj7AkarksjbZPPgU1nbf S/CF6LCAhNVIQyUsBBGnQFHmm7PsLrktP5+zVgEnAcPzKBiIOSsYiWo6j7hOym8T 8ATT42lM2hpECUnyVQ5RJT2c1DitrHg/FUBt25P2z5duH35vay5XVho98Q405W5y klbjMa5cKn9AMRa7ReEQyQCif+jtHawwr14iuQalxxfefgBzk9iv9/3O8CtOF06Q uLsmC6nU9fL7tQ== -----END CERTIFICATE-----Generated at Sun Dec 21 06:52:53 2025 by rpki-client