This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3b0e72-043c-4dfb-b636-15a5306c2efd/1/QUZdOIpCMlXUiDLQc2m2vHcD6io.mft File: QUZdOIpCMlXUiDLQc2m2vHcD6io.mft (raw, json) Hash identifier: UynrfLZniXowZF5P9hsD4OBtVsoRM/SLAOIo+JAAVQA= Subject key identifier: 51:CB:F3:1B:DF:82:1E:1B:92:43:B4:56:2E:AC:A3:31:7C:74:42:D9 Authority key identifier: 41:46:5D:38:8A:42:32:55:D4:88:32:D0:73:69:B6:BC:77:03:EA:2A Certificate issuer: /CN=41465d388a423255d48832d07369b6bc7703ea2a Certificate serial: 019AF1647943F4EAB2959440B36221471FA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUZdOIpCMlXUiDLQc2m2vHcD6io.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/3b0e72-043c-4dfb-b636-15a5306c2efd/1/QUZdOIpCMlXUiDLQc2m2vHcD6io.mft Manifest number: 88 Signing time: Sat 06 Dec 2025 02:01:24 +0000 Manifest this update: Sat 06 Dec 2025 02:01:24 +0000 Manifest next update: Sun 07 Dec 2025 02:01:24 +0000 Files and hashes: 1: QUZdOIpCMlXUiDLQc2m2vHcD6io.crl (hash: Xpj39hrv2hUfAuci1//4WtBsw38DBoIAHrOgUQUc4sc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/3b0e72-043c-4dfb-b636-15a5306c2efd/1/QUZdOIpCMlXUiDLQc2m2vHcD6io.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/3b0e72-043c-4dfb-b636-15a5306c2efd/1/QUZdOIpCMlXUiDLQc2m2vHcD6io.mft rsync://rpki.ripe.net/repository/DEFAULT/QUZdOIpCMlXUiDLQc2m2vHcD6io.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:79:43:f4:ea:b2:95:94:40:b3:62:21:47:1f:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41465d388a423255d48832d07369b6bc7703ea2a Validity Not Before: Dec 6 02:01:24 2025 GMT Not After : Dec 7 02:01:24 2025 GMT Subject: CN=51cbf31bdf821e1b9243b4562eaca3317c7442d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:12:fd:61:df:d4:d4:7e:f8:9c:ec:a4:3e:02: 9c:88:10:63:31:56:cd:98:af:d6:c1:70:e8:93:35: 7e:63:ad:15:30:1a:ce:55:80:4f:23:5f:11:f3:21: 97:5a:9b:9e:dc:03:17:5c:17:cf:16:e3:c7:75:ce: fa:cb:a1:7d:8c:96:f4:4d:31:1b:96:e2:83:28:44: 37:25:62:c3:04:b4:b6:70:e9:56:d3:64:e8:23:7e: 39:e5:b9:96:9a:ea:e2:13:32:0d:79:2b:9d:8a:b7: 55:d8:c2:16:dc:5e:16:12:b2:59:f9:79:ce:fd:f2: 79:24:e4:22:9b:1f:d7:5e:5b:5a:c5:ac:68:11:12: 1a:b7:e4:fc:07:0c:d0:35:33:2b:3b:b0:ff:69:e6: 74:de:7b:be:1f:a4:51:75:8f:d9:75:5d:4e:fc:50: 07:7f:42:45:21:ba:11:21:c9:de:5e:0d:31:df:2b: 43:70:4e:d3:77:59:6f:ba:a4:89:56:09:a9:39:8e: fc:72:f6:a9:2c:a4:b7:a4:a3:60:c7:7a:09:31:80: 65:5c:1c:5a:e2:da:fb:d1:f2:23:1a:6c:7f:e0:46: 54:31:c2:50:2a:bf:3e:45:62:0b:4b:2c:5d:db:10: 4d:25:7e:80:5c:4e:af:4f:24:b8:2a:b4:7e:6c:9c: f7:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:CB:F3:1B:DF:82:1E:1B:92:43:B4:56:2E:AC:A3:31:7C:74:42:D9 X509v3 Authority Key Identifier: keyid:41:46:5D:38:8A:42:32:55:D4:88:32:D0:73:69:B6:BC:77:03:EA:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUZdOIpCMlXUiDLQc2m2vHcD6io.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3b0e72-043c-4dfb-b636-15a5306c2efd/1/QUZdOIpCMlXUiDLQc2m2vHcD6io.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3b0e72-043c-4dfb-b636-15a5306c2efd/1/QUZdOIpCMlXUiDLQc2m2vHcD6io.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:35:6d:38:1f:10:7f:e1:a9:6c:34:20:7e:38:7d:34:19:f8: bb:ac:e4:ff:d3:a2:5d:9d:4f:12:64:94:45:c0:e7:5a:39:97: cf:c1:08:7f:42:45:d3:eb:e6:3d:a4:49:cf:36:84:b3:d9:54: 9d:06:92:bd:c4:cb:6f:95:16:60:3e:fa:35:c8:6d:62:76:3e: 7a:fc:8a:e9:a3:d7:93:26:e8:48:c4:a1:d5:32:a9:59:8c:ae: b2:80:51:0c:c7:8f:ef:93:f7:67:0e:1a:bb:32:6e:b2:3e:40: a0:4e:9c:12:e2:49:3b:79:ec:f5:4e:74:63:6f:d1:3b:5c:7e: 9d:e1:66:67:c5:d4:0d:6a:d3:d1:07:fb:60:3c:ae:1c:31:12: d6:ef:60:ef:f0:38:a6:9b:b4:db:27:0a:63:37:e1:fe:af:9b: f6:e8:c7:04:91:aa:86:06:e1:85:ae:a0:20:cb:4c:a0:f8:ca: 58:61:58:f5:82:66:aa:bc:c1:a8:fa:19:71:59:ac:8a:55:73: 2c:0d:5e:29:98:a7:c8:be:b4:45:ac:bc:d1:c0:a7:87:f5:16: cf:7b:f6:39:12:aa:2e:4b:75:bc:ee:86:eb:71:b1:3d:bd:3f: 69:91:9d:c6:ef:69:1f:ae:76:42:bb:a1:84:01:31:32:9e:98: b9:47:7a:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZHlD9OqylZRAs2IhRx+lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxNDY1ZDM4OGE0MjMyNTVkNDg4MzJkMDczNjliNmJjNzcw M2VhMmEwHhcNMjUxMjA2MDIwMTI0WhcNMjUxMjA3MDIwMTI0WjAzMTEwLwYDVQQD Eyg1MWNiZjMxYmRmODIxZTFiOTI0M2I0NTYyZWFjYTMzMTdjNzQ0MmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBL9Yd/U1H74nOykPgKciBBjMVbN mK/WwXDokzV+Y60VMBrOVYBPI18R8yGXWpue3AMXXBfPFuPHdc76y6F9jJb0TTEb luKDKEQ3JWLDBLS2cOlW02ToI3455bmWmuriEzINeSudirdV2MIW3F4WErJZ+XnO /fJ5JOQimx/XXltaxaxoERIat+T8BwzQNTMrO7D/aeZ03nu+H6RRdY/ZdV1O/FAH f0JFIboRIcneXg0x3ytDcE7Td1lvuqSJVgmpOY78cvapLKS3pKNgx3oJMYBlXBxa 4tr70fIjGmx/4EZUMcJQKr8+RWILSyxd2xBNJX6AXE6vTyS4KrR+bJz3qQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFHL8xvfgh4bkkO0Vi6sozF8dELZMB8GA1UdIwQY MBaAFEFGXTiKQjJV1Igy0HNptrx3A+oqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVVaZE9JcENNbFhVaURMUWMybTJ2SGNENmlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zYjBlNzItMDQzYy00ZGZiLWI2MzYt MTVhNTMwNmMyZWZkLzEvUVVaZE9JcENNbFhVaURMUWMybTJ2SGNENmlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8zYjBlNzItMDQzYy00ZGZiLWI2MzYtMTVhNTMwNmMyZWZk LzEvUVVaZE9JcENNbFhVaURMUWMybTJ2SGNENmlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiTVtOB8Q f+GpbDQgfjh9NBn4u6zk/9OiXZ1PEmSURcDnWjmXz8EIf0JF0+vmPaRJzzaEs9lU nQaSvcTLb5UWYD76NchtYnY+evyK6aPXkyboSMSh1TKpWYyusoBRDMeP75P3Zw4a uzJusj5AoE6cEuJJO3ns9U50Y2/RO1x+neFmZ8XUDWrT0Qf7YDyuHDES1u9g7/A4 ppu02ycKYzfh/q+b9ujHBJGqhgbhha6gIMtMoPjKWGFY9YJmqrzBqPoZcVmsilVz LA1eKZinyL60Ray80cCnh/UWz3v2ORKqLkt1vO6G63GxPb0/aZGdxu9pH652Qruh hAExMp6YuUd64A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:43 2025 by rpki-client