This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft File: QIS7AapYrpSxMg_UvkIT-TFOkFY.mft (raw, json) Hash identifier: WnK0LJbS0Iv0OWwiBMe3lxM5zb8s0KpR2z2Ml6zxoxc= Subject key identifier: 0A:88:03:3D:EA:56:C8:D8:56:6C:1E:7F:81:42:07:CB:48:D2:85:16 Authority key identifier: 40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56 Certificate issuer: /CN=4084bb01aa58ae94b1320fd4be4213f9314e9056 Certificate serial: 019AF4654650EF2EBC13F4B2CF6EB3708919 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft Manifest number: 0751 Signing time: Sat 06 Dec 2025 16:01:08 +0000 Manifest this update: Sat 06 Dec 2025 16:01:08 +0000 Manifest next update: Sun 07 Dec 2025 16:01:08 +0000 Files and hashes: 1: QIS7AapYrpSxMg_UvkIT-TFOkFY.crl (hash: K2BNG1Kof93IbT1oW544O/aHn3/sHPli0tL8t20uiag=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:46:50:ef:2e:bc:13:f4:b2:cf:6e:b3:70:89:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4084bb01aa58ae94b1320fd4be4213f9314e9056 Validity Not Before: Dec 6 16:01:08 2025 GMT Not After : Dec 7 16:01:08 2025 GMT Subject: CN=0a88033dea56c8d8566c1e7f814207cb48d28516 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ac:ee:28:b9:4b:e0:29:f0:55:d1:21:d8:2e: 08:37:5a:06:d5:93:5d:28:8b:d8:93:86:9f:03:27: c0:ce:30:4e:09:31:eb:82:af:29:47:1f:19:23:28: 9b:40:91:19:10:5b:ea:88:d7:33:bd:61:43:d6:1f: 96:03:ac:b1:6d:d6:a8:67:90:b3:3b:6e:35:92:39: 9d:80:75:bd:a9:93:b4:51:b5:88:56:53:83:33:6b: be:46:b6:fe:69:0c:b3:e5:32:d8:e2:4e:9c:67:fb: 6d:eb:67:18:fa:b4:d0:c7:24:5e:a7:5e:b0:35:da: f3:f2:c1:fb:2b:b4:7c:72:a5:5b:54:85:e6:4e:84: 55:e3:7a:e6:a8:32:95:f2:67:b5:bd:05:90:4b:45: fc:3e:20:e7:92:25:81:b3:85:98:d3:99:d2:a5:09: a7:3e:23:b6:5e:5e:19:51:10:42:77:b2:8c:53:11: 91:f5:e8:34:7c:7e:2e:ac:65:b8:12:67:59:63:f7: 80:70:7f:56:34:b9:71:73:48:ae:f2:c6:35:77:9f: 31:a6:48:a9:d8:84:6e:6d:ec:d7:35:95:a6:c1:02: f9:a6:49:e8:c6:5e:84:2b:02:25:15:84:c8:11:44: e8:77:2e:c5:71:3f:0c:90:71:7a:e8:bb:af:28:ee: d0:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:88:03:3D:EA:56:C8:D8:56:6C:1E:7F:81:42:07:CB:48:D2:85:16 X509v3 Authority Key Identifier: keyid:40:84:BB:01:AA:58:AE:94:B1:32:0F:D4:BE:42:13:F9:31:4E:90:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIS7AapYrpSxMg_UvkIT-TFOkFY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5f179a-7b86-4c79-9339-d1b648a4fd0e/1/QIS7AapYrpSxMg_UvkIT-TFOkFY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:36:26:43:08:14:08:40:2c:5f:68:71:e9:19:07:ee:7d:a5: 2b:01:af:3f:44:a2:2a:c1:93:e1:8c:d5:72:72:20:7b:07:98: 14:51:1a:ea:a7:6b:7b:5f:b3:f6:5b:2a:fa:50:a3:e4:67:07: aa:30:83:b7:ce:65:05:f2:7a:3c:19:e7:69:88:07:97:05:8f: 41:8e:c4:cb:01:28:11:ef:8d:3a:3f:56:80:ac:ed:b1:c3:db: f5:cd:95:71:01:f4:af:8c:cb:c8:af:b0:e2:b3:62:ee:ef:9d: 89:a6:af:4f:d5:35:4f:eb:d1:90:71:b6:24:80:e4:bc:59:fb: 85:fc:da:35:d2:88:7b:b6:e5:91:b8:79:26:85:d9:3f:c3:8d: 1c:0d:6f:a7:39:99:52:fe:c1:88:33:6a:31:cb:7d:3e:8f:7f: ec:28:4f:e1:f8:09:29:38:98:3c:4a:01:57:30:17:61:d6:84: 4f:91:0d:bc:b2:a3:50:62:f5:6e:5f:cb:2a:98:9a:21:69:d8: 4a:36:13:0b:23:ca:bc:9b:7d:4a:12:48:ce:69:80:3c:57:96: 65:12:39:99:16:f7:52:60:29:50:e8:0d:5a:c3:10:83:86:07: 34:9d:37:b5:97:4b:07:c1:37:04:51:ef:76:b7:70:d7:9c:54: a1:32:b7:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZUZQ7y68E/Syz26zcIkZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwODRiYjAxYWE1OGFlOTRiMTMyMGZkNGJlNDIxM2Y5MzE0 ZTkwNTYwHhcNMjUxMjA2MTYwMTA4WhcNMjUxMjA3MTYwMTA4WjAzMTEwLwYDVQQD EygwYTg4MDMzZGVhNTZjOGQ4NTY2YzFlN2Y4MTQyMDdjYjQ4ZDI4NTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1azuKLlL4CnwVdEh2C4IN1oG1ZNd KIvYk4afAyfAzjBOCTHrgq8pRx8ZIyibQJEZEFvqiNczvWFD1h+WA6yxbdaoZ5Cz O241kjmdgHW9qZO0UbWIVlODM2u+Rrb+aQyz5TLY4k6cZ/tt62cY+rTQxyRep16w Ndrz8sH7K7R8cqVbVIXmToRV43rmqDKV8me1vQWQS0X8PiDnkiWBs4WY05nSpQmn PiO2Xl4ZURBCd7KMUxGR9eg0fH4urGW4EmdZY/eAcH9WNLlxc0iu8sY1d58xpkip 2IRubezXNZWmwQL5pknoxl6EKwIlFYTIEUTody7FcT8MkHF66LuvKO7QdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAqIAz3qVsjYVmwef4FCB8tI0oUWMB8GA1UdIwQY MBaAFECEuwGqWK6UsTIP1L5CE/kxTpBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzkt ZDFiNjQ4YTRmZDBlLzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My81ZjE3OWEtN2I4Ni00Yzc5LTkzMzktZDFiNjQ4YTRmZDBl LzEvUUlTN0FhcFlycFN4TWdfVXZrSVQtVEZPa0ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzYmQwgU CEAsX2hx6RkH7n2lKwGvP0SiKsGT4YzVcnIgeweYFFEa6qdre1+z9lsq+lCj5GcH qjCDt85lBfJ6PBnnaYgHlwWPQY7EywEoEe+NOj9WgKztscPb9c2VcQH0r4zLyK+w 4rNi7u+diaavT9U1T+vRkHG2JIDkvFn7hfzaNdKIe7blkbh5JoXZP8ONHA1vpzmZ Uv7BiDNqMct9Po9/7ChP4fgJKTiYPEoBVzAXYdaET5ENvLKjUGL1bl/LKpiaIWnY SjYTCyPKvJt9ShJIzmmAPFeWZRI5mRb3UmApUOgNWsMQg4YHNJ03tZdLB8E3BFHv drdw15xUoTK37A== -----END CERTIFICATE-----Generated at Sat Dec 6 20:27:36 2025 by rpki-client