This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.mft File: QY34aPfZ6Y1P1B5tpZeig8kUG0Q.mft (raw, json) Hash identifier: FL1T3MH4hXVljfi0tPMrmhN82dFLivtMh7bfG/86lc0= Subject key identifier: C5:81:F6:57:EB:68:62:BC:7A:B0:64:33:D6:F3:C1:80:66:CE:80:11 Authority key identifier: 41:8D:F8:68:F7:D9:E9:8D:4F:D4:1E:6D:A5:97:A2:83:C9:14:1B:44 Certificate issuer: /CN=418df868f7d9e98d4fd41e6da597a283c9141b44 Certificate serial: 019AF57857909C591BDE6295950F9BC5A2A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.mft Manifest number: 1767 Signing time: Sat 06 Dec 2025 21:01:35 +0000 Manifest this update: Sat 06 Dec 2025 21:01:35 +0000 Manifest next update: Sun 07 Dec 2025 21:01:35 +0000 Files and hashes: 1: NrBghBDxVUP3b8K-s4QfPajtoEw.roa (hash: PXmrD91Lu77kd9R7RmMEPIR9q62nZX3KSQVZITYjO7o=) 2: QY34aPfZ6Y1P1B5tpZeig8kUG0Q.crl (hash: Jn0kzl75cTV6sM2+PEuwxweZzYKA7YS7qGwnQm0HFWQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.crl rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.mft rsync://rpki.ripe.net/repository/DEFAULT/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:57:90:9c:59:1b:de:62:95:95:0f:9b:c5:a2:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=418df868f7d9e98d4fd41e6da597a283c9141b44 Validity Not Before: Dec 6 21:01:35 2025 GMT Not After : Dec 7 21:01:35 2025 GMT Subject: CN=c581f657eb6862bc7ab06433d6f3c18066ce8011 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:40:a7:58:e8:af:45:9d:e0:b1:eb:2f:06:82: c9:c3:8e:7a:4d:dd:36:b7:38:1d:00:15:81:32:bb: 69:3c:06:86:84:00:ae:28:ae:b9:72:64:8a:28:b1: a1:09:10:14:ca:e4:58:96:4c:57:84:0b:31:f2:d8: 5e:61:09:14:36:b1:43:3a:d0:9e:66:4d:a0:d2:21: 7f:0c:89:b2:82:92:96:ed:77:93:1c:92:7f:95:d6: fa:f0:03:6b:01:a6:eb:5f:c0:07:fa:05:f3:76:3d: 20:f2:a0:d9:5c:d3:7c:c0:c3:6f:4c:fa:a6:aa:f3: 86:18:e4:61:d7:35:92:01:8f:af:d2:4b:07:66:e6: da:f4:f1:24:83:3d:ae:37:5a:8a:29:06:e8:b8:e2: 07:79:1f:63:5b:4d:89:40:7b:c9:46:c2:21:e4:83: 9d:bf:86:da:71:4d:4e:d0:5c:27:70:5f:dd:6a:02: 88:ac:52:8b:6a:7f:4b:65:40:d4:30:fa:bf:3b:a9: 91:bf:bb:9e:ee:64:ad:73:a6:2a:0f:93:af:04:0d: af:5b:7f:47:41:6c:4b:0c:e5:bb:05:c2:ee:d7:fa: b9:a9:bf:86:8c:e8:8f:f7:ea:97:f0:08:f8:34:50: a0:cd:39:20:59:ba:36:b9:49:2f:c4:d4:5b:6c:c8: f2:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:81:F6:57:EB:68:62:BC:7A:B0:64:33:D6:F3:C1:80:66:CE:80:11 X509v3 Authority Key Identifier: keyid:41:8D:F8:68:F7:D9:E9:8D:4F:D4:1E:6D:A5:97:A2:83:C9:14:1B:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c6f86d-f795-419f-ad31-ee9c3452cbaf/1/QY34aPfZ6Y1P1B5tpZeig8kUG0Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:33:a5:f2:fd:59:54:6a:80:93:5d:f2:63:c0:ca:10:c0:2e: f2:35:c4:29:d7:52:45:d6:44:60:41:84:b0:73:f3:cb:5f:83: 00:67:0d:5a:54:e0:0d:09:75:fc:00:48:b7:47:c7:9b:c6:20: 68:b3:b3:af:af:91:c4:24:d3:05:ca:47:74:1c:50:1a:02:49: 89:43:6d:36:1e:a2:a6:df:a2:ec:e5:08:8b:8c:93:4b:32:95: 93:63:c8:58:2a:81:3d:8b:bb:01:86:36:cc:55:c2:59:3c:04: 90:ed:cb:72:a1:3a:71:ca:bc:23:7a:13:82:9f:eb:db:8f:ba: 6c:e1:3b:70:09:0c:fe:31:2d:de:72:1c:99:4e:8e:63:69:f0: 9b:ea:9b:93:64:7a:2b:66:fa:6a:66:5b:e2:7a:b5:31:c6:13: 0b:9f:00:b7:49:9d:10:f2:22:9f:38:51:c5:4d:d2:25:66:62: 6d:9d:49:c6:ca:ff:fc:75:64:19:67:5f:94:ad:66:83:41:68: b2:1c:85:b7:1a:29:09:8e:93:90:fc:8d:d9:1c:0c:35:79:7a: 29:d5:ab:ef:bb:4f:98:2b:5b:da:14:66:55:03:17:38:3b:31: a5:0e:03:3e:ba:4e:08:27:a7:86:f1:18:fa:49:8d:e4:8c:26: 5f:fe:73:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eFeQnFkb3mKVlQ+bxaKmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxOGRmODY4ZjdkOWU5OGQ0ZmQ0MWU2ZGE1OTdhMjgzYzkx NDFiNDQwHhcNMjUxMjA2MjEwMTM1WhcNMjUxMjA3MjEwMTM1WjAzMTEwLwYDVQQD EyhjNTgxZjY1N2ViNjg2MmJjN2FiMDY0MzNkNmYzYzE4MDY2Y2U4MDExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkCnWOivRZ3gsesvBoLJw456Td02 tzgdABWBMrtpPAaGhACuKK65cmSKKLGhCRAUyuRYlkxXhAsx8theYQkUNrFDOtCe Zk2g0iF/DImygpKW7XeTHJJ/ldb68ANrAabrX8AH+gXzdj0g8qDZXNN8wMNvTPqm qvOGGORh1zWSAY+v0ksHZuba9PEkgz2uN1qKKQbouOIHeR9jW02JQHvJRsIh5IOd v4bacU1O0FwncF/dagKIrFKLan9LZUDUMPq/O6mRv7ue7mStc6YqD5OvBA2vW39H QWxLDOW7BcLu1/q5qb+GjOiP9+qX8Aj4NFCgzTkgWbo2uUkvxNRbbMjyMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMWB9lfraGK8erBkM9bzwYBmzoARMB8GA1UdIwQY MBaAFEGN+Gj32emNT9QebaWXooPJFBtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVkzNGFQZlo2WTFQMUI1dHBaZWlnOGtVRzBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jNmY4NmQtZjc5NS00MTlmLWFkMzEt ZWU5YzM0NTJjYmFmLzEvUVkzNGFQZlo2WTFQMUI1dHBaZWlnOGtVRzBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9jNmY4NmQtZjc5NS00MTlmLWFkMzEtZWU5YzM0NTJjYmFm LzEvUVkzNGFQZlo2WTFQMUI1dHBaZWlnOGtVRzBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXDOl8v1Z VGqAk13yY8DKEMAu8jXEKddSRdZEYEGEsHPzy1+DAGcNWlTgDQl1/ABIt0fHm8Yg aLOzr6+RxCTTBcpHdBxQGgJJiUNtNh6ipt+i7OUIi4yTSzKVk2PIWCqBPYu7AYY2 zFXCWTwEkO3LcqE6ccq8I3oTgp/r24+6bOE7cAkM/jEt3nIcmU6OY2nwm+qbk2R6 K2b6amZb4nq1McYTC58At0mdEPIinzhRxU3SJWZibZ1Jxsr//HVkGWdflK1mg0Fo shyFtxopCY6TkPyN2RwMNXl6KdWr77tPmCtb2hRmVQMXODsxpQ4DPrpOCCenhvEY +kmN5IwmX/5zEQ== -----END CERTIFICATE-----Generated at Sat Dec 6 23:53:10 2025 by rpki-client