This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft File: QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft (raw, json) Hash identifier: wtGRFwof3AbzazOgzrjXgX7qp1i45i3ju5oloTXifiM= Subject key identifier: DB:70:73:76:EF:8E:44:7A:F4:76:3E:61:5F:8B:50:9C:61:74:24:F9 Authority key identifier: 42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84 Certificate issuer: /CN=424c165b6a49349541c65af9b21580163819f284 Certificate serial: 019AF12D8A50E8719D30D7D9C10857F98834 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft Manifest number: 0AFF Signing time: Sat 06 Dec 2025 01:01:24 +0000 Manifest this update: Sat 06 Dec 2025 01:01:24 +0000 Manifest next update: Sun 07 Dec 2025 01:01:24 +0000 Files and hashes: 1: QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl (hash: ySaX96iaK6hTwX0BRHSDUADYBitrFzEAQkrQb8ZcyHQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:8a:50:e8:71:9d:30:d7:d9:c1:08:57:f9:88:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=424c165b6a49349541c65af9b21580163819f284 Validity Not Before: Dec 6 01:01:24 2025 GMT Not After : Dec 7 01:01:24 2025 GMT Subject: CN=db707376ef8e447af4763e615f8b509c617424f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:66:ec:0c:0d:c0:58:8f:41:16:cc:1c:36:37: 85:63:54:8a:c3:09:1f:ef:0a:50:63:76:fe:94:6d: ed:6b:51:29:3b:af:47:e4:d0:46:93:ea:e7:9a:1b: 54:5b:aa:52:06:c8:7b:d1:ce:99:4d:d4:b0:2c:0f: 84:b8:ef:13:b1:b2:df:d5:25:4d:99:b6:44:f3:1c: af:78:77:04:f6:f5:da:bc:2d:5e:3d:e2:00:3c:ed: 45:2b:e4:21:f7:2f:7f:22:70:60:4a:60:13:fe:22: 47:45:fa:20:ff:43:c9:41:6b:18:32:11:00:52:ea: bb:1e:07:48:bc:e5:55:85:91:8e:e4:10:1d:c4:09: 38:ea:56:40:85:5c:eb:d6:15:56:57:c6:df:50:ca: 4d:19:b0:95:57:60:21:39:c3:4d:55:10:df:95:c6: ac:a2:84:fe:0d:da:3e:06:60:26:1e:f8:ef:ac:54: 65:d6:06:f8:b7:8a:57:d4:0a:02:33:c0:15:af:5f: 87:53:96:40:62:16:38:66:98:84:ab:76:9b:1e:7c: e5:7b:b8:65:af:a2:d3:f7:42:10:b6:4f:03:99:36: 03:42:84:4d:ad:3e:f9:d3:ce:e6:a3:80:86:89:5c: 10:2b:71:b7:a4:ea:51:43:c4:af:d8:8d:d5:1e:b9: 88:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:70:73:76:EF:8E:44:7A:F4:76:3E:61:5F:8B:50:9C:61:74:24:F9 X509v3 Authority Key Identifier: keyid:42:4C:16:5B:6A:49:34:95:41:C6:5A:F9:B2:15:80:16:38:19:F2:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/70c498-6b1d-4d92-a4e8-ec3bf4816d36/1/QkwWW2pJNJVBxlr5shWAFjgZ8oQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:37:f6:6c:9f:35:d3:bc:76:ec:7a:82:e3:1c:e3:7e:67:2a: 99:72:64:3c:3f:d7:39:77:78:d3:28:10:22:78:45:b3:7b:db: 0a:b4:97:21:3d:f1:9e:0e:64:e0:7b:c2:fa:5f:e0:90:05:7a: be:b6:28:0b:57:da:30:ed:2a:2a:5b:c2:99:65:29:67:63:f6: 61:c4:44:8e:63:2e:30:2e:1c:69:cd:d7:64:3c:8f:fe:65:8c: 5c:30:27:de:d0:41:35:05:69:13:89:43:09:b6:54:4f:03:77: a7:54:b9:0d:22:c9:db:8d:24:77:63:86:0e:0d:2a:3e:c3:82: 8f:b2:85:96:09:d4:32:8a:47:09:51:69:8b:d4:90:69:29:34: 6f:81:62:27:54:e1:87:1d:d4:6a:6d:12:b1:ca:c5:28:38:bf: c2:ff:af:dd:98:0b:a8:2e:56:55:e0:08:f3:24:6e:12:1f:e9: 5d:fa:b0:87:ab:4d:5e:f8:a0:36:fb:a6:6a:a3:33:d7:ce:45: 46:e3:77:36:80:19:2d:cb:0a:1b:60:cd:9c:e9:31:f7:f8:7a: a5:f7:c5:29:b6:7e:4f:15:6c:70:4d:e4:03:ac:c6:6f:a0:d8: 4f:71:65:94:61:2f:79:05:46:6b:39:91:1a:0f:fd:2f:d2:a4: cc:a2:b1:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLYpQ6HGdMNfZwQhX+Yg0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyNGMxNjViNmE0OTM0OTU0MWM2NWFmOWIyMTU4MDE2Mzgx OWYyODQwHhcNMjUxMjA2MDEwMTI0WhcNMjUxMjA3MDEwMTI0WjAzMTEwLwYDVQQD EyhkYjcwNzM3NmVmOGU0NDdhZjQ3NjNlNjE1ZjhiNTA5YzYxNzQyNGY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGbsDA3AWI9BFswcNjeFY1SKwwkf 7wpQY3b+lG3ta1EpO69H5NBGk+rnmhtUW6pSBsh70c6ZTdSwLA+EuO8TsbLf1SVN mbZE8xyveHcE9vXavC1ePeIAPO1FK+Qh9y9/InBgSmAT/iJHRfog/0PJQWsYMhEA Uuq7HgdIvOVVhZGO5BAdxAk46lZAhVzr1hVWV8bfUMpNGbCVV2AhOcNNVRDflcas ooT+Ddo+BmAmHvjvrFRl1gb4t4pX1AoCM8AVr1+HU5ZAYhY4ZpiEq3abHnzle7hl r6LT90IQtk8DmTYDQoRNrT75087mo4CGiVwQK3G3pOpRQ8Sv2I3VHrmIBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNtwc3bvjkR69HY+YV+LUJxhdCT5MB8GA1UdIwQY MBaAFEJMFltqSTSVQcZa+bIVgBY4GfKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgt ZWMzYmY0ODE2ZDM2LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS83MGM0OTgtNmIxZC00ZDkyLWE0ZTgtZWMzYmY0ODE2ZDM2 LzEvUWt3V1cycEpOSlZCeGxyNXNoV0FGamdaOG9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDf2bJ81 07x27HqC4xzjfmcqmXJkPD/XOXd40ygQInhFs3vbCrSXIT3xng5k4HvC+l/gkAV6 vrYoC1faMO0qKlvCmWUpZ2P2YcREjmMuMC4cac3XZDyP/mWMXDAn3tBBNQVpE4lD CbZUTwN3p1S5DSLJ240kd2OGDg0qPsOCj7KFlgnUMopHCVFpi9SQaSk0b4FiJ1Th hx3Uam0SscrFKDi/wv+v3ZgLqC5WVeAI8yRuEh/pXfqwh6tNXvigNvumaqMz185F RuN3NoAZLcsKG2DNnOkx9/h6pffFKbZ+TxVscE3kA6zGb6DYT3FllGEveQVGazmR Gg/9L9KkzKKxXQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:27:20 2025 by rpki-client