This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft File: QpoEfERhf8-ynNVy962HR9C5Mms.mft (raw, json) Hash identifier: qorTPKti5MhOjxtHNwsWZX/jcMMzILurYfXaIkf4nDY= Subject key identifier: 87:DB:BA:CD:E6:01:BB:66:98:BE:6E:02:95:CE:DE:03:25:8B:89:96 Authority key identifier: 42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B Certificate issuer: /CN=429a047c44617fcfb29cd572f7ad8747d0b9326b Certificate serial: 019AF12CBF0B68555A3F18CA8C6C7AA41200 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft Manifest number: 0BD6 Signing time: Sat 06 Dec 2025 01:00:32 +0000 Manifest this update: Sat 06 Dec 2025 01:00:32 +0000 Manifest next update: Sun 07 Dec 2025 01:00:32 +0000 Files and hashes: 1: QpoEfERhf8-ynNVy962HR9C5Mms.crl (hash: GQs7NjB8LtLYJHaTO622cjPwQqyoWeKQzqE+n2h3k6U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:bf:0b:68:55:5a:3f:18:ca:8c:6c:7a:a4:12:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=429a047c44617fcfb29cd572f7ad8747d0b9326b Validity Not Before: Dec 6 01:00:32 2025 GMT Not After : Dec 7 01:00:32 2025 GMT Subject: CN=87dbbacde601bb6698be6e0295cede03258b8996 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:9a:2b:f8:ad:71:26:7c:dc:35:2c:76:65:de: 27:85:38:83:92:75:00:39:e7:f4:33:d5:36:70:96: b9:44:d9:36:1c:e3:43:e2:3a:e0:0c:cb:06:60:de: dd:6f:a9:2c:ee:e7:1f:fb:ae:7f:50:56:6e:90:8f: 21:26:e4:1a:79:e2:62:b1:3d:d2:d7:34:92:a2:52: 5c:5b:7f:98:1e:e0:7f:35:5b:6c:1f:66:0d:cd:f3: f5:e8:2b:41:64:c4:9b:25:ce:c8:4c:9a:f2:75:6a: 36:bc:67:bf:6d:82:8a:73:33:e6:4e:84:a9:57:78: c0:35:50:3c:30:1f:25:ae:1d:b9:a9:d0:50:32:88: c8:c4:75:75:bf:22:92:92:9b:d5:06:a5:13:8b:4a: ec:8c:6a:a3:19:f9:5e:50:72:ac:e8:20:54:82:c4: a0:9f:8c:63:a4:8c:7e:6f:15:75:31:73:1c:99:ba: c1:17:35:28:17:2e:f4:f5:d1:c2:95:34:24:c6:13: 2b:1d:1d:6b:c6:af:8b:89:02:05:e7:23:aa:e6:0c: af:09:b6:1f:91:ad:db:a8:e0:12:17:0a:bb:42:48: 07:62:fe:23:4a:31:39:db:8b:0c:04:ff:16:aa:e1: 0f:c7:a4:25:b5:aa:94:ce:c9:22:09:7d:24:dc:89: 78:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:DB:BA:CD:E6:01:BB:66:98:BE:6E:02:95:CE:DE:03:25:8B:89:96 X509v3 Authority Key Identifier: keyid:42:9A:04:7C:44:61:7F:CF:B2:9C:D5:72:F7:AD:87:47:D0:B9:32:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpoEfERhf8-ynNVy962HR9C5Mms.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c57467-49a5-4cc6-9e0c-77e61eea6a64/1/QpoEfERhf8-ynNVy962HR9C5Mms.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:60:1f:0c:cb:a6:ef:dd:15:bb:9b:95:bd:6f:d0:65:bb:3a: 69:b3:06:f1:a7:72:dd:39:62:3f:05:f7:ac:90:5c:e8:8b:f7: 9f:a0:b6:03:2d:97:b5:0e:e6:6e:11:25:9a:0e:d4:59:bd:1a: d7:df:02:e8:48:45:41:a7:9f:0d:64:0c:84:02:3c:4e:e2:7d: 5c:28:e1:e6:af:c9:c2:0a:00:f2:d6:d0:3f:fa:d4:a1:8b:e3: 69:cf:d8:0f:9a:fb:2b:71:56:8f:e3:86:ea:87:d2:ba:63:18: cd:d1:ec:41:83:c1:9c:3a:6c:a7:d5:78:08:c4:8e:6b:cc:3e: 18:65:4a:d6:95:8c:bb:d8:42:18:bc:cf:62:9b:f2:20:8f:f5: 30:0a:8a:8e:3f:cd:9f:d6:24:ee:87:e3:2c:05:fd:51:71:77: fe:c4:70:1d:77:ad:55:1f:09:ae:1e:1f:b9:9f:d2:c0:38:ac: 40:73:16:66:78:3f:6d:13:b0:4c:32:8b:54:65:e7:91:35:02: c4:ae:f6:36:4b:ba:e6:c6:ea:84:21:2d:68:bb:7d:f5:db:2c: 79:00:d2:34:90:12:b1:22:76:20:2c:38:aa:2a:94:93:f5:ef: f4:34:de:01:ea:bf:70:e1:91:93:9b:c4:dc:25:ef:6a:c8:7c: d2:54:a9:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLL8LaFVaPxjKjGx6pBIAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyOWEwNDdjNDQ2MTdmY2ZiMjljZDU3MmY3YWQ4NzQ3ZDBi OTMyNmIwHhcNMjUxMjA2MDEwMDMyWhcNMjUxMjA3MDEwMDMyWjAzMTEwLwYDVQQD Eyg4N2RiYmFjZGU2MDFiYjY2OThiZTZlMDI5NWNlZGUwMzI1OGI4OTk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Jor+K1xJnzcNSx2Zd4nhTiDknUA Oef0M9U2cJa5RNk2HOND4jrgDMsGYN7db6ks7ucf+65/UFZukI8hJuQaeeJisT3S 1zSSolJcW3+YHuB/NVtsH2YNzfP16CtBZMSbJc7ITJrydWo2vGe/bYKKczPmToSp V3jANVA8MB8lrh25qdBQMojIxHV1vyKSkpvVBqUTi0rsjGqjGfleUHKs6CBUgsSg n4xjpIx+bxV1MXMcmbrBFzUoFy709dHClTQkxhMrHR1rxq+LiQIF5yOq5gyvCbYf ka3bqOASFwq7QkgHYv4jSjE524sMBP8WquEPx6QltaqUzskiCX0k3Il45QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIfbus3mAbtmmL5uApXO3gMli4mWMB8GA1UdIwQY MBaAFEKaBHxEYX/PspzVcveth0fQuTJrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMt NzdlNjFlZWE2YTY0LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9jNTc0NjctNDlhNS00Y2M2LTllMGMtNzdlNjFlZWE2YTY0 LzEvUXBvRWZFUmhmOC15bk5WeTk2MkhSOUM1TW1zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2AfDMum 790Vu5uVvW/QZbs6abMG8ady3TliPwX3rJBc6Iv3n6C2Ay2XtQ7mbhElmg7UWb0a 198C6EhFQaefDWQMhAI8TuJ9XCjh5q/JwgoA8tbQP/rUoYvjac/YD5r7K3FWj+OG 6ofSumMYzdHsQYPBnDpsp9V4CMSOa8w+GGVK1pWMu9hCGLzPYpvyII/1MAqKjj/N n9Yk7ofjLAX9UXF3/sRwHXetVR8Jrh4fuZ/SwDisQHMWZng/bROwTDKLVGXnkTUC xK72Nku65sbqhCEtaLt99dsseQDSNJASsSJ2ICw4qiqUk/Xv9DTeAeq/cOGRk5vE 3CXvash80lSpcg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:20:34 2025 by rpki-client