This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft File: QH0twQwC9ewk9pD59mBVVIZWLlk.mft (raw, json) Hash identifier: 6oK68GzBNSpNkegLPWrneviNC0D+0a6bfUYSGYqTB+4= Subject key identifier: 87:ED:5D:FE:44:FA:00:F9:D9:6A:6B:73:7D:A9:DE:6C:57:ED:67:E0 Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59 Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59 Certificate serial: 019AF1D21F30A0128D5CBB15C67AEF200D1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft Manifest number: 1460 Signing time: Sat 06 Dec 2025 04:01:10 +0000 Manifest this update: Sat 06 Dec 2025 04:01:10 +0000 Manifest next update: Sun 07 Dec 2025 04:01:10 +0000 Files and hashes: 1: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (hash: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=) 2: QH0twQwC9ewk9pD59mBVVIZWLlk.crl (hash: Dr4otvcf8PKsYg0On31fwgM9nwBXSCluxEQojwwisSA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:1f:30:a0:12:8d:5c:bb:15:c6:7a:ef:20:0d:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59 Validity Not Before: Dec 6 04:01:10 2025 GMT Not After : Dec 7 04:01:10 2025 GMT Subject: CN=87ed5dfe44fa00f9d96a6b737da9de6c57ed67e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b6:29:94:0a:61:69:39:b9:91:84:0f:c9:d1: 17:46:85:76:52:e4:e2:b8:91:93:c3:d0:d0:61:6c: c0:01:14:92:3b:b1:95:7a:9f:ae:db:5a:c4:ae:bc: 31:20:c7:fe:15:44:93:b0:55:22:dd:14:8b:82:99: c5:59:a7:3b:8a:8f:07:eb:81:60:15:e3:37:b4:16: a2:af:38:b6:95:10:dc:08:a9:22:6a:e4:53:bd:99: 0b:25:0f:34:ea:7a:a2:3b:74:0d:22:86:e1:cb:39: 1e:43:da:ad:38:65:13:08:73:1f:f8:e7:65:c5:ca: 85:70:bf:c5:64:50:a3:49:65:87:e6:3d:7a:d7:00: 27:c8:0d:c8:89:c1:a9:69:55:02:ba:16:e4:e0:3a: e6:f0:03:18:00:68:88:60:8c:eb:de:b0:3a:e6:08: c8:54:f3:bb:dd:7c:03:c4:d3:c4:04:f6:d0:64:1d: 92:c8:3d:5b:3d:d2:5c:04:6e:26:14:2c:d9:d4:ca: 0f:c7:8c:24:54:36:83:de:56:5c:53:07:ee:9c:e7: 66:44:c9:e9:49:f1:dd:ac:34:b7:df:85:51:4e:e5: 70:f7:2b:ca:05:e1:3c:61:e8:5b:2b:86:17:19:10: a3:bb:6a:3c:90:b2:7f:f7:b0:60:90:10:90:5a:15: 2b:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:ED:5D:FE:44:FA:00:F9:D9:6A:6B:73:7D:A9:DE:6C:57:ED:67:E0 X509v3 Authority Key Identifier: keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:52:a5:2d:13:ac:37:00:e4:cf:42:27:93:92:69:8a:23:ff: 94:b9:fa:7e:fd:02:da:4a:8a:db:75:a8:a4:de:ba:a0:91:94: de:e8:2e:0c:9b:c8:29:84:fa:76:d7:92:d3:80:ef:43:cc:10: 26:63:13:71:0e:0a:b7:45:a3:ab:f1:0c:c5:0a:60:df:fe:b7: 44:80:92:d7:7a:03:c7:d9:80:5f:1a:58:1b:f2:bd:3c:14:f4: a7:ad:7b:23:cd:aa:7f:8e:02:e0:f5:9b:56:65:4d:3c:b0:06: f5:5e:b9:ff:24:02:a0:c9:b0:06:e7:a6:56:b5:28:55:52:49: ce:7b:9d:d5:03:65:4c:ec:6b:64:97:d7:20:75:c6:38:d5:7e: 05:be:f4:66:b6:96:2b:99:64:7b:92:72:46:a6:ad:54:f4:df: c2:21:65:27:8d:33:e9:8f:5d:43:2a:b4:2d:58:4e:52:97:bd: 68:84:b4:1a:19:04:8f:88:1a:ae:77:12:4e:e5:b6:d2:7c:27: f5:cd:c0:ca:0c:9e:0c:9b:d8:9d:46:62:33:1d:db:40:e2:3b: 7c:43:82:ff:c3:af:99:65:37:90:de:3d:18:2a:11:0b:de:49: 08:c2:43:67:c0:16:2a:fe:60:c5:2e:d6:85:40:e3:cf:a2:c4: c5:30:2b:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0h8woBKNXLsVxnrvIA0dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1 NjJlNTkwHhcNMjUxMjA2MDQwMTEwWhcNMjUxMjA3MDQwMTEwWjAzMTEwLwYDVQQD Eyg4N2VkNWRmZTQ0ZmEwMGY5ZDk2YTZiNzM3ZGE5ZGU2YzU3ZWQ2N2UwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrYplAphaTm5kYQPydEXRoV2UuTi uJGTw9DQYWzAARSSO7GVep+u21rErrwxIMf+FUSTsFUi3RSLgpnFWac7io8H64Fg FeM3tBairzi2lRDcCKkiauRTvZkLJQ806nqiO3QNIobhyzkeQ9qtOGUTCHMf+Odl xcqFcL/FZFCjSWWH5j161wAnyA3IicGpaVUCuhbk4Drm8AMYAGiIYIzr3rA65gjI VPO73XwDxNPEBPbQZB2SyD1bPdJcBG4mFCzZ1MoPx4wkVDaD3lZcUwfunOdmRMnp SfHdrDS334VRTuVw9yvKBeE8YehbK4YXGRCju2o8kLJ/97BgkBCQWhUr2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIftXf5E+gD52Wprc32p3mxX7WfgMB8GA1UdIwQY MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt OTY3YzIyODVlYTYyLzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlKlLROs NwDkz0Ink5JpiiP/lLn6fv0C2kqK23WopN66oJGU3uguDJvIKYT6dteS04DvQ8wQ JmMTcQ4Kt0Wjq/EMxQpg3/63RICS13oDx9mAXxpYG/K9PBT0p617I82qf44C4PWb VmVNPLAG9V65/yQCoMmwBuemVrUoVVJJznud1QNlTOxrZJfXIHXGONV+Bb70ZraW K5lke5JyRqatVPTfwiFlJ40z6Y9dQyq0LVhOUpe9aIS0GhkEj4garncSTuW20nwn 9c3AygyeDJvYnUZiMx3bQOI7fEOC/8OvmWU3kN49GCoRC95JCMJDZ8AWKv5gxS7W hUDjz6LExTArLw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:22:03 2025 by rpki-client