This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft File: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json) Hash identifier: iFZa8yBUWsGu21/elZ6o56lUKDP02vYzK+FZpEx7HYM= Subject key identifier: ED:94:92:D1:76:4F:FB:58:8C:04:64:C4:F7:0D:64:D6:56:DC:CC:66 Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5 Certificate issuer: /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5 Certificate serial: 019AF50AE77EBBE7CD5976ACAD500AF618BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft Manifest number: 0D4F Signing time: Sat 06 Dec 2025 19:02:03 +0000 Manifest this update: Sat 06 Dec 2025 19:02:03 +0000 Manifest next update: Sun 07 Dec 2025 19:02:03 +0000 Files and hashes: 1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: lfab6xLVHdYrARL7xpbLYytYLiXJrTXSMJJBw9OL00E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:e7:7e:bb:e7:cd:59:76:ac:ad:50:0a:f6:18:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5 Validity Not Before: Dec 6 19:02:03 2025 GMT Not After : Dec 7 19:02:03 2025 GMT Subject: CN=ed9492d1764ffb588c0464c4f70d64d656dccc66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:12:a7:72:42:79:08:ec:58:8e:47:1a:86:69: 8b:66:c9:c8:c4:de:27:4b:57:85:66:5f:28:bf:ae: 6c:67:7a:8e:c3:37:59:ac:52:26:18:3f:a5:b6:31: 40:f6:a1:72:58:f9:11:fa:2f:60:3c:ac:a2:6a:2f: 0f:87:29:02:db:91:06:1c:fc:9d:c0:93:64:ac:b2: 3e:cf:a8:65:59:0e:ca:5e:0c:07:d4:ee:37:e4:51: 4d:c5:70:de:06:24:56:81:84:bc:5c:70:64:2e:81: 96:53:7f:e3:99:80:19:e3:b6:f1:71:f2:c4:53:99: 50:b3:1a:9a:5a:83:ec:07:08:d7:f8:a8:8e:7c:61: d6:7c:b4:dd:b5:83:25:24:a8:25:35:b1:8f:ca:25: 8b:ee:b0:11:49:38:ea:35:98:4f:cd:5d:1e:2e:14: 9e:30:45:20:d7:0b:00:97:b0:d4:8c:aa:80:9d:2a: e5:74:d0:d0:01:42:2b:f1:6f:31:dd:6e:38:3d:fb: 86:01:55:20:fe:68:e4:c5:d4:28:b2:41:a5:b6:fb: af:87:6b:4f:a9:7f:9b:d1:cd:3b:81:1a:df:05:c5: 4a:24:5e:51:c1:99:57:9f:38:52:60:26:57:05:ab: 45:cc:e3:28:17:c6:f6:17:36:17:f3:0a:bf:ec:cb: e7:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:94:92:D1:76:4F:FB:58:8C:04:64:C4:F7:0D:64:D6:56:DC:CC:66 X509v3 Authority Key Identifier: keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:a3:6b:99:00:a3:ba:ed:65:9e:e0:32:4b:b4:f6:97:10:74: 70:7a:72:2f:5f:5f:1b:7f:ad:90:1a:75:2b:88:9d:19:29:90: 3d:f8:e6:9b:0e:a6:68:14:d2:7f:60:63:52:a1:3c:61:82:da: b6:81:ab:03:f8:8e:5f:b5:96:ab:f7:42:6f:c4:4e:28:a9:98: e8:0c:e4:cb:77:0c:3e:67:e6:1a:31:ad:9f:5e:3c:fc:42:e7: 64:a2:65:1d:af:cb:56:57:75:6d:24:d5:d0:e5:fc:27:b8:d9: ae:2f:44:d7:23:36:e3:43:08:e9:81:1a:ea:dd:04:ab:3a:77: f6:96:3e:ff:e7:9a:01:9d:df:35:b3:6e:59:e6:dc:ee:0f:02: 37:ab:19:0d:e0:81:09:a7:4d:8e:16:40:94:bd:a1:3f:98:9e: a8:76:7f:f6:3a:6b:81:f7:f0:6c:ba:50:f9:2a:f7:cb:6c:b5: 5d:9b:09:cc:08:56:a7:f3:ca:3b:ab:04:dd:12:59:11:85:db: cc:28:1c:e2:78:c6:09:61:bd:6c:22:bd:51:7d:41:e9:28:9f: 5e:44:cb:7c:4d:3e:7a:75:f9:f9:c6:14:0d:17:cd:96:36:a7: 6e:89:ed:99:2b:d9:5c:c7:fe:13:36:17:34:46:9e:91:d0:88: 34:52:bd:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cud+u+fNWXasrVAK9hi/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw ZjhjZjUwHhcNMjUxMjA2MTkwMjAzWhcNMjUxMjA3MTkwMjAzWjAzMTEwLwYDVQQD EyhlZDk0OTJkMTc2NGZmYjU4OGMwNDY0YzRmNzBkNjRkNjU2ZGNjYzY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshKnckJ5COxYjkcahmmLZsnIxN4n S1eFZl8ov65sZ3qOwzdZrFImGD+ltjFA9qFyWPkR+i9gPKyiai8PhykC25EGHPyd wJNkrLI+z6hlWQ7KXgwH1O435FFNxXDeBiRWgYS8XHBkLoGWU3/jmYAZ47bxcfLE U5lQsxqaWoPsBwjX+KiOfGHWfLTdtYMlJKglNbGPyiWL7rARSTjqNZhPzV0eLhSe MEUg1wsAl7DUjKqAnSrldNDQAUIr8W8x3W44PfuGAVUg/mjkxdQoskGltvuvh2tP qX+b0c07gRrfBcVKJF5RwZlXnzhSYCZXBatFzOMoF8b2FzYX8wq/7MvnYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO2UktF2T/tYjARkxPcNZNZW3MxmMB8GA1UdIwQY MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqNrmQCj uu1lnuAyS7T2lxB0cHpyL19fG3+tkBp1K4idGSmQPfjmmw6maBTSf2BjUqE8YYLa toGrA/iOX7WWq/dCb8ROKKmY6Azky3cMPmfmGjGtn148/ELnZKJlHa/LVld1bSTV 0OX8J7jZri9E1yM240MI6YEa6t0Eqzp39pY+/+eaAZ3fNbNuWebc7g8CN6sZDeCB CadNjhZAlL2hP5ieqHZ/9jprgffwbLpQ+Sr3y2y1XZsJzAhWp/PKO6sE3RJZEYXb zCgc4njGCWG9bCK9UX1B6SifXkTLfE0+enX5+cYUDRfNljanbontmSvZXMf+EzYX NEaekdCINFK9lw== -----END CERTIFICATE-----Generated at Sun Dec 7 00:33:17 2025 by rpki-client