This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft File: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft (raw, json) Hash identifier: dqI/qcppY8T0A3WeG263+tWG/mxD1P6v4qc064rmvuU= Subject key identifier: 26:19:05:DA:AF:A4:5E:A1:32:91:21:54:98:4F:98:AC:62:F9:B7:75 Authority key identifier: 40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A Certificate issuer: /CN=40aa949d31c66888cb4758f23dd5f312141dec4a Certificate serial: 019B6EB569FE5DE72525A83D274951DB0EBD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft Manifest number: 0EC3 Signing time: Tue 30 Dec 2025 10:02:21 +0000 Manifest this update: Tue 30 Dec 2025 10:02:21 +0000 Manifest next update: Wed 31 Dec 2025 10:02:21 +0000 Files and hashes: 1: Ci2nxFCN2-JFxhCGu2Re4yZAOHs.roa (hash: +bhZNarT7FFMkSZsUhSIu2eb8t+79YYtheiLS/N1UY0=) 2: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl (hash: zhglTkOc1DCvbTju8gCUev4AZIdB5W+vs/ThvNSlr5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 10:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6e:b5:69:fe:5d:e7:25:25:a8:3d:27:49:51:db:0e:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40aa949d31c66888cb4758f23dd5f312141dec4a Validity Not Before: Dec 30 10:02:21 2025 GMT Not After : Dec 31 10:02:21 2025 GMT Subject: CN=261905daafa45ea132912154984f98ac62f9b775 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:02:c8:7f:38:98:8f:d1:30:31:86:f0:59:24: be:0d:2d:92:7a:dc:03:91:95:8f:9a:64:17:9c:0a: 5c:0a:9e:f6:b2:25:5e:7d:cd:75:2f:0c:6a:ad:e0: 84:d0:a0:b1:f1:a5:76:19:6b:5a:4a:f6:55:5b:aa: c6:5e:9e:92:96:1e:ae:67:bf:1a:1d:6a:01:04:02: c3:0e:b5:54:25:c2:80:b3:d4:71:eb:7a:1f:15:43: 59:b4:62:4d:e3:06:03:aa:08:d9:a6:29:2c:cc:6c: 3c:d4:c6:6d:14:e9:25:ac:9d:83:0c:aa:66:fe:c9: 0c:f7:13:fc:47:5e:b8:db:bf:1e:29:af:5c:1e:28: 29:ff:a2:9e:9b:39:32:6b:4f:82:df:c4:eb:c9:9d: 6e:8f:6f:21:26:1d:9c:e7:58:38:2c:dd:10:eb:9c: 6b:93:f3:a1:87:f6:cf:49:b7:e2:e7:12:6d:bc:36: d1:ea:9d:5b:cb:6d:26:45:5d:1b:6c:cc:41:ca:05: 6a:91:12:43:0e:32:3c:52:38:6d:7e:d9:fa:88:1d: dd:a5:cb:d0:66:11:68:ef:22:d6:78:56:b5:8d:5b: 89:7c:b3:9b:d6:f4:d3:72:c2:4c:f2:cc:f1:1a:98: 55:90:fb:c6:78:d3:a3:ef:8d:08:93:0a:37:6a:9c: c4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:19:05:DA:AF:A4:5E:A1:32:91:21:54:98:4F:98:AC:62:F9:B7:75 X509v3 Authority Key Identifier: keyid:40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:7a:49:82:41:25:36:11:99:26:7e:1c:82:18:97:f5:43:30: d1:5c:a7:2f:67:5c:ee:26:3f:e7:ef:27:17:7b:c4:b0:2e:90: 09:27:fa:6e:cb:e9:2f:69:8f:c2:19:d7:34:19:82:e5:ee:bf: 09:fb:c7:91:7b:8d:18:ec:b6:9f:99:d9:a9:d9:d4:01:58:9b: 15:e7:d9:dd:f8:76:e3:55:2e:fe:85:6b:2c:9f:63:a8:43:d8: f5:d9:91:b3:4d:12:b2:6d:b0:10:a2:35:ac:25:7f:26:ba:49: 7f:59:8e:76:c9:d0:da:16:57:7c:25:d3:9b:d6:3a:77:da:d6: 16:b4:f4:bc:5a:6a:1b:73:d0:9f:bd:26:68:af:20:41:8a:2c: ed:8f:2a:f6:33:90:2d:d6:79:2b:a4:e7:4f:c1:9e:2a:8f:e3: 17:14:8f:70:4f:ce:95:89:e1:c2:a1:d8:79:92:f6:32:c9:a5: c1:77:54:2a:0f:f1:c4:f5:17:18:a3:60:61:ea:1a:b9:25:87: c3:12:b0:63:92:25:ca:7a:48:ee:99:10:97:e7:77:3e:5e:ed: d8:e5:e7:3d:bf:f1:51:da:ba:22:2f:e3:fe:02:c6:24:b8:7c: f5:63:bd:90:ec:ed:fb:ce:79:bd:e1:c1:bd:04:20:7d:6d:a5: ab:df:1a:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtutWn+XeclJag9J0lR2w69MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYWE5NDlkMzFjNjY4ODhjYjQ3NThmMjNkZDVmMzEyMTQx ZGVjNGEwHhcNMjUxMjMwMTAwMjIxWhcNMjUxMjMxMTAwMjIxWjAzMTEwLwYDVQQD EygyNjE5MDVkYWFmYTQ1ZWExMzI5MTIxNTQ5ODRmOThhYzYyZjliNzc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gLIfziYj9EwMYbwWSS+DS2SetwD kZWPmmQXnApcCp72siVefc11LwxqreCE0KCx8aV2GWtaSvZVW6rGXp6Slh6uZ78a HWoBBALDDrVUJcKAs9Rx63ofFUNZtGJN4wYDqgjZpikszGw81MZtFOklrJ2DDKpm /skM9xP8R164278eKa9cHigp/6Kemzkya0+C38TryZ1uj28hJh2c51g4LN0Q65xr k/Ohh/bPSbfi5xJtvDbR6p1by20mRV0bbMxBygVqkRJDDjI8Ujhtftn6iB3dpcvQ ZhFo7yLWeFa1jVuJfLOb1vTTcsJM8szxGphVkPvGeNOj740Ikwo3apzEVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCYZBdqvpF6hMpEhVJhPmKxi+bd1MB8GA1UdIwQY MBaAFECqlJ0xxmiIy0dY8j3V8xIUHexKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgt ZmQxMWJiMWNjODJkLzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgtZmQxMWJiMWNjODJk LzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp3pJgkEl NhGZJn4cghiX9UMw0VynL2dc7iY/5+8nF3vEsC6QCSf6bsvpL2mPwhnXNBmC5e6/ CfvHkXuNGOy2n5nZqdnUAVibFefZ3fh241Uu/oVrLJ9jqEPY9dmRs00Ssm2wEKI1 rCV/JrpJf1mOdsnQ2hZXfCXTm9Y6d9rWFrT0vFpqG3PQn70maK8gQYos7Y8q9jOQ LdZ5K6TnT8GeKo/jFxSPcE/OlYnhwqHYeZL2MsmlwXdUKg/xxPUXGKNgYeoauSWH wxKwY5IlynpI7pkQl+d3Pl7t2OXnPb/xUdq6Ii/j/gLGJLh89WO9kOzt+855veHB vQQgfW2lq98aKQ== -----END CERTIFICATE-----Generated at Tue Dec 30 16:32:51 2025 by rpki-client