This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft File: QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json) Hash identifier: sy565ErlZ/nijx4BDEvSGYpCvpJBrAZuT/v4GtvKgug= Subject key identifier: B4:33:B8:AE:6E:36:51:22:F1:1B:37:57:45:60:AB:6A:E4:31:57:75 Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A Certificate issuer: /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a Certificate serial: 019B281B427BDC0949A43D8A12A7A857D974 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft Manifest number: 06DA Signing time: Tue 16 Dec 2025 17:00:33 +0000 Manifest this update: Tue 16 Dec 2025 17:00:33 +0000 Manifest next update: Wed 17 Dec 2025 17:00:33 +0000 Files and hashes: 1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: yt1gAASbU7HtjPpyEzN+yyyOVbEqhEYIyrnEb2zSh+o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:28:1b:42:7b:dc:09:49:a4:3d:8a:12:a7:a8:57:d9:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a Validity Not Before: Dec 16 17:00:33 2025 GMT Not After : Dec 17 17:00:33 2025 GMT Subject: CN=b433b8ae6e365122f11b37574560ab6ae4315775 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ce:49:53:d1:2f:f6:3c:c0:e5:e5:06:4b:a0: c5:ca:98:1f:09:a1:af:70:30:d9:dd:66:20:ce:fb: 52:3d:e5:e7:1d:63:f3:74:6b:e7:54:6f:15:26:70: cf:01:f9:dd:12:6e:a2:4f:b3:a7:ce:0e:bd:e8:7f: a7:98:27:98:db:82:a2:e9:e5:a5:bc:e7:be:72:b5: dc:53:10:96:3d:90:d3:6f:f0:6e:db:e4:85:99:47: 23:14:da:eb:33:80:da:a1:aa:67:6e:6e:10:14:70: 96:6d:3f:5a:6b:91:29:15:2c:4b:1a:03:6d:2b:66: 0f:3c:6a:a5:8e:25:02:97:a9:30:ad:81:b7:8a:e0: de:d3:49:f9:85:53:a5:ff:84:6f:4a:3a:31:e3:8d: 07:10:57:47:e0:ac:ca:ac:ea:61:4f:59:71:47:0c: 37:7e:2d:74:b9:24:9d:12:03:6a:46:a7:d0:48:fe: c3:a2:f2:8b:a4:8d:ea:3d:ea:0f:67:90:b8:64:bd: 81:a8:1d:9f:2f:ac:b8:2c:78:20:2e:73:b8:6b:22: 83:76:ae:e3:75:f6:33:de:14:66:35:c9:69:7f:ef: 8b:fb:29:22:f1:a8:76:c4:95:5e:62:17:e5:8d:2f: 7d:f2:f2:a0:75:b6:2f:5c:df:be:d1:71:65:09:30: 37:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:33:B8:AE:6E:36:51:22:F1:1B:37:57:45:60:AB:6A:E4:31:57:75 X509v3 Authority Key Identifier: keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:37:c1:8b:fb:5a:21:1d:d4:db:32:0b:97:e6:fe:87:5f:07: 59:6a:46:27:7b:89:7c:03:51:65:5f:03:c4:51:d3:60:c1:9e: b8:76:7d:42:cc:6a:08:be:db:22:ac:10:6e:d9:d7:4c:aa:f4: 87:dd:a5:56:38:b2:32:69:3d:37:8c:5c:39:83:ad:0d:f7:e5: 98:06:3e:f6:23:f6:d6:47:24:8d:5b:50:e4:ac:0c:f6:e1:d1: e8:33:24:8c:f2:a4:4b:2a:4b:76:71:7b:78:aa:f6:d7:0c:50: c8:fe:1d:0d:bc:a2:df:35:02:35:91:7c:1c:81:1b:63:0d:d6: 5d:ff:63:05:fe:be:38:f6:6a:f9:98:55:76:cc:ea:d9:fa:c7: 84:0a:6f:11:c1:4a:4b:4f:4f:1f:ae:ec:d9:0c:8f:f6:c8:30: e2:f0:94:fe:dd:f5:39:88:f8:c3:d8:7e:d6:04:06:7e:9d:d8: ec:00:e6:48:9c:8a:a3:85:9e:fc:56:c8:d8:a3:d0:b1:7c:58: 7e:c4:ba:9e:61:1a:44:72:f5:ee:e2:27:b6:c4:1b:b1:69:95: eb:df:ec:93:2c:cd:0c:c8:dd:7b:82:c3:52:00:d4:c9:c0:f0: 54:47:20:24:26:f3:8e:c0:3a:91:80:9b:c5:77:41:88:ea:5b: f9:31:51:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsoG0J73AlJpD2KEqeoV9l0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj MmMxOGEwHhcNMjUxMjE2MTcwMDMzWhcNMjUxMjE3MTcwMDMzWjAzMTEwLwYDVQQD EyhiNDMzYjhhZTZlMzY1MTIyZjExYjM3NTc0NTYwYWI2YWU0MzE1Nzc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz85JU9Ev9jzA5eUGS6DFypgfCaGv cDDZ3WYgzvtSPeXnHWPzdGvnVG8VJnDPAfndEm6iT7Onzg696H+nmCeY24Ki6eWl vOe+crXcUxCWPZDTb/Bu2+SFmUcjFNrrM4Daoapnbm4QFHCWbT9aa5EpFSxLGgNt K2YPPGqljiUCl6kwrYG3iuDe00n5hVOl/4RvSjox440HEFdH4KzKrOphT1lxRww3 fi10uSSdEgNqRqfQSP7DovKLpI3qPeoPZ5C4ZL2BqB2fL6y4LHggLnO4ayKDdq7j dfYz3hRmNclpf++L+yki8ah2xJVeYhfljS998vKgdbYvXN++0XFlCTA3ZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLQzuK5uNlEi8Rs3V0Vgq2rkMVd1MB8GA1UdIwQY MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2 LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKzfBi/ta IR3U2zILl+b+h18HWWpGJ3uJfANRZV8DxFHTYMGeuHZ9QsxqCL7bIqwQbtnXTKr0 h92lVjiyMmk9N4xcOYOtDfflmAY+9iP21kckjVtQ5KwM9uHR6DMkjPKkSypLdnF7 eKr21wxQyP4dDbyi3zUCNZF8HIEbYw3WXf9jBf6+OPZq+ZhVdszq2frHhApvEcFK S09PH67s2QyP9sgw4vCU/t31OYj4w9h+1gQGfp3Y7ADmSJyKo4We/FbI2KPQsXxY fsS6nmEaRHL17uIntsQbsWmV69/skyzNDMjde4LDUgDUycDwVEcgJCbzjsA6kYCb xXdBiOpb+TFRTA== -----END CERTIFICATE-----Generated at Tue Dec 16 22:32:55 2025 by rpki-client