This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.mft File: QsMDcZht9dVk7mcHRxe2agL_VxI.mft (raw, json) Hash identifier: Tl26h1nptUvUfMD2hibf2KWnQpVwTF4kIPpyZUFg3kw= Subject key identifier: BC:D7:D4:38:9F:2A:C3:08:B0:0D:11:71:00:D2:FA:15:F9:A5:B2:0D Authority key identifier: 42:C3:03:71:98:6D:F5:D5:64:EE:67:07:47:17:B6:6A:02:FF:57:12 Certificate issuer: /CN=42c30371986df5d564ee67074717b66a02ff5712 Certificate serial: 019B3D237AAFF4E2C2290786777D3BD89B91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsMDcZht9dVk7mcHRxe2agL_VxI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.mft Manifest number: 1679 Signing time: Sat 20 Dec 2025 19:01:33 +0000 Manifest this update: Sat 20 Dec 2025 19:01:33 +0000 Manifest next update: Sun 21 Dec 2025 19:01:33 +0000 Files and hashes: 1: QsMDcZht9dVk7mcHRxe2agL_VxI.crl (hash: 3LmenASU6I/ZM8mJgBzjSkxyY4EBrhVEXyhXNHlzFwA=) 2: hyIZ79qkrdHzxjA2nqjpWKRJazw.roa (hash: uN3TIUn6uJGV9mne7uVtH2Vshh9cYXISPUulyaHzlUE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.mft rsync://rpki.ripe.net/repository/DEFAULT/QsMDcZht9dVk7mcHRxe2agL_VxI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:7a:af:f4:e2:c2:29:07:86:77:7d:3b:d8:9b:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42c30371986df5d564ee67074717b66a02ff5712 Validity Not Before: Dec 20 19:01:33 2025 GMT Not After : Dec 21 19:01:33 2025 GMT Subject: CN=bcd7d4389f2ac308b00d117100d2fa15f9a5b20d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:cf:eb:db:10:43:9b:45:7d:43:4c:b4:91:ca: 12:8c:f9:01:b8:89:97:3d:12:48:63:ff:38:1e:bb: ce:06:ec:1b:c5:45:89:bb:5a:60:93:9b:ed:15:dc: e4:7e:58:f4:00:5d:03:65:08:2a:8d:39:a2:a6:16: 8a:f1:03:5d:3a:55:a1:2b:4d:7e:97:41:1a:f8:ef: 02:c4:c5:aa:46:6b:75:b7:54:1f:68:fc:ab:0a:f9: e6:e4:3f:f2:52:16:87:57:31:9e:93:bc:5d:13:c5: 4e:d6:56:65:32:72:c5:20:26:b5:65:7a:92:53:ff: a0:94:e0:19:10:59:e0:f8:fd:8b:ad:5e:22:fa:99: b8:81:df:08:d2:bf:4a:4d:fe:dc:50:7e:90:e4:96: b9:c0:9e:5b:2d:62:40:69:ce:5f:90:a9:18:58:1d: be:2b:60:d2:01:d5:59:84:99:8d:ce:23:ec:f6:af: 28:d1:f5:d4:13:2b:51:3c:00:e6:2b:99:f9:e1:9a: 41:2f:5e:ff:a2:b6:4a:81:4a:15:d9:cd:56:43:45: 27:80:9e:07:ff:e5:31:9a:79:c3:5d:67:8f:60:de: 97:86:2a:ec:a8:5e:5e:48:75:0b:3f:eb:9a:a1:b8: 81:57:97:b6:7a:c7:ca:2d:9b:5c:7c:ad:a9:4d:d8: ce:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:D7:D4:38:9F:2A:C3:08:B0:0D:11:71:00:D2:FA:15:F9:A5:B2:0D X509v3 Authority Key Identifier: keyid:42:C3:03:71:98:6D:F5:D5:64:EE:67:07:47:17:B6:6A:02:FF:57:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsMDcZht9dVk7mcHRxe2agL_VxI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8ba0dd-2fbb-4a6f-9a37-c2454ce28d48/1/QsMDcZht9dVk7mcHRxe2agL_VxI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:65:ec:f1:3b:9d:5c:5c:6e:71:db:93:c3:3b:f3:fb:f2:69: f2:2a:96:5f:41:d0:59:20:8e:21:f7:f5:90:63:d6:51:9e:e9: 0e:5a:b3:a0:f3:7b:cd:f2:6d:d4:4f:e1:b4:47:6b:fd:cc:b9: 4e:f1:d4:80:67:a4:e6:2b:0e:f2:83:45:91:f0:18:24:a6:b5: 44:df:b8:40:dd:33:8c:86:d1:01:05:66:36:5c:f4:f0:10:f6: cd:63:d8:00:52:20:77:7a:e5:6b:d8:02:8f:6f:19:a9:58:69: 10:a9:a6:8b:27:c0:8e:e2:98:02:83:9c:12:47:2f:25:5e:ca: a2:64:39:9f:d3:33:bc:7f:9b:15:97:72:ce:c8:d3:37:2a:d5: 32:a6:e3:79:77:17:5d:44:f6:84:d4:48:a5:09:d9:d7:15:31: 86:34:38:6c:de:1e:7b:43:41:02:72:5a:63:2e:5f:ed:72:92: c5:cb:a5:b9:5c:06:cc:38:fa:ac:80:c0:4e:b5:11:b4:26:f0: 44:c3:0f:5f:5a:d1:ee:c3:28:c2:80:80:94:6c:90:7d:fb:08: f5:f5:84:ff:df:29:1b:49:c5:cc:54:c2:5f:a6:37:53:38:a4: b1:3f:95:79:74:22:82:ba:e6:3a:30:12:36:07:06:3e:e0:93: 16:87:3a:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I3qv9OLCKQeGd3072JuRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyYzMwMzcxOTg2ZGY1ZDU2NGVlNjcwNzQ3MTdiNjZhMDJm ZjU3MTIwHhcNMjUxMjIwMTkwMTMzWhcNMjUxMjIxMTkwMTMzWjAzMTEwLwYDVQQD EyhiY2Q3ZDQzODlmMmFjMzA4YjAwZDExNzEwMGQyZmExNWY5YTViMjBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM/r2xBDm0V9Q0y0kcoSjPkBuImX PRJIY/84HrvOBuwbxUWJu1pgk5vtFdzkflj0AF0DZQgqjTmiphaK8QNdOlWhK01+ l0Ea+O8CxMWqRmt1t1QfaPyrCvnm5D/yUhaHVzGek7xdE8VO1lZlMnLFICa1ZXqS U/+glOAZEFng+P2LrV4i+pm4gd8I0r9KTf7cUH6Q5Ja5wJ5bLWJAac5fkKkYWB2+ K2DSAdVZhJmNziPs9q8o0fXUEytRPADmK5n54ZpBL17/orZKgUoV2c1WQ0UngJ4H /+UxmnnDXWePYN6XhirsqF5eSHULP+uaobiBV5e2esfKLZtcfK2pTdjO3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLzX1DifKsMIsA0RcQDS+hX5pbINMB8GA1UdIwQY MBaAFELDA3GYbfXVZO5nB0cXtmoC/1cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXNNRGNaaHQ5ZFZrN21jSFJ4ZTJhZ0xfVnhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84YmEwZGQtMmZiYi00YTZmLTlhMzct YzI0NTRjZTI4ZDQ4LzEvUXNNRGNaaHQ5ZFZrN21jSFJ4ZTJhZ0xfVnhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC84YmEwZGQtMmZiYi00YTZmLTlhMzctYzI0NTRjZTI4ZDQ4 LzEvUXNNRGNaaHQ5ZFZrN21jSFJ4ZTJhZ0xfVnhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO2Xs8Tud XFxucduTwzvz+/Jp8iqWX0HQWSCOIff1kGPWUZ7pDlqzoPN7zfJt1E/htEdr/cy5 TvHUgGek5isO8oNFkfAYJKa1RN+4QN0zjIbRAQVmNlz08BD2zWPYAFIgd3rla9gC j28ZqVhpEKmmiyfAjuKYAoOcEkcvJV7KomQ5n9MzvH+bFZdyzsjTNyrVMqbjeXcX XUT2hNRIpQnZ1xUxhjQ4bN4ee0NBAnJaYy5f7XKSxculuVwGzDj6rIDATrURtCbw RMMPX1rR7sMowoCAlGyQffsI9fWE/98pG0nFzFTCX6Y3UziksT+VeXQigrrmOjAS NgcGPuCTFoc6eQ== -----END CERTIFICATE-----Generated at Sun Dec 21 04:07:06 2025 by rpki-client