This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft File: QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json) Hash identifier: 6Ma+PbZbCgQIyxzyHZp50xdn7Sas2sKHbSDdEO0EU7k= Subject key identifier: 4A:8C:F1:E2:8F:3E:27:E1:C7:F7:E7:FF:AC:76:FD:4B:E2:45:0B:D7 Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87 Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87 Certificate serial: 019B3D9090F329ECACC902083F0CEEA74368 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft Manifest number: 0F19 Signing time: Sat 20 Dec 2025 21:00:42 +0000 Manifest this update: Sat 20 Dec 2025 21:00:42 +0000 Manifest next update: Sun 21 Dec 2025 21:00:42 +0000 Files and hashes: 1: GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa (hash: eZX/fpaYpvDnXloavaVJKtIU2XKfpzNfzwR74TFia7o=) 2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: RuCARO3x8rYp0dhUIr2Ka6W3Lf4x3/TNghoe//Agrpk=) 3: b5Ug6NPJo2XtezY8UVzxnmPE-i0.roa (hash: VB+B1HYKvDBDwa8bPpxYYXoTuHADEZJRpgBpaSqbPu4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 21:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:90:f3:29:ec:ac:c9:02:08:3f:0c:ee:a7:43:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87 Validity Not Before: Dec 20 21:00:42 2025 GMT Not After : Dec 21 21:00:42 2025 GMT Subject: CN=4a8cf1e28f3e27e1c7f7e7ffac76fd4be2450bd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ff:e2:66:76:25:5a:1b:a3:7e:f4:07:74:7c: 42:07:fb:04:d1:f0:53:e8:d7:2e:88:d7:6f:a2:50: 44:6c:d6:19:cd:32:ee:8c:94:81:85:6c:df:a3:cd: 2b:77:bd:09:e0:eb:26:bf:aa:9c:a4:57:34:26:27: 69:a9:9f:6d:a5:2e:b1:7d:7c:52:1a:eb:bf:04:70: ae:40:c7:f6:23:d4:65:df:11:49:28:39:10:52:7d: df:b3:b0:6e:9c:1d:d7:be:82:bc:7f:91:bb:f0:5f: b6:1b:e3:20:56:64:8f:00:65:4f:c3:ac:cc:93:c2: be:08:51:9a:0e:ec:ac:09:58:be:88:b4:82:74:58: 90:cf:65:3e:29:67:3d:9d:5b:3d:49:04:14:e7:01: 1e:86:9e:d3:e0:cd:ed:e4:8f:01:4d:1d:1a:dd:b9: 98:62:c5:78:f3:25:89:34:bf:aa:6e:da:ee:2f:d1: 72:e2:3b:5e:be:7a:8a:79:fe:04:df:d1:7c:19:12: dd:9d:93:0b:ec:b7:46:7b:ff:6f:a9:b8:7d:bf:51: 13:8f:31:34:ac:55:54:9c:42:4b:7a:68:ec:ec:e1: 8b:e4:79:2f:1b:a7:09:d6:51:30:a1:09:89:67:b3: 5b:10:38:fb:96:38:ed:90:59:d9:1e:68:32:e3:1a: bc:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:8C:F1:E2:8F:3E:27:E1:C7:F7:E7:FF:AC:76:FD:4B:E2:45:0B:D7 X509v3 Authority Key Identifier: keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:29:2f:8f:5c:c2:f0:b4:31:6d:ee:07:2a:58:5f:bf:0f:42: 64:b8:e4:9e:0a:f7:68:f7:10:0b:00:3e:d3:3e:86:90:1e:c2: 89:2c:0a:bf:16:7a:f0:88:84:61:4b:18:90:e7:46:44:40:23: 23:ca:d5:95:fe:c9:3c:bd:a0:cd:c7:92:4d:b9:32:b9:74:b3: 9c:da:2d:72:70:e3:d2:26:ee:43:cc:11:02:b5:38:c4:20:a2: 5c:83:79:d6:46:fa:f3:5a:b8:2b:c5:a8:eb:0e:ff:6d:97:a7: d7:37:fa:7d:33:cf:6b:ba:b3:5f:8b:b3:10:62:1f:b6:cb:6a: af:2c:c4:e5:51:c5:6d:e8:ae:5a:8f:31:c6:f2:b4:c8:2a:f5: ba:cd:5f:dc:4a:62:aa:86:16:fb:be:01:b1:01:61:bb:35:be: 98:7a:63:3a:9d:e4:a1:f4:13:94:8a:97:76:85:9a:69:92:89: c7:8c:52:f3:3f:44:6a:d0:a6:a4:51:38:bf:ea:ce:34:b2:d8: 37:de:e5:90:25:24:c5:b0:5c:e6:76:61:57:ad:d0:ea:72:6e: 76:a6:90:8c:21:24:4a:b0:05:f8:b5:54:8e:48:a3:53:8a:94: 01:84:87:eb:cf:cd:f2:e7:8b:86:02:26:17:f3:87:99:a5:d7: 02:83:32:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kJDzKeysyQIIPwzup0NoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5 NDRhODcwHhcNMjUxMjIwMjEwMDQyWhcNMjUxMjIxMjEwMDQyWjAzMTEwLwYDVQQD Eyg0YThjZjFlMjhmM2UyN2UxYzdmN2U3ZmZhYzc2ZmQ0YmUyNDUwYmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz//iZnYlWhujfvQHdHxCB/sE0fBT 6NcuiNdvolBEbNYZzTLujJSBhWzfo80rd70J4Osmv6qcpFc0JidpqZ9tpS6xfXxS Guu/BHCuQMf2I9Rl3xFJKDkQUn3fs7BunB3XvoK8f5G78F+2G+MgVmSPAGVPw6zM k8K+CFGaDuysCVi+iLSCdFiQz2U+KWc9nVs9SQQU5wEehp7T4M3t5I8BTR0a3bmY YsV48yWJNL+qbtruL9Fy4jtevnqKef4E39F8GRLdnZML7LdGe/9vqbh9v1ETjzE0 rFVUnEJLemjs7OGL5HkvG6cJ1lEwoQmJZ7NbEDj7ljjtkFnZHmgy4xq8UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEqM8eKPPifhx/fn/6x2/UviRQvXMB8GA1UdIwQY MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiikvj1zC 8LQxbe4HKlhfvw9CZLjkngr3aPcQCwA+0z6GkB7CiSwKvxZ68IiEYUsYkOdGREAj I8rVlf7JPL2gzceSTbkyuXSznNotcnDj0ibuQ8wRArU4xCCiXIN51kb681q4K8Wo 6w7/bZen1zf6fTPPa7qzX4uzEGIftstqryzE5VHFbeiuWo8xxvK0yCr1us1f3Epi qoYW+74BsQFhuzW+mHpjOp3kofQTlIqXdoWaaZKJx4xS8z9EatCmpFE4v+rONLLY N97lkCUkxbBc5nZhV63Q6nJudqaQjCEkSrAF+LVUjkijU4qUAYSH68/N8ueLhgIm F/OHmaXXAoMyCA== -----END CERTIFICATE-----Generated at Sun Dec 21 07:01:36 2025 by rpki-client