This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft File: QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft (raw, json) Hash identifier: kgEuiJKCI8Nib4anOk708XbfXdJR0ObmVE5OlcLaqSQ= Subject key identifier: D1:2F:2E:13:41:8B:EC:E0:D4:46:7C:C5:9B:A5:AB:90:38:21:A3:F2 Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87 Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87 Certificate serial: 019B3F7F0C65853054EFCBF0C14F55712FCA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft Manifest number: 0F1A Signing time: Sun 21 Dec 2025 06:00:49 +0000 Manifest this update: Sun 21 Dec 2025 06:00:49 +0000 Manifest next update: Mon 22 Dec 2025 06:00:49 +0000 Files and hashes: 1: GQOl6LTvNyPMyG3KjW9Ajp0Bvpw.roa (hash: eZX/fpaYpvDnXloavaVJKtIU2XKfpzNfzwR74TFia7o=) 2: QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl (hash: gCwBZo6rxBS4EFoatMi2dmAeUPztYiMhXoTj5iD0Hwk=) 3: b5Ug6NPJo2XtezY8UVzxnmPE-i0.roa (hash: VB+B1HYKvDBDwa8bPpxYYXoTuHADEZJRpgBpaSqbPu4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:0c:65:85:30:54:ef:cb:f0:c1:4f:55:71:2f:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87 Validity Not Before: Dec 21 06:00:49 2025 GMT Not After : Dec 22 06:00:49 2025 GMT Subject: CN=d12f2e13418bece0d4467cc59ba5ab903821a3f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:af:14:f8:b1:52:61:d8:4f:98:31:50:55:72: 88:ba:e3:42:45:27:00:ee:0d:99:0a:2a:ad:37:3c: c1:98:8e:bd:f1:a6:26:1a:10:e4:21:26:f4:97:d2: cf:51:ba:21:b4:72:95:75:f7:51:67:1d:22:b9:6d: 38:dd:c4:be:be:e4:03:18:fe:9f:4c:73:7a:a4:3a: f7:bb:ef:47:9c:9f:bc:6d:a4:dc:ad:b7:3a:f1:6f: bf:55:c8:62:2e:a4:6c:42:cf:48:71:6b:23:82:bb: 89:62:b8:9e:aa:a3:13:e5:85:46:e2:f1:db:23:89: 3d:f2:be:ce:c4:57:6c:89:c8:ac:5a:9e:76:23:67: 88:01:93:c4:51:98:65:c9:db:27:cc:7a:17:d3:45: a4:41:2e:78:24:53:be:4f:af:92:9c:42:15:ad:19: dc:54:5e:2b:bc:3f:57:79:13:4c:1b:fd:9a:1d:a3: c0:ff:10:1d:62:83:0c:8e:4a:c2:0d:1e:fe:93:ea: 88:62:da:26:ca:b4:1c:17:b0:fb:db:d0:76:7c:b3: 3c:1a:6c:6c:9c:81:7f:a7:39:e7:14:24:a9:a3:6a: 39:a2:6c:27:b5:51:ed:9f:e6:bf:80:ef:c6:a7:75: 9e:64:e2:47:85:af:f6:d2:8f:3a:6c:90:8d:9d:06: a6:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:2F:2E:13:41:8B:EC:E0:D4:46:7C:C5:9B:A5:AB:90:38:21:A3:F2 X509v3 Authority Key Identifier: keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:16:f0:94:f9:30:6a:1c:a6:02:bf:c8:4c:e3:cc:07:0a:80: 17:91:1b:72:23:36:5f:7e:56:c2:62:c5:8a:54:f4:5f:0f:ae: b2:b5:b1:83:fd:fd:8f:dc:fb:f3:35:05:cc:05:f8:fe:60:2b: 04:24:99:00:77:cd:3c:8b:e1:bd:ee:ef:4f:85:2e:ae:32:db: 62:fd:70:46:49:9e:41:d4:a7:10:3d:70:d6:4c:55:38:d7:c5: 0e:98:fb:79:d0:89:07:fa:c6:ae:18:88:83:0f:a4:25:3c:6f: 01:85:87:d8:ef:27:80:ea:2d:23:33:09:78:33:a4:44:c2:fa: c6:95:02:f1:9c:45:8b:36:fc:7f:29:cd:ff:dc:45:e4:fd:d8: 66:97:69:c9:1c:79:1b:b6:75:6c:98:5b:12:9f:87:de:ff:8e: d1:e4:fb:f0:e4:c6:6c:c3:3c:60:3f:5b:51:fa:63:c0:fc:7a: 84:c7:bc:9a:4f:2f:5c:f5:3b:c3:79:fa:fe:9d:a2:90:4e:90: 50:89:9d:15:a0:a6:44:e8:fd:78:ab:17:28:19:a3:05:7a:82: 06:69:0e:c7:91:04:4d:59:4b:9d:41:31:24:3a:8b:0d:a8:db: 42:51:96:89:b5:20:fe:3f:b2:93:7e:29:58:2e:9a:22:bd:bf: f8:55:8f:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fwxlhTBU78vwwU9VcS/KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5 NDRhODcwHhcNMjUxMjIxMDYwMDQ5WhcNMjUxMjIyMDYwMDQ5WjAzMTEwLwYDVQQD EyhkMTJmMmUxMzQxOGJlY2UwZDQ0NjdjYzU5YmE1YWI5MDM4MjFhM2YyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK8U+LFSYdhPmDFQVXKIuuNCRScA 7g2ZCiqtNzzBmI698aYmGhDkISb0l9LPUbohtHKVdfdRZx0iuW043cS+vuQDGP6f THN6pDr3u+9HnJ+8baTcrbc68W+/VchiLqRsQs9IcWsjgruJYrieqqMT5YVG4vHb I4k98r7OxFdsicisWp52I2eIAZPEUZhlydsnzHoX00WkQS54JFO+T6+SnEIVrRnc VF4rvD9XeRNMG/2aHaPA/xAdYoMMjkrCDR7+k+qIYtomyrQcF7D729B2fLM8Gmxs nIF/pznnFCSpo2o5omwntVHtn+a/gO/Gp3WeZOJHha/20o86bJCNnQamcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNEvLhNBi+zg1EZ8xZulq5A4IaPyMB8GA1UdIwQY MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct OTg1ZWQxNWM5YWViLzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAThbwlPkw ahymAr/ITOPMBwqAF5EbciM2X35WwmLFilT0Xw+usrWxg/39j9z78zUFzAX4/mAr BCSZAHfNPIvhve7vT4UurjLbYv1wRkmeQdSnED1w1kxVONfFDpj7edCJB/rGrhiI gw+kJTxvAYWH2O8ngOotIzMJeDOkRML6xpUC8ZxFizb8fynN/9xF5P3YZpdpyRx5 G7Z1bJhbEp+H3v+O0eT78OTGbMM8YD9bUfpjwPx6hMe8mk8vXPU7w3n6/p2ikE6Q UImdFaCmROj9eKsXKBmjBXqCBmkOx5EETVlLnUExJDqLDajbQlGWibUg/j+yk34p WC6aIr2/+FWPOw== -----END CERTIFICATE-----Generated at Sun Dec 21 08:35:30 2025 by rpki-client