This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft File: QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json) Hash identifier: 8YQttHYsw/En9RACFEaatiaS1GIAgqT+CQ6t53yIoOc= Subject key identifier: 77:4B:3B:FB:78:E9:FC:09:F6:C2:5C:90:C0:5C:06:9F:3E:6F:E8:A6 Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47 Certificate issuer: /CN=40471b34c21a5008f6f096e48fe8e35519d6b847 Certificate serial: 019B6AD7561468A3C49D5656371E36981F50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft Manifest number: 0F41 Signing time: Mon 29 Dec 2025 16:00:55 +0000 Manifest this update: Mon 29 Dec 2025 16:00:55 +0000 Manifest next update: Tue 30 Dec 2025 16:00:55 +0000 Files and hashes: 1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: coZTOPWEHrb9ABofOAOxGKzex3g6x+u3kdoYQC82p6g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 16:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d7:56:14:68:a3:c4:9d:56:56:37:1e:36:98:1f:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847 Validity Not Before: Dec 29 16:00:55 2025 GMT Not After : Dec 30 16:00:55 2025 GMT Subject: CN=774b3bfb78e9fc09f6c25c90c05c069f3e6fe8a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:8c:6e:a0:19:7d:ba:91:bf:fa:3c:43:d0:13: 48:98:67:4e:1d:a6:b9:b6:fc:f6:25:4e:79:f4:dd: 80:6c:48:5f:10:c7:f9:03:1c:0c:1c:ad:97:69:73: 5e:17:a0:da:28:de:85:82:9a:00:cd:e4:0e:44:86: 80:af:ea:72:b0:d1:4d:d4:57:8f:c7:24:a7:8b:91: 0f:21:9e:28:6e:b9:12:8b:00:fe:93:07:aa:7e:e7: f0:bb:c9:49:cd:47:4c:d9:14:36:bd:5d:62:9f:07: 9b:f6:b6:d6:c2:35:c9:b4:9f:fc:e4:4e:2e:3d:b3: 39:0d:a8:a1:6c:c9:bf:d8:3a:ac:62:5b:f7:bc:da: 9a:50:b3:3d:4a:01:b9:9d:34:04:41:08:03:7e:bf: 1d:d6:2b:78:d3:2c:0f:90:f6:b8:9d:f8:93:21:3c: 44:fe:af:18:61:43:ea:ab:1a:34:65:f1:9b:42:68: 46:ba:b4:91:94:2e:09:81:07:f4:99:7d:ee:aa:f0: 7f:25:2d:78:59:2d:53:e3:fb:8b:41:4b:b2:af:00: 3e:94:30:b9:bd:64:07:a2:38:66:3d:a4:25:61:7c: a1:3e:5c:d3:23:f9:e9:29:53:11:21:08:bf:46:bf: 34:61:82:7c:57:71:21:18:71:85:d7:c1:f1:8a:82: 30:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:4B:3B:FB:78:E9:FC:09:F6:C2:5C:90:C0:5C:06:9F:3E:6F:E8:A6 X509v3 Authority Key Identifier: keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:c8:5c:20:16:97:3e:83:58:73:60:10:ed:c7:69:6a:90:35: 36:24:be:8a:83:98:73:52:34:68:17:e6:1f:0f:1a:7b:02:c3: 83:0a:f8:d9:ea:d2:c3:46:ce:a2:15:9c:0e:83:6b:f4:b5:bb: 16:a1:f3:2b:5c:99:44:73:c9:56:4f:80:58:22:f2:62:4f:c4: aa:13:8c:0e:5c:13:9e:f7:d0:26:e4:c6:d6:08:bb:73:59:7f: 79:15:c3:6d:cd:2d:b2:97:6b:4a:a0:01:37:9f:e9:02:76:e8: ab:e4:e9:84:54:1d:31:87:e1:0f:69:21:44:c8:fd:d1:11:14: f9:17:f3:64:95:cd:93:3f:5f:61:1d:ed:c0:3d:db:be:28:87: ba:65:07:bb:6d:fc:8d:d6:8d:e5:04:42:59:fe:50:cc:2f:a5: e3:21:85:d3:f4:7a:1c:33:cc:87:12:a8:9e:dc:e3:32:c5:93: c5:c6:da:62:04:7b:7b:3e:6f:9e:54:57:2c:44:be:a9:d7:62: 7c:18:73:ba:ad:15:34:6d:80:1e:d5:a7:88:c0:70:e1:90:e7: 2a:41:a5:7b:d8:1f:7e:b6:52:86:ab:48:17:37:a1:63:04:a0: 12:95:13:7d:1c:1e:bf:da:2f:af:15:64:b2:73:d3:c0:f3:0d: 97:72:58:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq11YUaKPEnVZWNx42mB9QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk NmI4NDcwHhcNMjUxMjI5MTYwMDU1WhcNMjUxMjMwMTYwMDU1WjAzMTEwLwYDVQQD Eyg3NzRiM2JmYjc4ZTlmYzA5ZjZjMjVjOTBjMDVjMDY5ZjNlNmZlOGE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYxuoBl9upG/+jxD0BNImGdOHaa5 tvz2JU559N2AbEhfEMf5AxwMHK2XaXNeF6DaKN6FgpoAzeQORIaAr+pysNFN1FeP xySni5EPIZ4obrkSiwD+kweqfufwu8lJzUdM2RQ2vV1inweb9rbWwjXJtJ/85E4u PbM5DaihbMm/2DqsYlv3vNqaULM9SgG5nTQEQQgDfr8d1it40ywPkPa4nfiTITxE /q8YYUPqqxo0ZfGbQmhGurSRlC4JgQf0mX3uqvB/JS14WS1T4/uLQUuyrwA+lDC5 vWQHojhmPaQlYXyhPlzTI/npKVMRIQi/Rr80YYJ8V3EhGHGF18HxioIw5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHdLO/t46fwJ9sJckMBcBp8+b+imMB8GA1UdIwQY MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAashcIBaX PoNYc2AQ7cdpapA1NiS+ioOYc1I0aBfmHw8aewLDgwr42erSw0bOohWcDoNr9LW7 FqHzK1yZRHPJVk+AWCLyYk/EqhOMDlwTnvfQJuTG1gi7c1l/eRXDbc0tspdrSqAB N5/pAnboq+TphFQdMYfhD2khRMj90REU+RfzZJXNkz9fYR3twD3bviiHumUHu238 jdaN5QRCWf5QzC+l4yGF0/R6HDPMhxKontzjMsWTxcbaYgR7ez5vnlRXLES+qddi fBhzuq0VNG2AHtWniMBw4ZDnKkGle9gffrZShqtIFzehYwSgEpUTfRwev9ovrxVk snPTwPMNl3JYEg== -----END CERTIFICATE-----Generated at Tue Dec 30 01:32:36 2025 by rpki-client