This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft File: Qkq4x890A7ViChuBPmrR2g2stE0.mft (raw, json) Hash identifier: DrrTRS1zlKa7I7QJn4oL2J4qLCAmqkKbcSBeDzwKq8Y= Subject key identifier: 98:38:DA:7A:1C:2A:A5:D2:99:B2:CE:C9:90:DE:20:E2:69:49:A6:F5 Authority key identifier: 42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D Certificate issuer: /CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d Certificate serial: 019B3C7FAF02326BA8B3E88783483CE5AE77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft Manifest number: 178A Signing time: Sat 20 Dec 2025 16:02:39 +0000 Manifest this update: Sat 20 Dec 2025 16:02:39 +0000 Manifest next update: Sun 21 Dec 2025 16:02:39 +0000 Files and hashes: 1: MCPNj8vuGzZknoWdqGIIivLkJGU.roa (hash: 4hhwQet2SGHC4RmJ2ByvcZIanR2/yV/AqfOhLRjbUPM=) 2: Qkq4x890A7ViChuBPmrR2g2stE0.crl (hash: jF8MFzl3uEWeRHQlML3p59SFdyCg/kqMTSb/txlhX3Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:af:02:32:6b:a8:b3:e8:87:83:48:3c:e5:ae:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=424ab8c7cf7403b5620a1b813e6ad1da0dacb44d Validity Not Before: Dec 20 16:02:39 2025 GMT Not After : Dec 21 16:02:39 2025 GMT Subject: CN=9838da7a1c2aa5d299b2cec990de20e26949a6f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ca:c8:2b:da:8e:48:e3:25:e6:56:a4:7c:cd: be:5d:c5:ae:25:39:ed:69:0a:62:0f:48:e7:be:a9: 8d:76:40:8a:5f:40:c4:09:00:0d:c3:0f:b5:97:91: 5f:7a:3b:67:4a:24:26:98:d7:08:96:f2:14:ea:d1: 99:3d:17:91:37:8f:d5:9a:78:3f:e4:48:89:a6:7b: 59:f6:45:93:32:49:6d:e3:e5:f3:71:20:5a:34:fa: 82:c8:8b:b9:a0:da:3d:5e:40:b0:a4:ae:4a:b3:b5: 7c:47:32:55:6b:d2:1e:5c:37:75:e2:a6:97:de:d3: 1b:b4:76:74:91:48:29:5a:ed:9b:8c:2b:e4:5a:80: 27:27:9e:b6:2e:0c:cd:bf:21:7c:53:6e:24:80:2f: cb:31:68:71:e3:0e:3a:44:0b:a0:64:cd:5c:99:26: a3:fb:31:f3:47:f7:fd:34:38:f0:23:15:fa:d0:fd: eb:13:a8:ef:97:88:6c:b5:4e:cb:a7:76:ec:0d:3b: 06:e2:76:e9:ae:34:0f:6d:ca:3b:4a:79:09:00:4a: ec:fa:85:bd:21:ce:5b:f9:0f:ee:14:67:79:53:d6: 5c:e3:26:4c:3c:9c:9d:e8:e4:28:3e:3e:be:ba:9d: 0a:95:f6:c4:99:ad:fa:26:86:1f:13:7c:21:32:79: fb:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:38:DA:7A:1C:2A:A5:D2:99:B2:CE:C9:90:DE:20:E2:69:49:A6:F5 X509v3 Authority Key Identifier: keyid:42:4A:B8:C7:CF:74:03:B5:62:0A:1B:81:3E:6A:D1:DA:0D:AC:B4:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qkq4x890A7ViChuBPmrR2g2stE0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3b3215-5721-4345-841b-2ad9308f1f6c/1/Qkq4x890A7ViChuBPmrR2g2stE0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:31:b2:cb:c1:25:5e:ac:f9:81:d5:93:89:1c:d2:c7:32:3f: 77:14:fb:a4:5d:c7:9e:e8:7b:4f:33:87:e3:20:49:af:6a:85: 2d:04:c0:c3:c0:a4:b1:d0:97:cf:33:07:22:04:9a:e1:e0:bf: 74:85:79:bf:09:69:33:00:c9:0a:b0:8d:5b:1f:16:1b:bc:3c: 8b:8c:8b:98:70:b9:87:41:8e:f8:95:47:89:62:a1:2f:cc:4a: d4:7a:14:35:08:b1:9d:37:fa:3f:e0:95:21:38:aa:37:f9:c6: 4e:23:11:08:29:6e:53:1a:76:09:53:be:03:37:6a:bf:28:bd: dc:55:eb:00:50:2c:b1:87:6e:4f:87:06:4f:dd:ba:e7:a7:56: 1c:d4:7f:ed:12:c2:9a:f4:6f:30:10:a5:fb:c3:61:c3:62:5a: 88:de:85:06:ab:cc:9f:c6:33:86:2e:89:e4:28:0e:9c:7b:b5: 5c:d0:66:a2:ab:8c:66:5c:b6:e4:c7:ff:cd:4c:d7:02:92:84: 30:81:d1:c8:7b:2e:06:98:d5:94:32:fe:a8:7a:7d:fb:e4:fc: 98:55:cd:61:66:17:a6:66:f5:94:13:1c:e8:56:fe:da:95:41: c0:03:3e:6d:9d:ff:5d:c2:d4:66:7e:32:8b:29:23:dd:78:44: ab:26:20:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f68CMmuos+iHg0g85a53MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyNGFiOGM3Y2Y3NDAzYjU2MjBhMWI4MTNlNmFkMWRhMGRh Y2I0NGQwHhcNMjUxMjIwMTYwMjM5WhcNMjUxMjIxMTYwMjM5WjAzMTEwLwYDVQQD Eyg5ODM4ZGE3YTFjMmFhNWQyOTliMmNlYzk5MGRlMjBlMjY5NDlhNmY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssrIK9qOSOMl5lakfM2+XcWuJTnt aQpiD0jnvqmNdkCKX0DECQANww+1l5FfejtnSiQmmNcIlvIU6tGZPReRN4/Vmng/ 5EiJpntZ9kWTMklt4+XzcSBaNPqCyIu5oNo9XkCwpK5Ks7V8RzJVa9IeXDd14qaX 3tMbtHZ0kUgpWu2bjCvkWoAnJ562LgzNvyF8U24kgC/LMWhx4w46RAugZM1cmSaj +zHzR/f9NDjwIxX60P3rE6jvl4hstU7Lp3bsDTsG4nbprjQPbco7SnkJAErs+oW9 Ic5b+Q/uFGd5U9Zc4yZMPJyd6OQoPj6+up0KlfbEma36JoYfE3whMnn7rQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJg42nocKqXSmbLOyZDeIOJpSab1MB8GA1UdIwQY MBaAFEJKuMfPdAO1YgobgT5q0doNrLRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWIt MmFkOTMwOGYxZjZjLzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8zYjMyMTUtNTcyMS00MzQ1LTg0MWItMmFkOTMwOGYxZjZj LzEvUWtxNHg4OTBBN1ZpQ2h1QlBtclIyZzJzdEUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEDGyy8El Xqz5gdWTiRzSxzI/dxT7pF3Hnuh7TzOH4yBJr2qFLQTAw8CksdCXzzMHIgSa4eC/ dIV5vwlpMwDJCrCNWx8WG7w8i4yLmHC5h0GO+JVHiWKhL8xK1HoUNQixnTf6P+CV ITiqN/nGTiMRCCluUxp2CVO+Azdqvyi93FXrAFAssYduT4cGT92656dWHNR/7RLC mvRvMBCl+8Nhw2JaiN6FBqvMn8Yzhi6J5CgOnHu1XNBmoquMZly25Mf/zUzXApKE MIHRyHsuBpjVlDL+qHp9++T8mFXNYWYXpmb1lBMc6Fb+2pVBwAM+bZ3/XcLUZn4y iykj3XhEqyYgoA== -----END CERTIFICATE-----Generated at Sat Dec 20 19:27:05 2025 by rpki-client