This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft File: qsqNwMC5IbCJ8WAmGORVN5enR0I.mft (raw, json) Hash identifier: WS3TJknFyXZacyZIe5ACs2BCJJ54JBWU+pxD8BmE4ZU= Subject key identifier: 7C:CA:87:E4:51:6B:F2:70:86:E6:B0:B7:06:9B:81:AF:93:73:09:E3 Authority key identifier: AA:CA:8D:C0:C0:B9:21:B0:89:F1:60:26:18:E4:55:37:97:A7:47:42 Certificate issuer: /CN=aaca8dc0c0b921b089f1602618e4553797a74742 Certificate serial: 019B3EDAEF2CA9B2C592D0B0415ED1BD6798 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft Manifest number: 032C Signing time: Sun 21 Dec 2025 03:01:34 +0000 Manifest this update: Sun 21 Dec 2025 03:01:34 +0000 Manifest next update: Mon 22 Dec 2025 03:01:34 +0000 Files and hashes: 1: 0TAMfzKO6y7wTDVfhrp7A0vqejU.roa (hash: 3Yzu9IXvscc/7fQLVXNg8nKXbm7Wf5jZKKVCSByaB5U=) 2: qsqNwMC5IbCJ8WAmGORVN5enR0I.crl (hash: EgyMLY4248m+B7bNS++f0ErnMFOUzpNq3v1sn/fAFWk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.crl rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 03:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:ef:2c:a9:b2:c5:92:d0:b0:41:5e:d1:bd:67:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aaca8dc0c0b921b089f1602618e4553797a74742 Validity Not Before: Dec 21 03:01:34 2025 GMT Not After : Dec 22 03:01:34 2025 GMT Subject: CN=7cca87e4516bf27086e6b0b7069b81af937309e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:f6:5a:aa:0b:a4:41:6c:df:1a:1f:d6:1c:b8: ed:cc:ef:fa:25:81:27:3c:f1:72:6e:d1:e5:9c:34: e1:bc:12:14:32:db:b7:7f:4e:19:ef:6a:3c:41:3b: 4d:a6:9c:d7:e3:7e:7c:ce:c7:4a:d4:22:71:fd:45: a8:29:b1:72:fe:3a:dc:b9:98:01:16:1a:96:49:cc: 62:d6:ce:e6:63:8d:53:94:73:3a:35:c7:e4:c4:33: b5:c2:bf:36:4a:fe:ff:e7:e9:26:f9:ac:47:6f:b4: e4:0c:b4:03:5c:bc:ae:b5:89:a9:ab:97:e5:f4:ba: 20:f6:be:6b:d0:9d:8b:37:e8:d8:1b:e9:ae:6c:d0: 27:3d:1f:c0:8c:1c:88:d6:28:1f:7d:d7:66:cd:af: 45:ef:ae:f5:fe:ab:ab:0e:d4:1a:76:39:51:7c:ff: 04:63:fe:6f:86:9f:cd:15:de:25:0a:9c:b1:d3:a2: e0:9c:c0:9a:3d:88:16:10:62:ab:13:9b:6e:53:70: c9:43:b1:e3:5a:c9:54:0f:4b:05:36:39:e2:f9:0d: b8:13:b6:b6:00:07:a4:2e:90:a5:ea:cb:57:6e:96: f2:0d:95:f3:9f:83:d4:92:be:9f:eb:09:ab:79:d5: 5f:3c:e0:5a:d9:dd:65:55:14:dd:9b:d0:f7:7f:79: f3:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:CA:87:E4:51:6B:F2:70:86:E6:B0:B7:06:9B:81:AF:93:73:09:E3 X509v3 Authority Key Identifier: keyid:AA:CA:8D:C0:C0:B9:21:B0:89:F1:60:26:18:E4:55:37:97:A7:47:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsqNwMC5IbCJ8WAmGORVN5enR0I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/eb31db-e654-491e-a141-91d50738d1e8/1/qsqNwMC5IbCJ8WAmGORVN5enR0I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:83:d6:d6:b8:a6:db:e8:3e:4b:df:7b:7d:41:cf:d5:41:15: b1:3b:0b:ea:4b:eb:27:92:05:c8:13:8d:d0:0c:0f:76:27:37: 30:64:d6:dc:19:4c:36:1c:20:e9:f5:d9:fd:14:92:30:4c:4b: 91:9f:24:95:a2:ff:1f:3a:0a:08:e0:7c:4e:85:3f:8e:37:e6: 17:22:21:77:2a:1f:fb:58:9d:e8:73:b3:1c:6d:3d:d5:5d:28: c2:a4:04:3e:a0:17:46:28:35:9d:dc:93:51:84:f7:95:af:72: 85:20:d3:8f:e2:42:70:62:e9:eb:4d:c2:e1:1b:e4:52:fc:d4: 07:3f:a3:e6:2e:e9:e9:48:b3:8a:7b:79:40:3b:1b:c6:1a:b7: d2:2f:96:bd:b6:4b:a9:d0:f9:66:38:5b:bb:ca:2d:49:e4:e2: ad:0c:49:e0:cc:93:05:ab:70:1b:2f:fa:cd:f7:1d:63:0a:86: b2:02:c3:ce:cf:b2:74:be:e4:11:9c:99:c5:40:51:19:98:cd: f7:34:6d:d0:ba:86:08:36:e4:7b:b9:f9:9c:2a:0c:f7:11:4a: 66:da:a9:c1:7d:16:64:8c:4d:b9:95:da:5d:02:ed:5d:f9:bf: a4:55:f3:cd:33:d9:0e:5c:79:99:08:4d:cb:0e:bd:ae:b6:8e: c0:41:8d:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2u8sqbLFktCwQV7RvWeYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhY2E4ZGMwYzBiOTIxYjA4OWYxNjAyNjE4ZTQ1NTM3OTdh NzQ3NDIwHhcNMjUxMjIxMDMwMTM0WhcNMjUxMjIyMDMwMTM0WjAzMTEwLwYDVQQD Eyg3Y2NhODdlNDUxNmJmMjcwODZlNmIwYjcwNjliODFhZjkzNzMwOWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfZaqgukQWzfGh/WHLjtzO/6JYEn PPFybtHlnDThvBIUMtu3f04Z72o8QTtNppzX4358zsdK1CJx/UWoKbFy/jrcuZgB FhqWScxi1s7mY41TlHM6NcfkxDO1wr82Sv7/5+km+axHb7TkDLQDXLyutYmpq5fl 9Log9r5r0J2LN+jYG+mubNAnPR/AjByI1igffddmza9F7671/qurDtQadjlRfP8E Y/5vhp/NFd4lCpyx06LgnMCaPYgWEGKrE5tuU3DJQ7HjWslUD0sFNjni+Q24E7a2 AAekLpCl6stXbpbyDZXzn4PUkr6f6wmredVfPOBa2d1lVRTdm9D3f3nzXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzKh+RRa/Jwhuawtwabga+TcwnjMB8GA1UdIwQY MBaAFKrKjcDAuSGwifFgJhjkVTeXp0dCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lYjMxZGItZTY1NC00OTFlLWExNDEt OTFkNTA3MzhkMWU4LzEvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9lYjMxZGItZTY1NC00OTFlLWExNDEtOTFkNTA3MzhkMWU4 LzEvcXNxTndNQzVJYkNKOFdBbUdPUlZONWVuUjBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAToPW1rim 2+g+S997fUHP1UEVsTsL6kvrJ5IFyBON0AwPdic3MGTW3BlMNhwg6fXZ/RSSMExL kZ8klaL/HzoKCOB8ToU/jjfmFyIhdyof+1id6HOzHG091V0owqQEPqAXRig1ndyT UYT3la9yhSDTj+JCcGLp603C4RvkUvzUBz+j5i7p6Uizint5QDsbxhq30i+WvbZL qdD5Zjhbu8otSeTirQxJ4MyTBatwGy/6zfcdYwqGsgLDzs+ydL7kEZyZxUBRGZjN 9zRt0LqGCDbke7n5nCoM9xFKZtqpwX0WZIxNuZXaXQLtXfm/pFXzzTPZDlx5mQhN yw69rraOwEGNlA== -----END CERTIFICATE-----Generated at Sun Dec 21 12:04:43 2025 by rpki-client