This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft File: QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json) Hash identifier: Y02mi4R9MW4bflv+IREXNfDQUB72xdYMEt6744JGDWI= Subject key identifier: 0B:77:27:6D:E7:9A:29:DF:0A:D4:DA:5E:D7:02:C7:2E:30:89:B8:20 Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99 Certificate issuer: /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99 Certificate serial: 019B30437519531237AEBB8A5F35776EF14F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft Manifest number: 1626 Signing time: Thu 18 Dec 2025 07:01:25 +0000 Manifest this update: Thu 18 Dec 2025 07:01:25 +0000 Manifest next update: Fri 19 Dec 2025 07:01:25 +0000 Files and hashes: 1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: AS/ucL6zo3OBVnyrFu1BZRaZixamFM4GO6gBYBORXu8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:43:75:19:53:12:37:ae:bb:8a:5f:35:77:6e:f1:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99 Validity Not Before: Dec 18 07:01:25 2025 GMT Not After : Dec 19 07:01:25 2025 GMT Subject: CN=0b77276de79a29df0ad4da5ed702c72e3089b820 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:cc:61:d9:a3:84:76:5c:dc:af:e2:18:f5:bd: 26:ef:40:f0:13:ca:6c:63:50:ca:de:49:c8:aa:1a: b4:16:28:7e:17:82:4a:ff:2c:50:1b:ab:ca:8d:eb: 73:c9:93:b0:18:37:4b:1c:8f:fb:2e:52:90:51:42: d0:17:3a:52:bb:5b:59:f4:82:18:5f:a2:97:9d:24: 87:54:af:cd:7c:7a:ce:6f:7d:bd:cc:9f:f5:34:02: b0:92:6b:ed:f1:9c:ac:ed:2b:7b:2f:7b:53:77:45: 95:69:49:0a:09:ed:b2:f4:95:43:c1:2b:93:b8:b6: 0e:83:1f:7b:15:31:c8:9b:23:f7:7e:10:f3:55:d2: d1:71:64:64:1b:0f:aa:25:95:4f:ce:82:7d:cf:f5: f5:4f:66:46:90:1a:c7:f3:ba:d6:2c:44:5c:7c:6f: e1:b4:a0:10:b7:60:97:ad:08:35:ce:f0:ef:06:ff: b1:00:ae:68:d0:f5:1d:b9:c4:1b:b5:a0:59:cb:44: 95:bb:1d:de:8f:7e:22:f3:64:bf:41:c8:d1:56:75: 1e:b0:5f:d7:23:e7:e6:4f:6e:90:0e:8a:b4:cf:e6: f4:8d:cf:5a:54:08:fe:45:d0:11:1d:20:96:b1:07: b8:d3:ef:1f:aa:08:01:04:22:37:b1:a0:8e:64:5f: af:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:77:27:6D:E7:9A:29:DF:0A:D4:DA:5E:D7:02:C7:2E:30:89:B8:20 X509v3 Authority Key Identifier: keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:21:56:95:e7:c5:d5:01:dd:d4:cc:dd:49:c9:f7:b1:29:a2: af:5c:3a:b4:b5:ee:5e:0b:c8:b8:b4:84:3d:d2:61:f2:d5:f3: 99:e7:3a:b3:d0:50:fc:3d:c7:c5:da:96:df:11:db:85:da:a8: 78:a5:c9:b3:4d:9f:00:0a:1e:2e:f6:12:13:09:23:bc:d5:4a: 20:7e:38:97:b3:89:95:70:87:94:52:b3:9d:f4:86:52:ad:a0: 4f:88:5a:73:a1:d8:bc:a8:7c:6a:90:8f:8e:81:01:91:2b:29: 80:cd:b4:9c:6f:8a:07:43:71:3f:6a:86:40:43:73:da:79:8e: c7:8a:75:20:1c:57:aa:d5:24:36:86:86:ff:02:ce:44:80:8c: ca:72:5a:cb:e8:2b:91:b5:19:68:6a:e0:35:50:84:38:31:bc: 93:91:c4:25:86:8b:a1:30:fc:a7:6b:a0:86:d2:48:58:6e:ad: 41:2d:a4:96:0f:ad:e4:f8:63:cf:21:08:c3:43:9e:24:81:dd: d4:92:d3:8f:d6:84:a1:f3:cb:50:d9:01:a7:9b:d6:c2:5d:f0: 7d:2e:bf:c3:ea:b2:9f:bf:d9:f1:03:f3:6c:5e:80:c5:da:53: 96:72:bd:ae:91:59:26:c0:c7:cf:e1:b7:32:49:0f:c3:98:fd: 02:f9:98:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswQ3UZUxI3rruKXzV3bvFPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk NGRlOTkwHhcNMjUxMjE4MDcwMTI1WhcNMjUxMjE5MDcwMTI1WjAzMTEwLwYDVQQD EygwYjc3Mjc2ZGU3OWEyOWRmMGFkNGRhNWVkNzAyYzcyZTMwODliODIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncxh2aOEdlzcr+IY9b0m70DwE8ps Y1DK3knIqhq0Fih+F4JK/yxQG6vKjetzyZOwGDdLHI/7LlKQUULQFzpSu1tZ9IIY X6KXnSSHVK/NfHrOb329zJ/1NAKwkmvt8Zys7St7L3tTd0WVaUkKCe2y9JVDwSuT uLYOgx97FTHImyP3fhDzVdLRcWRkGw+qJZVPzoJ9z/X1T2ZGkBrH87rWLERcfG/h tKAQt2CXrQg1zvDvBv+xAK5o0PUducQbtaBZy0SVux3ej34i82S/QcjRVnUesF/X I+fmT26QDoq0z+b0jc9aVAj+RdARHSCWsQe40+8fqggBBCI3saCOZF+vmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAt3J23nminfCtTaXtcCxy4wibggMB8GA1UdIwQY MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjyFWlefF 1QHd1MzdScn3sSmir1w6tLXuXgvIuLSEPdJh8tXzmec6s9BQ/D3HxdqW3xHbhdqo eKXJs02fAAoeLvYSEwkjvNVKIH44l7OJlXCHlFKznfSGUq2gT4hac6HYvKh8apCP joEBkSspgM20nG+KB0NxP2qGQENz2nmOx4p1IBxXqtUkNoaG/wLORICMynJay+gr kbUZaGrgNVCEODG8k5HEJYaLoTD8p2ughtJIWG6tQS2klg+t5PhjzyEIw0OeJIHd 1JLTj9aEofPLUNkBp5vWwl3wfS6/w+qyn7/Z8QPzbF6AxdpTlnK9rpFZJsDHz+G3 MkkPw5j9AvmYng== -----END CERTIFICATE-----Generated at Thu Dec 18 11:52:47 2025 by rpki-client