This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft File: Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft (raw, json) Hash identifier: 0mwN4ul75h3cR+0P9TmPvm9c+DT9shE3H8Jjf2ZIbKA= Subject key identifier: E8:F1:07:D7:85:40:20:1C:87:54:8C:A8:F5:39:1A:38:89:79:5A:8F Authority key identifier: 43:0E:09:49:DF:59:30:F6:B7:9E:FC:BD:9C:BA:17:4C:A2:13:F5:69 Certificate issuer: /CN=430e0949df5930f6b79efcbd9cba174ca213f569 Certificate serial: 019B3FED4F68AB1CD6ECF2065D6996F62C62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft Manifest number: 171D Signing time: Sun 21 Dec 2025 08:01:15 +0000 Manifest this update: Sun 21 Dec 2025 08:01:15 +0000 Manifest next update: Mon 22 Dec 2025 08:01:15 +0000 Files and hashes: 1: B2zXHYwEq1mSDhRzWM21ZLKQRZ0.roa (hash: P+0tfOZ2RaLt/nUPuFjZ/CAtJcAtybwXEXHcIsSIUm4=) 2: Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl (hash: SDMBoMM9HVYVUfvjwrtxfmFAIfDML3nboXZIuQlVcvU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ed:4f:68:ab:1c:d6:ec:f2:06:5d:69:96:f6:2c:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=430e0949df5930f6b79efcbd9cba174ca213f569 Validity Not Before: Dec 21 08:01:15 2025 GMT Not After : Dec 22 08:01:15 2025 GMT Subject: CN=e8f107d78540201c87548ca8f5391a3889795a8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:27:98:04:80:e8:c8:f3:be:5b:7d:59:8b:51: 1d:f1:c8:d1:06:a2:c0:f9:a9:5d:5a:6d:76:43:f6: 4b:49:d0:5d:c0:52:b6:10:a9:e1:1a:57:aa:60:8c: 1d:05:be:98:1e:c8:ab:2d:5b:df:0d:08:ac:85:56: f5:08:a1:b4:f6:59:a8:eb:4a:06:cc:3d:99:85:6d: 9d:7e:a9:18:5b:8e:a2:34:69:78:e7:1e:48:1b:c0: 30:fd:a0:8b:34:a5:de:e3:68:0b:6d:d2:26:62:da: f0:ed:31:63:4a:ff:b8:e6:13:92:1b:e3:7d:89:93: 68:46:b8:8f:5c:71:52:7e:0f:c8:bf:bf:02:8c:e9: 16:d2:77:42:62:a0:5c:28:8b:3f:8a:25:13:db:65: 11:64:cf:6e:1f:27:20:27:92:45:d1:ba:82:e0:0f: 9e:d5:3b:9e:c9:b3:e3:17:10:74:dd:ab:4a:18:35: 40:62:53:1e:c0:b4:86:41:e4:82:97:c3:77:31:d8: 6e:ab:bb:6c:ba:02:6c:07:c0:77:ee:30:20:4e:2f: d4:ee:d7:db:db:90:4f:15:d9:7c:38:49:05:60:f3: 01:0c:84:58:06:62:08:c5:28:09:89:a2:52:be:3b: c6:09:89:39:16:81:b3:57:c1:0e:dd:ff:fc:94:02: 0c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:F1:07:D7:85:40:20:1C:87:54:8C:A8:F5:39:1A:38:89:79:5A:8F X509v3 Authority Key Identifier: keyid:43:0E:09:49:DF:59:30:F6:B7:9E:FC:BD:9C:BA:17:4C:A2:13:F5:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/52a97f-2ad6-4059-8646-0686160a7e68/1/Qw4JSd9ZMPa3nvy9nLoXTKIT9Wk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:09:9c:da:c9:d2:14:87:2a:6f:0e:f5:61:e6:c3:09:5d:44: 30:1c:f2:f3:d7:e3:27:de:5b:cd:c4:14:50:94:1b:3e:78:b1: 2a:ec:d1:40:94:b9:97:e3:19:d3:06:d6:ee:3d:0c:1b:bb:d5: cf:a8:cd:31:8c:97:be:7d:0e:22:61:e2:a8:fd:01:45:e7:c9: 00:65:d3:f8:1b:da:d9:68:39:d6:9d:d2:96:d4:dc:91:72:89: 62:ba:cd:10:6a:50:84:70:d3:d7:91:92:29:2f:bb:6b:ca:c5: 04:83:a8:12:a4:8d:6e:c6:35:96:69:e8:32:cf:98:02:eb:e5: 28:bb:62:c8:d9:5d:4e:79:65:3c:31:7f:10:e5:9a:f3:f1:f8: d9:d4:7d:d1:bc:a7:bd:d2:ce:29:0e:30:ad:2e:41:58:6a:91: de:c4:7b:34:20:9e:3e:3d:ad:be:0d:7f:48:95:25:84:eb:80: b7:3f:b6:62:59:92:d8:5b:ce:d3:0f:93:73:7c:4b:8f:5e:9d: 9a:43:bd:13:9b:be:2d:38:6e:70:29:4b:af:24:ba:ba:af:23: 6d:35:2b:67:e8:9e:46:76:3f:09:53:af:6e:7c:79:4b:5a:a3: dc:67:8a:04:40:31:3b:65:11:65:ac:c0:f6:2f:4e:01:df:e9: 66:82:f6:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7U9oqxzW7PIGXWmW9ixiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzMGUwOTQ5ZGY1OTMwZjZiNzllZmNiZDljYmExNzRjYTIx M2Y1NjkwHhcNMjUxMjIxMDgwMTE1WhcNMjUxMjIyMDgwMTE1WjAzMTEwLwYDVQQD EyhlOGYxMDdkNzg1NDAyMDFjODc1NDhjYThmNTM5MWEzODg5Nzk1YThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmieYBIDoyPO+W31Zi1Ed8cjRBqLA +aldWm12Q/ZLSdBdwFK2EKnhGleqYIwdBb6YHsirLVvfDQishVb1CKG09lmo60oG zD2ZhW2dfqkYW46iNGl45x5IG8Aw/aCLNKXe42gLbdImYtrw7TFjSv+45hOSG+N9 iZNoRriPXHFSfg/Iv78CjOkW0ndCYqBcKIs/iiUT22URZM9uHycgJ5JF0bqC4A+e 1TueybPjFxB03atKGDVAYlMewLSGQeSCl8N3Mdhuq7tsugJsB8B37jAgTi/U7tfb 25BPFdl8OEkFYPMBDIRYBmIIxSgJiaJSvjvGCYk5FoGzV8EO3f/8lAIMUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOjxB9eFQCAch1SMqPU5GjiJeVqPMB8GA1UdIwQY MBaAFEMOCUnfWTD2t578vZy6F0yiE/VpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81MmE5N2YtMmFkNi00MDU5LTg2NDYt MDY4NjE2MGE3ZTY4LzEvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC81MmE5N2YtMmFkNi00MDU5LTg2NDYtMDY4NjE2MGE3ZTY4 LzEvUXc0SlNkOVpNUGEzbnZ5OW5Mb1hUS0lUOVdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkAmc2snS FIcqbw71YebDCV1EMBzy89fjJ95bzcQUUJQbPnixKuzRQJS5l+MZ0wbW7j0MG7vV z6jNMYyXvn0OImHiqP0BRefJAGXT+Bva2Wg51p3SltTckXKJYrrNEGpQhHDT15GS KS+7a8rFBIOoEqSNbsY1lmnoMs+YAuvlKLtiyNldTnllPDF/EOWa8/H42dR90byn vdLOKQ4wrS5BWGqR3sR7NCCePj2tvg1/SJUlhOuAtz+2YlmS2FvO0w+Tc3xLj16d mkO9E5u+LThucClLryS6uq8jbTUrZ+ieRnY/CVOvbnx5S1qj3GeKBEAxO2URZazA 9i9OAd/pZoL2aQ== -----END CERTIFICATE-----Generated at Sun Dec 21 11:25:00 2025 by rpki-client