This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft File: QxfdFbYr3XESWZuBQjNg7uegEpY.mft (raw, json) Hash identifier: wewUlI3glOv8ss/RwJXoMERp81yRZke6bdflGg1Dp8w= Subject key identifier: 84:9F:4B:2E:0D:6A:0E:E7:23:6C:FC:42:97:EB:3A:7E:6B:C1:25:33 Authority key identifier: 43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96 Certificate issuer: /CN=4317dd15b62bdd7112599b81423360eee7a01296 Certificate serial: 019B4D04085C86717AC4142C16C5904A7258 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft Manifest number: 08F6 Signing time: Tue 23 Dec 2025 21:01:08 +0000 Manifest this update: Tue 23 Dec 2025 21:01:08 +0000 Manifest next update: Wed 24 Dec 2025 21:01:08 +0000 Files and hashes: 1: DRGQu6VcNUxgbC-i_8UH42qgDUM.roa (hash: Tkt8CjSKbVkubPBErWJwsPegnkm3xx4+YfHW6WMiPHA=) 2: QxfdFbYr3XESWZuBQjNg7uegEpY.crl (hash: nZn//eOAIIe8DfWEbqvRyBYaCLaWMUPpVScDkn7dBoE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:04:08:5c:86:71:7a:c4:14:2c:16:c5:90:4a:72:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4317dd15b62bdd7112599b81423360eee7a01296 Validity Not Before: Dec 23 21:01:08 2025 GMT Not After : Dec 24 21:01:08 2025 GMT Subject: CN=849f4b2e0d6a0ee7236cfc4297eb3a7e6bc12533 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:06:85:d3:09:94:d4:8a:28:65:5f:3b:37:e1: 95:f2:37:c9:6a:01:ca:e0:3c:20:fd:1e:88:9d:a1: 8c:98:5c:43:a9:8b:ab:a2:bc:20:f3:20:1b:ee:cc: 9b:ab:db:81:aa:dc:45:d7:24:6a:a1:1e:a1:0e:b4: c5:b2:62:e4:5b:54:38:24:17:33:c0:cb:5d:5f:c8: 3f:60:75:65:04:6b:fb:84:ef:39:91:84:7e:c9:0c: 42:67:ae:0a:2e:d3:06:b3:3e:e1:c3:f8:cd:86:08: 52:35:6c:82:2d:a5:b1:77:e5:dc:70:75:75:3e:4c: da:ac:7e:e4:f5:e3:51:0c:6a:39:7e:ac:dc:37:29: a1:45:35:33:33:f3:6e:b1:f2:87:58:8e:4d:cc:a5: f8:5f:ca:07:c2:ff:11:c2:11:5f:50:85:7a:ee:69: 1a:92:06:3a:3f:d0:d8:3c:f3:2b:30:80:3d:49:5f: 4f:81:3b:9f:bb:ad:85:80:a0:2e:4e:bc:f6:25:b1: d6:cd:46:6f:27:63:e2:d4:d9:d5:fb:11:fc:39:48: ee:1f:7e:1e:43:19:da:dd:80:c5:d9:09:b0:55:08: bc:ff:8e:09:3c:9f:1e:17:99:27:08:13:5c:0c:02: 54:7f:a0:11:55:74:96:11:43:6a:f1:f1:c1:8d:d6: 69:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:9F:4B:2E:0D:6A:0E:E7:23:6C:FC:42:97:EB:3A:7E:6B:C1:25:33 X509v3 Authority Key Identifier: keyid:43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:75:d8:c5:41:0a:16:3a:b2:50:ed:5b:1d:4c:e0:24:fd:6c: 3a:af:d7:7e:f5:41:cf:46:95:86:c0:c9:9a:7d:64:8e:f7:b1: f6:3c:b9:63:76:2c:eb:72:91:7d:3d:9f:c9:88:5b:4a:25:dd: d3:4f:2b:fa:4e:48:24:ba:d4:5a:2e:c1:e7:c0:c0:b5:6a:2f: a9:71:a3:ec:cc:ac:7f:87:44:ab:d9:30:f7:de:05:00:d2:b1: bd:d1:d4:5e:9d:15:d4:3d:76:98:c9:a9:34:68:1f:0a:c5:b9: 58:37:a8:7a:33:c3:55:ca:96:36:ec:5b:6f:e2:0e:59:71:10: e4:5b:37:25:7b:13:33:cb:dd:26:aa:90:79:77:27:1d:ae:f0: 07:1d:36:08:25:ee:ae:9a:bb:5f:ad:f6:65:ac:bb:4e:f8:52: 15:14:71:37:f9:54:c7:33:70:90:39:35:97:2b:dc:01:14:c6: 33:59:99:45:d8:73:47:d7:5c:f8:69:ee:c5:03:f8:85:58:9a: 49:1a:84:19:3f:94:01:9f:aa:48:98:58:c3:75:1c:ae:42:26: 31:6b:a6:fb:f0:3c:02:dd:a6:47:c9:e1:ef:df:26:df:06:9a: e7:a9:39:5b:ae:f7:b5:8a:35:48:19:8c:27:f0:db:84:b4:fc: 17:b8:76:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtNBAhchnF6xBQsFsWQSnJYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzMTdkZDE1YjYyYmRkNzExMjU5OWI4MTQyMzM2MGVlZTdh MDEyOTYwHhcNMjUxMjIzMjEwMTA4WhcNMjUxMjI0MjEwMTA4WjAzMTEwLwYDVQQD Eyg4NDlmNGIyZTBkNmEwZWU3MjM2Y2ZjNDI5N2ViM2E3ZTZiYzEyNTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswaF0wmU1IooZV87N+GV8jfJagHK 4Dwg/R6InaGMmFxDqYurorwg8yAb7sybq9uBqtxF1yRqoR6hDrTFsmLkW1Q4JBcz wMtdX8g/YHVlBGv7hO85kYR+yQxCZ64KLtMGsz7hw/jNhghSNWyCLaWxd+XccHV1 PkzarH7k9eNRDGo5fqzcNymhRTUzM/NusfKHWI5NzKX4X8oHwv8RwhFfUIV67mka kgY6P9DYPPMrMIA9SV9PgTufu62FgKAuTrz2JbHWzUZvJ2Pi1NnV+xH8OUjuH34e Qxna3YDF2QmwVQi8/44JPJ8eF5knCBNcDAJUf6ARVXSWEUNq8fHBjdZpPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFISfSy4Nag7nI2z8QpfrOn5rwSUzMB8GA1UdIwQY MBaAFEMX3RW2K91xElmbgUIzYO7noBKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMt NmI5NTUwMGRhMjNiLzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMtNmI5NTUwMGRhMjNi LzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgXXYxUEK FjqyUO1bHUzgJP1sOq/XfvVBz0aVhsDJmn1kjvex9jy5Y3Ys63KRfT2fyYhbSiXd 008r+k5IJLrUWi7B58DAtWovqXGj7Mysf4dEq9kw994FANKxvdHUXp0V1D12mMmp NGgfCsW5WDeoejPDVcqWNuxbb+IOWXEQ5Fs3JXsTM8vdJqqQeXcnHa7wBx02CCXu rpq7X632Zay7TvhSFRRxN/lUxzNwkDk1lyvcARTGM1mZRdhzR9dc+GnuxQP4hVia SRqEGT+UAZ+qSJhYw3UcrkImMWum+/A8At2mR8nh798m3waa56k5W673tYo1SBmM J/DbhLT8F7h2xA== -----END CERTIFICATE-----Generated at Wed Dec 24 00:14:49 2025 by rpki-client