This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft File: QTKoayl3h-SMVXBZMe05NR-EFxo.mft (raw, json) Hash identifier: 1lJY5X4/dWpakr8M+PlQG4em84Dr3793LU24tqsTgVE= Subject key identifier: 66:B8:83:38:A2:26:40:F6:8D:A0:C5:78:48:2A:1D:6D:B1:FF:53:5D Authority key identifier: 41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A Certificate issuer: /CN=4132a86b297787e48c55705931ed39351f84171a Certificate serial: 019B801573D5B76D601B89EE3141613B59EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft Manifest number: 1191 Signing time: Fri 02 Jan 2026 19:00:47 +0000 Manifest this update: Fri 02 Jan 2026 19:00:47 +0000 Manifest next update: Sat 03 Jan 2026 19:00:47 +0000 Files and hashes: 1: QTKoayl3h-SMVXBZMe05NR-EFxo.crl (hash: YSaSHmCC5oC/XRYJgIXRq1w3kL+bawxkeFuuOmYm4bs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:80:15:73:d5:b7:6d:60:1b:89:ee:31:41:61:3b:59:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4132a86b297787e48c55705931ed39351f84171a Validity Not Before: Jan 2 19:00:47 2026 GMT Not After : Jan 3 19:00:47 2026 GMT Subject: CN=66b88338a22640f68da0c578482a1d6db1ff535d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:8b:13:b1:c2:0c:2d:c2:39:cf:73:0b:fb:bf: 86:d1:c4:ba:e8:e4:24:49:35:c3:0a:ab:6b:76:9c: 12:e6:83:36:fc:86:73:5b:f5:42:88:f2:7d:7e:fe: 55:ce:a3:cf:c8:60:49:01:97:1d:29:fe:06:f3:e6: d6:72:d0:62:78:99:c1:d3:46:93:40:81:8d:80:7a: 36:56:6b:92:96:e6:b0:4c:eb:10:e0:db:c0:0a:f5: 55:83:f9:bc:17:53:4c:ae:a5:91:f9:40:c7:1d:48: fb:c5:7e:39:83:fe:de:27:00:2a:6c:f1:e6:bd:9f: 9b:37:b1:49:84:fe:22:a0:5e:dc:8c:66:2b:fd:25: c0:a6:8c:91:9b:37:f7:af:a5:c7:bf:a7:64:e2:a7: 96:21:1c:90:b0:d0:5a:30:dd:87:0a:e4:a2:8f:21: a0:35:89:53:86:3f:89:11:13:39:01:c4:11:08:59: 4f:c8:0f:ce:54:4d:97:6c:95:18:ff:ea:9a:8d:7d: 3a:a9:f8:0b:5f:6e:dc:3e:d4:06:1c:b9:a7:21:9c: 80:84:61:d7:47:10:08:de:69:63:cf:e1:7b:ba:1c: 74:08:9d:6b:c0:92:4c:5f:d1:92:41:4f:8b:4a:f6: 7c:8b:66:27:97:ca:1d:79:b9:d6:f3:9b:89:65:44: aa:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:B8:83:38:A2:26:40:F6:8D:A0:C5:78:48:2A:1D:6D:B1:FF:53:5D X509v3 Authority Key Identifier: keyid:41:32:A8:6B:29:77:87:E4:8C:55:70:59:31:ED:39:35:1F:84:17:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTKoayl3h-SMVXBZMe05NR-EFxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/878e7c-34f5-47cb-a7e1-8042d6f4bef1/1/QTKoayl3h-SMVXBZMe05NR-EFxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:79:0c:6b:62:2b:79:24:8f:32:a0:67:a1:11:04:10:08:95: ca:9b:4b:9e:b7:26:d5:c6:95:1f:76:6a:58:09:c7:f2:ba:39: 6a:74:2e:ed:1a:68:24:61:a1:c5:79:33:b3:76:15:da:d5:b8: f8:b8:72:95:25:45:62:d0:a4:88:47:f6:db:0b:bf:c9:ff:16: 2c:4c:7f:3e:0e:a6:aa:52:d2:25:4c:a8:f4:59:fa:8c:28:b9: 1f:58:c9:60:9b:b1:7f:92:49:da:1f:d5:bb:5b:f5:51:58:bc: b8:c0:bc:0f:2b:c5:38:20:3b:69:ea:14:eb:77:f1:70:97:80: 61:d4:f9:74:d1:6b:7a:a4:60:33:08:53:e2:6d:1b:8b:f7:ec: d8:64:13:ee:a3:fd:2a:47:16:b1:15:03:40:2f:cb:22:95:fc: 93:e9:90:4f:ae:ce:ec:28:e3:79:a2:f9:9a:50:56:15:91:1a: 58:1d:ec:96:57:b6:34:c5:8e:e7:90:5c:c6:b4:df:ec:b7:6a: 30:5c:4e:a4:ee:50:6a:5e:fc:57:f7:53:d8:f7:3a:20:a7:c1: 6b:d5:36:16:0c:de:a8:92:e4:4c:d8:46:30:b1:ef:b2:23:0d: 5f:23:48:89:f2:d0:12:0f:fe:1d:77:01:67:6e:6e:6a:8f:4b: 60:c7:9f:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuAFXPVt21gG4nuMUFhO1nuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMzJhODZiMjk3Nzg3ZTQ4YzU1NzA1OTMxZWQzOTM1MWY4 NDE3MWEwHhcNMjYwMTAyMTkwMDQ3WhcNMjYwMTAzMTkwMDQ3WjAzMTEwLwYDVQQD Eyg2NmI4ODMzOGEyMjY0MGY2OGRhMGM1Nzg0ODJhMWQ2ZGIxZmY1MzVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4sTscIMLcI5z3ML+7+G0cS66OQk STXDCqtrdpwS5oM2/IZzW/VCiPJ9fv5VzqPPyGBJAZcdKf4G8+bWctBieJnB00aT QIGNgHo2VmuSluawTOsQ4NvACvVVg/m8F1NMrqWR+UDHHUj7xX45g/7eJwAqbPHm vZ+bN7FJhP4ioF7cjGYr/SXApoyRmzf3r6XHv6dk4qeWIRyQsNBaMN2HCuSijyGg NYlThj+JERM5AcQRCFlPyA/OVE2XbJUY/+qajX06qfgLX27cPtQGHLmnIZyAhGHX RxAI3mljz+F7uhx0CJ1rwJJMX9GSQU+LSvZ8i2Ynl8odebnW85uJZUSqgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGa4gziiJkD2jaDFeEgqHW2x/1NdMB8GA1UdIwQY MBaAFEEyqGspd4fkjFVwWTHtOTUfhBcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEt ODA0MmQ2ZjRiZWYxLzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi84NzhlN2MtMzRmNS00N2NiLWE3ZTEtODA0MmQ2ZjRiZWYx LzEvUVRLb2F5bDNoLVNNVlhCWk1lMDVOUi1FRnhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcXkMa2Ir eSSPMqBnoREEEAiVyptLnrcm1caVH3ZqWAnH8ro5anQu7RpoJGGhxXkzs3YV2tW4 +LhylSVFYtCkiEf22wu/yf8WLEx/Pg6mqlLSJUyo9Fn6jCi5H1jJYJuxf5JJ2h/V u1v1UVi8uMC8DyvFOCA7aeoU63fxcJeAYdT5dNFreqRgMwhT4m0bi/fs2GQT7qP9 KkcWsRUDQC/LIpX8k+mQT67O7CjjeaL5mlBWFZEaWB3slle2NMWO55BcxrTf7Ldq MFxOpO5Qal78V/dT2Pc6IKfBa9U2FgzeqJLkTNhGMLHvsiMNXyNIifLQEg/+HXcB Z25uao9LYMefeA== -----END CERTIFICATE-----Generated at Sat Jan 3 03:55:56 2026 by rpki-client