This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft File: QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json) Hash identifier: DGlolePqaNJDDxsH+cd9E7CtXVAtJJCIGI6QG0QqMfo= Subject key identifier: C0:5B:9C:20:5E:E8:E6:83:2E:F2:7B:B5:40:7A:B3:B5:81:77:40:4A Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50 Certificate issuer: /CN=43314f30f3a453ff49221d954ad8028a304a0150 Certificate serial: 019B4E4D296FE5F595733E07F0E33953A996 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft Manifest number: 178F Signing time: Wed 24 Dec 2025 03:00:38 +0000 Manifest this update: Wed 24 Dec 2025 03:00:38 +0000 Manifest next update: Thu 25 Dec 2025 03:00:38 +0000 Files and hashes: 1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: 9aUZKyYPXHCAQNyW0v7wbnCIeH9py4pioG1zPjlgSX0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 03:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:4d:29:6f:e5:f5:95:73:3e:07:f0:e3:39:53:a9:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150 Validity Not Before: Dec 24 03:00:38 2025 GMT Not After : Dec 25 03:00:38 2025 GMT Subject: CN=c05b9c205ee8e6832ef27bb5407ab3b58177404a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e5:0b:e1:5d:88:00:b7:b0:67:fc:8c:d8:b0: 67:7a:ee:4f:ed:42:54:98:32:59:ae:8b:54:e9:52: 4c:e1:c0:cd:cf:a0:3d:30:2c:6a:03:9d:67:25:5c: 3d:41:b9:cc:44:ec:37:59:97:c2:82:9d:65:b5:82: 33:37:f2:5e:36:c9:2b:66:1d:e5:bb:43:e6:37:fe: 70:22:38:4e:1c:d0:06:46:0d:4e:4e:57:a0:a1:ca: 03:47:32:4e:6a:b6:69:5c:25:e1:5e:7a:88:09:c9: 45:dc:6a:9a:c4:72:83:73:82:57:e7:a4:d7:02:c7: 8f:8f:fa:aa:e6:6f:c1:93:5b:44:3e:2d:4a:d0:46: 6d:d0:b0:fb:27:58:ed:58:fe:4f:a1:13:15:b5:4f: db:61:0e:e8:a0:51:97:91:a1:3f:a7:9b:f2:72:52: 88:5a:62:36:63:69:22:b5:3a:aa:2e:ae:db:7a:46: 44:62:4e:27:6a:cf:6c:70:5f:29:f2:eb:0f:98:b0: 9d:44:99:86:b0:5f:f7:f2:67:1f:76:be:a1:11:91: f1:c2:33:de:26:0d:ee:70:1b:60:1e:9f:91:ff:62: b8:d2:72:06:29:e7:ee:94:0a:bb:15:fe:2e:ca:fa: 37:b8:24:ce:3c:18:c2:8f:2d:3c:71:be:23:85:ed: f0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:5B:9C:20:5E:E8:E6:83:2E:F2:7B:B5:40:7A:B3:B5:81:77:40:4A X509v3 Authority Key Identifier: keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:04:38:83:1b:7b:2a:57:a0:ba:95:76:ba:d4:5b:3f:36:24: 38:a1:23:18:b1:11:67:0c:7b:c4:b8:2f:60:4c:d4:76:c5:58: 5b:28:53:0b:37:43:29:b0:25:c4:b4:1f:ce:c3:6e:18:3e:7f: 89:8b:a3:fd:94:48:7e:23:3a:45:4c:49:db:d7:cd:64:58:04: b4:cc:1d:c1:93:ec:a6:ec:d5:ef:51:22:d8:5e:dd:5e:f4:d7: 2e:be:01:e6:27:c1:44:53:ef:f4:a6:55:dd:b0:07:43:9d:42: 33:b3:a9:b2:0c:98:fa:6f:73:ab:7b:58:ec:fe:82:59:4e:f4: db:7e:f4:fa:dc:e6:af:e1:47:f5:9f:f9:49:09:7a:9c:a8:11: aa:6f:9f:3d:7c:5c:3d:bc:9c:92:98:b2:fa:4a:4d:6b:27:28: 6a:aa:d9:1f:0c:cd:58:d6:b4:a2:f4:c1:aa:2a:b8:87:d4:7b: d8:5a:1b:6b:6d:49:49:0c:00:28:bd:82:51:67:f0:9b:c8:af: 6f:4f:00:4c:d9:57:f2:56:73:08:11:be:2a:37:2a:21:23:18: a9:b5:0d:59:af:d4:fa:4e:58:f3:6b:08:49:8c:d7:ba:22:c7: b9:79:da:60:41:f3:46:59:67:0a:a9:65:3f:d1:a5:47:7a:49: 17:f3:bc:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOTSlv5fWVcz4H8OM5U6mWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0 YTAxNTAwHhcNMjUxMjI0MDMwMDM4WhcNMjUxMjI1MDMwMDM4WjAzMTEwLwYDVQQD EyhjMDViOWMyMDVlZThlNjgzMmVmMjdiYjU0MDdhYjNiNTgxNzc0MDRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeUL4V2IALewZ/yM2LBneu5P7UJU mDJZrotU6VJM4cDNz6A9MCxqA51nJVw9QbnMROw3WZfCgp1ltYIzN/JeNskrZh3l u0PmN/5wIjhOHNAGRg1OTlegocoDRzJOarZpXCXhXnqICclF3GqaxHKDc4JX56TX AsePj/qq5m/Bk1tEPi1K0EZt0LD7J1jtWP5PoRMVtU/bYQ7ooFGXkaE/p5vyclKI WmI2Y2kitTqqLq7bekZEYk4nas9scF8p8usPmLCdRJmGsF/38mcfdr6hEZHxwjPe Jg3ucBtgHp+R/2K40nIGKefulAq7Ff4uyvo3uCTOPBjCjy08cb4jhe3w0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMBbnCBe6OaDLvJ7tUB6s7WBd0BKMB8GA1UdIwQY MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAQ4gxt7 KlegupV2utRbPzYkOKEjGLERZwx7xLgvYEzUdsVYWyhTCzdDKbAlxLQfzsNuGD5/ iYuj/ZRIfiM6RUxJ29fNZFgEtMwdwZPspuzV71Ei2F7dXvTXLr4B5ifBRFPv9KZV 3bAHQ51CM7OpsgyY+m9zq3tY7P6CWU702370+tzmr+FH9Z/5SQl6nKgRqm+fPXxc Pbyckpiy+kpNaycoaqrZHwzNWNa0ovTBqiq4h9R72Foba21JSQwAKL2CUWfwm8iv b08ATNlX8lZzCBG+KjcqISMYqbUNWa/U+k5Y82sISYzXuiLHuXnaYEHzRllnCqll P9GlR3pJF/O8Bg== -----END CERTIFICATE-----Generated at Wed Dec 24 10:32:20 2025 by rpki-client