This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft File: QIVi4riWGyLinHYtbJkDMbo2Zm8.mft (raw, json) Hash identifier: lZekzqN/IbSwNlGlvs533bjcvsRgjkTYisEWkx/qvN4= Subject key identifier: ED:81:9D:CC:3E:CE:92:87:59:8D:B7:2E:73:54:32:BC:D9:04:73:72 Authority key identifier: 40:85:62:E2:B8:96:1B:22:E2:9C:76:2D:6C:99:03:31:BA:36:66:6F Certificate issuer: /CN=408562e2b8961b22e29c762d6c990331ba36666f Certificate serial: 019B4C27E864017E10B13107BEA4CA2546E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft Manifest number: 1449 Signing time: Tue 23 Dec 2025 17:00:42 +0000 Manifest this update: Tue 23 Dec 2025 17:00:42 +0000 Manifest next update: Wed 24 Dec 2025 17:00:42 +0000 Files and hashes: 1: QIVi4riWGyLinHYtbJkDMbo2Zm8.crl (hash: Mcc93vz0RfcECOcS+049a5JtqhMQIC1B8T3IdEd7q0Q=) 2: TH3iTyQHdiPtwrxen-ik0aBRXKI.roa (hash: 9e3J8Nl+Dc6K9RH7KE3BYQUYhRYoAJ/tNPR6z9IBOhE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.crl rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 17:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:27:e8:64:01:7e:10:b1:31:07:be:a4:ca:25:46:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408562e2b8961b22e29c762d6c990331ba36666f Validity Not Before: Dec 23 17:00:42 2025 GMT Not After : Dec 24 17:00:42 2025 GMT Subject: CN=ed819dcc3ece9287598db72e735432bcd9047372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3a:db:38:19:9a:2a:2d:bf:f2:92:ba:6f:8a: c4:24:e6:fa:f4:ca:6d:b8:23:61:5e:6a:cf:29:f6: 81:93:cc:01:1f:1d:51:ca:e0:c7:a3:11:d5:a9:8f: 11:d0:de:d0:b2:41:3a:07:c7:d1:d6:fc:e4:e1:0b: 21:64:bf:15:9c:3f:26:69:df:b0:0e:2d:99:4d:c9: 70:cc:04:4b:1f:18:0d:20:f4:84:4f:4d:8c:d2:db: 93:eb:25:3a:91:b6:c2:83:dc:d2:ce:77:be:f3:4a: a6:2e:46:43:7d:88:1e:3e:d3:e7:7c:ca:a4:1a:6d: 43:9c:97:7f:f5:e8:71:85:e2:f3:2c:27:80:f5:da: 4a:96:89:cc:04:df:67:19:b5:a4:99:29:37:15:be: ff:d5:97:7b:3e:c0:a3:e4:c3:20:14:60:df:4d:55: 1a:7f:5a:22:3d:10:3e:83:79:5b:64:f5:59:40:17: 8a:68:8c:06:73:d3:99:51:e5:3d:24:fd:46:df:4e: 8e:fc:8e:6f:2b:9d:d2:35:91:b4:6f:76:6e:55:b5: 2c:2c:4b:ec:2b:b4:8f:b8:de:ab:b7:d2:cc:2c:66: ab:75:24:20:4d:7c:61:eb:3e:45:c9:5e:ed:93:1e: 22:8f:ae:1c:5b:ac:89:f4:ec:c5:4b:ec:af:07:1e: a0:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:81:9D:CC:3E:CE:92:87:59:8D:B7:2E:73:54:32:BC:D9:04:73:72 X509v3 Authority Key Identifier: keyid:40:85:62:E2:B8:96:1B:22:E2:9C:76:2D:6C:99:03:31:BA:36:66:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIVi4riWGyLinHYtbJkDMbo2Zm8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/52a6de-7232-49b1-91c7-cfdfcd4ee0f2/1/QIVi4riWGyLinHYtbJkDMbo2Zm8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:e3:36:4c:44:5e:ea:bb:97:2f:2c:bb:c3:07:15:61:68:9b: de:11:a7:ce:21:d5:5a:c2:c3:cc:c1:51:e7:79:a3:7b:e9:38: 22:66:34:af:21:d5:4f:ff:05:3e:a8:53:6d:69:2c:e5:2d:e7: 0f:42:4a:7c:52:92:de:08:93:0b:25:61:ec:45:a8:14:0a:d2: 1e:65:0b:07:59:fd:7a:7b:62:cd:49:05:d3:a2:0b:2a:5c:ea: be:6b:9b:ee:f1:7f:17:87:1f:fd:2e:b1:17:21:31:a8:e3:c2: 1d:f3:48:38:6d:81:b8:4b:6a:66:ab:bf:fa:f9:6c:08:61:ce: 99:df:c7:90:0f:5e:ce:6f:b5:fc:ed:4a:95:4d:6f:8a:73:7f: 3e:8b:e4:f7:a2:76:7a:11:89:60:56:09:c7:ee:bb:09:ab:f9: 64:36:29:3e:41:f1:11:0c:fc:1b:f7:28:24:1b:7e:62:01:19: 59:1a:5a:d3:bb:50:c0:63:0a:7f:1f:a1:84:8a:84:4f:46:18: bb:da:66:6e:3c:3d:bc:49:aa:af:4e:22:d5:9e:09:46:d9:4b: 2f:76:97:d7:0b:4c:d9:3b:2d:1f:85:d9:e6:a3:42:7e:c9:69: 21:a2:c9:ac:64:d2:4c:2b:6f:6f:62:1f:23:7d:87:06:dc:51: 5d:a9:61:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMJ+hkAX4QsTEHvqTKJUbkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwODU2MmUyYjg5NjFiMjJlMjljNzYyZDZjOTkwMzMxYmEz NjY2NmYwHhcNMjUxMjIzMTcwMDQyWhcNMjUxMjI0MTcwMDQyWjAzMTEwLwYDVQQD EyhlZDgxOWRjYzNlY2U5Mjg3NTk4ZGI3MmU3MzU0MzJiY2Q5MDQ3MzcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozrbOBmaKi2/8pK6b4rEJOb69Mpt uCNhXmrPKfaBk8wBHx1RyuDHoxHVqY8R0N7QskE6B8fR1vzk4QshZL8VnD8mad+w Di2ZTclwzARLHxgNIPSET02M0tuT6yU6kbbCg9zSzne+80qmLkZDfYgePtPnfMqk Gm1DnJd/9ehxheLzLCeA9dpKlonMBN9nGbWkmSk3Fb7/1Zd7PsCj5MMgFGDfTVUa f1oiPRA+g3lbZPVZQBeKaIwGc9OZUeU9JP1G306O/I5vK53SNZG0b3ZuVbUsLEvs K7SPuN6rt9LMLGardSQgTXxh6z5FyV7tkx4ij64cW6yJ9OzFS+yvBx6gXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO2Bncw+zpKHWY23LnNUMrzZBHNyMB8GA1UdIwQY MBaAFECFYuK4lhsi4px2LWyZAzG6NmZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MmE2ZGUtNzIzMi00OWIxLTkxYzct Y2ZkZmNkNGVlMGYyLzEvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny81MmE2ZGUtNzIzMi00OWIxLTkxYzctY2ZkZmNkNGVlMGYy LzEvUUlWaTRyaVdHeUxpbkhZdGJKa0RNYm8yWm04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+M2TERe 6ruXLyy7wwcVYWib3hGnziHVWsLDzMFR53mje+k4ImY0ryHVT/8FPqhTbWks5S3n D0JKfFKS3giTCyVh7EWoFArSHmULB1n9entizUkF06ILKlzqvmub7vF/F4cf/S6x FyExqOPCHfNIOG2BuEtqZqu/+vlsCGHOmd/HkA9ezm+1/O1KlU1vinN/Povk96J2 ehGJYFYJx+67Cav5ZDYpPkHxEQz8G/coJBt+YgEZWRpa07tQwGMKfx+hhIqET0YY u9pmbjw9vEmqr04i1Z4JRtlLL3aX1wtM2TstH4XZ5qNCfslpIaLJrGTSTCtvb2If I32HBtxRXalh8w== -----END CERTIFICATE-----Generated at Wed Dec 24 02:14:36 2025 by rpki-client