This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json) Hash identifier: TmuwbrqZCCMkif/WnSxHF5h0sUl6UFmMv4sVhEZx+lQ= Subject key identifier: E9:D6:92:27:C7:0A:F5:4B:AC:E3:6A:3E:28:07:F6:CD:ED:0A:ED:34 Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e Certificate serial: 019B69FB0D365610394ECECB3BE75894D1B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft Manifest number: 066E Signing time: Mon 29 Dec 2025 12:00:19 +0000 Manifest this update: Mon 29 Dec 2025 12:00:19 +0000 Manifest next update: Tue 30 Dec 2025 12:00:19 +0000 Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=) 2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: 2jvXKgWlIo2QUYxVH6QqZ6DV0QW5A+zrqhgn6tLkCUA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 10:15:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:fb:0d:36:56:10:39:4e:ce:cb:3b:e7:58:94:d1:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e Validity Not Before: Dec 29 12:00:19 2025 GMT Not After : Dec 30 12:00:19 2025 GMT Subject: CN=e9d69227c70af54bace36a3e2807f6cded0aed34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:15:56:f7:55:7e:a3:b7:77:34:0d:9c:b4:02: e5:34:e4:62:93:6a:ec:7a:54:72:0d:ed:bb:00:f0: 5d:2d:9b:6b:bc:8d:68:e6:e8:db:68:4c:a3:6b:a6: 9a:0f:9c:5c:fc:82:eb:f2:f7:88:57:16:90:00:97: 4a:3e:cb:ad:2c:55:71:73:10:94:8a:7d:4c:54:36: e1:78:ca:0a:a9:7b:8b:cb:6c:f2:82:5b:da:bd:38: d8:e1:ff:5c:d6:25:50:71:6a:75:17:9f:06:71:61: 1a:1d:23:17:08:59:44:b3:fd:9a:cc:10:10:fe:10: a1:37:43:37:12:62:47:c7:c3:d6:31:a8:38:36:6b: 48:d2:ce:00:9c:be:0d:9d:5a:11:11:91:1c:63:3e: b9:ac:5a:91:29:3d:dc:8c:fb:13:1c:7f:71:a9:d4: 4f:1a:8b:3f:88:49:25:10:e5:09:b0:af:71:17:e4: 3d:77:7b:bc:a3:26:2f:53:d9:a7:8d:b7:02:c4:dd: f0:55:c2:f3:6f:cb:6c:2a:96:11:d8:d9:e6:1c:44: 7c:78:6e:71:2b:64:1c:c3:71:82:97:fe:d4:1b:8b: 3e:2a:ec:23:fa:61:99:7f:40:5c:ab:26:f4:24:0e: 9e:4b:ce:d8:e2:ce:e8:ba:7e:97:23:5a:94:a9:32: de:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:D6:92:27:C7:0A:F5:4B:AC:E3:6A:3E:28:07:F6:CD:ED:0A:ED:34 X509v3 Authority Key Identifier: keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:98:26:85:54:e8:13:ff:09:ba:25:b8:b0:b2:cc:dd:19:82: 5a:41:20:3a:df:64:f8:cf:e7:45:74:b1:6c:c7:e9:33:b3:0e: e2:d2:23:dc:d1:8d:b5:e0:86:7e:a2:7d:cc:15:44:83:2e:38: b2:50:45:f4:75:ca:b2:f3:6e:08:8a:f4:1c:92:52:73:ce:b4: 15:96:a6:df:4e:2c:0f:58:08:99:a7:61:80:5a:bf:1d:db:cb: 26:9c:af:1a:d1:39:1a:1c:03:66:01:b1:bd:fe:82:a6:be:14: 61:4d:c0:16:a5:0a:97:a0:b3:26:66:b5:53:74:a9:19:0c:bd: e4:0c:7b:5e:1a:88:15:79:b7:a0:35:15:c6:2a:12:dc:20:e8: bb:9e:3e:70:23:11:5d:e6:2d:c5:f6:5a:27:8b:d5:c8:ae:ef: d2:ba:0b:4b:be:7d:a4:72:2d:0d:37:ba:69:3d:d3:08:4b:15: 28:cb:94:25:cb:c0:76:bb:e2:46:06:34:e4:a1:64:d8:d9:b7: 41:dc:81:94:be:c3:dd:fa:85:50:27:95:0e:6d:44:a4:ac:c4: 61:d2:f2:de:12:2e:0d:9f:58:d2:fb:ca:13:78:54:a8:66:d9: 79:18:62:ab:39:0f:3f:43:bf:d8:0d:6c:d1:fb:34:d7:7b:6f: 1c:5f:d7:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtp+w02VhA5Ts7LO+dYlNG0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2 NGIxN2UwHhcNMjUxMjI5MTIwMDE5WhcNMjUxMjMwMTIwMDE5WjAzMTEwLwYDVQQD EyhlOWQ2OTIyN2M3MGFmNTRiYWNlMzZhM2UyODA3ZjZjZGVkMGFlZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BVW91V+o7d3NA2ctALlNORik2rs elRyDe27APBdLZtrvI1o5ujbaEyja6aaD5xc/ILr8veIVxaQAJdKPsutLFVxcxCU in1MVDbheMoKqXuLy2zyglvavTjY4f9c1iVQcWp1F58GcWEaHSMXCFlEs/2azBAQ /hChN0M3EmJHx8PWMag4NmtI0s4AnL4NnVoREZEcYz65rFqRKT3cjPsTHH9xqdRP Gos/iEklEOUJsK9xF+Q9d3u8oyYvU9mnjbcCxN3wVcLzb8tsKpYR2NnmHER8eG5x K2Qcw3GCl/7UG4s+Kuwj+mGZf0Bcqyb0JA6eS87Y4s7oun6XI1qUqTLe7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOnWkifHCvVLrONqPigH9s3tCu00MB8GA1UdIwQY MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZgmhVTo E/8JuiW4sLLM3RmCWkEgOt9k+M/nRXSxbMfpM7MO4tIj3NGNteCGfqJ9zBVEgy44 slBF9HXKsvNuCIr0HJJSc860FZam304sD1gImadhgFq/HdvLJpyvGtE5GhwDZgGx vf6Cpr4UYU3AFqUKl6CzJma1U3SpGQy95Ax7XhqIFXm3oDUVxioS3CDou54+cCMR XeYtxfZaJ4vVyK7v0roLS759pHItDTe6aT3TCEsVKMuUJcvAdrviRgY05KFk2Nm3 QdyBlL7D3fqFUCeVDm1EpKzEYdLy3hIuDZ9Y0vvKE3hUqGbZeRhiqzkPP0O/2A1s 0fs013tvHF/XhQ== -----END CERTIFICATE-----Generated at Mon Dec 29 13:25:44 2025 by rpki-client