This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft File: QpBWwzjRbJLN_aHlXQk2givFDNI.mft (raw, json) Hash identifier: oDYuvpdG7Bmy8A2NUcJonuWK1Qzw64qo9VQLnlH3sLY= Subject key identifier: DF:C8:5A:97:81:2F:D0:B5:CD:1C:A6:C0:03:89:97:25:DB:33:E7:E8 Authority key identifier: 42:90:56:C3:38:D1:6C:92:CD:FD:A1:E5:5D:09:36:82:2B:C5:0C:D2 Certificate issuer: /CN=429056c338d16c92cdfda1e55d0936822bc50cd2 Certificate serial: 019B2BC1C96187DBE74363F51D6BE7756B1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft Manifest number: 0614 Signing time: Wed 17 Dec 2025 10:01:18 +0000 Manifest this update: Wed 17 Dec 2025 10:01:18 +0000 Manifest next update: Thu 18 Dec 2025 10:01:18 +0000 Files and hashes: 1: QpBWwzjRbJLN_aHlXQk2givFDNI.crl (hash: XUQGFduxwsxZdzgylX70+TNNgMRiY/hGIXrLy6GeXFo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:c1:c9:61:87:db:e7:43:63:f5:1d:6b:e7:75:6b:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=429056c338d16c92cdfda1e55d0936822bc50cd2 Validity Not Before: Dec 17 10:01:18 2025 GMT Not After : Dec 18 10:01:18 2025 GMT Subject: CN=dfc85a97812fd0b5cd1ca6c003899725db33e7e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:34:63:5b:60:03:11:2c:d0:05:92:a1:64:f2: f6:64:6b:8e:5a:85:22:07:6e:c8:4e:b8:e9:a6:10: 63:fd:48:2e:1e:8c:29:bb:f6:db:e5:17:35:a2:70: e3:1b:80:c0:18:d9:41:d6:6b:7e:35:3c:e9:c9:b6: 20:eb:91:4f:af:28:2f:d4:0f:bc:4c:93:a3:a5:7d: 8f:c0:47:bf:4b:f1:f4:a8:8b:b5:5f:c4:0f:cf:0a: d1:dc:bd:39:10:d1:18:28:06:e0:41:b9:40:f2:ce: cb:6c:ac:74:14:6e:98:6e:94:c5:7d:28:58:bd:e2: 09:0f:54:29:b1:5b:f5:1c:83:db:7c:22:e7:82:cb: da:a0:c4:bc:9b:ad:97:6c:ec:e4:4b:91:27:ee:59: d0:4f:12:76:a1:0b:87:5d:ad:bd:54:71:42:da:4b: 33:fe:89:9a:2a:cf:f9:cf:c1:9e:62:39:2e:38:d4: 8f:2c:5a:ee:c9:63:87:8a:d6:4a:2c:6e:14:32:82: ec:02:29:b1:80:84:87:40:c6:79:df:f5:a6:c4:bb: ca:c6:fe:8b:cd:ce:7a:9a:f5:97:89:87:4a:1f:4b: 60:43:03:ad:bc:70:1f:cf:a9:5f:6d:c2:5b:d9:c2: 54:5a:98:76:08:d6:cf:27:a6:ad:46:cb:2a:68:f6: fe:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:C8:5A:97:81:2F:D0:B5:CD:1C:A6:C0:03:89:97:25:DB:33:E7:E8 X509v3 Authority Key Identifier: keyid:42:90:56:C3:38:D1:6C:92:CD:FD:A1:E5:5D:09:36:82:2B:C5:0C:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpBWwzjRbJLN_aHlXQk2givFDNI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/513b77-9e3b-4a6c-9ed5-7f21d9befc2c/1/QpBWwzjRbJLN_aHlXQk2givFDNI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:c4:42:1b:90:b1:df:21:ca:ef:be:9e:90:cf:cb:46:53:96: 55:a1:08:eb:8a:98:30:74:ad:87:cf:c9:18:20:da:0c:24:46: ab:00:eb:9d:29:39:ea:4e:ff:55:27:c7:bc:4a:c1:35:23:14: 57:df:67:5d:1c:69:47:60:32:9a:1c:81:60:b1:72:11:d4:08: 09:29:10:0a:22:60:4d:96:b1:a9:81:ad:48:0e:be:66:0b:f0: 75:cd:62:a0:0b:17:1a:d4:c4:86:b4:3b:a9:d7:74:37:ed:7e: 2b:84:b1:e2:1f:58:33:9c:8f:69:79:bd:f6:d6:73:c1:55:47: 97:66:43:80:36:46:12:15:1a:9d:5d:96:f0:c0:46:7b:63:b8: a4:08:a8:8e:d2:07:48:d5:59:f0:f3:e3:e5:57:10:c0:61:f5: 22:e8:3a:a6:ce:3e:e7:d3:e6:61:df:9b:e9:02:2c:0b:2b:1d: e8:fb:73:56:cc:cd:b3:95:67:9d:39:7f:89:55:54:52:69:57: 05:69:fc:83:05:8c:5b:8c:c9:40:4d:60:2c:bd:b2:c2:64:1e: 61:9e:c9:38:1c:d6:8d:7b:8d:3d:61:b1:93:c9:94:08:9c:7e: fa:cb:75:fa:0f:08:c4:e8:d8:34:92:2b:f2:46:d5:70:7f:83: 8f:64:e2:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrwclhh9vnQ2P1HWvndWsbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyOTA1NmMzMzhkMTZjOTJjZGZkYTFlNTVkMDkzNjgyMmJj NTBjZDIwHhcNMjUxMjE3MTAwMTE4WhcNMjUxMjE4MTAwMTE4WjAzMTEwLwYDVQQD EyhkZmM4NWE5NzgxMmZkMGI1Y2QxY2E2YzAwMzg5OTcyNWRiMzNlN2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DRjW2ADESzQBZKhZPL2ZGuOWoUi B27ITrjpphBj/UguHowpu/bb5Rc1onDjG4DAGNlB1mt+NTzpybYg65FPrygv1A+8 TJOjpX2PwEe/S/H0qIu1X8QPzwrR3L05ENEYKAbgQblA8s7LbKx0FG6YbpTFfShY veIJD1QpsVv1HIPbfCLngsvaoMS8m62XbOzkS5En7lnQTxJ2oQuHXa29VHFC2ksz /omaKs/5z8GeYjkuONSPLFruyWOHitZKLG4UMoLsAimxgISHQMZ53/WmxLvKxv6L zc56mvWXiYdKH0tgQwOtvHAfz6lfbcJb2cJUWph2CNbPJ6atRssqaPb+mwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN/IWpeBL9C1zRymwAOJlyXbM+foMB8GA1UdIwQY MBaAFEKQVsM40WySzf2h5V0JNoIrxQzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81MTNiNzctOWUzYi00YTZjLTllZDUt N2YyMWQ5YmVmYzJjLzEvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy81MTNiNzctOWUzYi00YTZjLTllZDUtN2YyMWQ5YmVmYzJj LzEvUXBCV3d6alJiSkxOX2FIbFhRazJnaXZGRE5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMRCG5Cx 3yHK776ekM/LRlOWVaEI64qYMHSth8/JGCDaDCRGqwDrnSk56k7/VSfHvErBNSMU V99nXRxpR2AymhyBYLFyEdQICSkQCiJgTZaxqYGtSA6+Zgvwdc1ioAsXGtTEhrQ7 qdd0N+1+K4Sx4h9YM5yPaXm99tZzwVVHl2ZDgDZGEhUanV2W8MBGe2O4pAiojtIH SNVZ8PPj5VcQwGH1Iug6ps4+59PmYd+b6QIsCysd6PtzVszNs5VnnTl/iVVUUmlX BWn8gwWMW4zJQE1gLL2ywmQeYZ7JOBzWjXuNPWGxk8mUCJx++st1+g8IxOjYNJIr 8kbVcH+Dj2TiiQ== -----END CERTIFICATE-----Generated at Wed Dec 17 19:39:27 2025 by rpki-client