This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft File: QwPxM011rEMsDKp404mnDAnBLKY.mft (raw, json) Hash identifier: ao/lAhkSdBfuiNGX2gWMxEtkFmKk5Dz9aILFBMdhP0Y= Subject key identifier: 3C:65:AA:B5:44:DE:18:81:FF:D5:83:F6:65:1D:CA:1A:EE:58:0C:01 Authority key identifier: 43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6 Certificate issuer: /CN=4303f1334d75ac432c0caa78d389a70c09c12ca6 Certificate serial: 019B39EB59A219F37FD697F37B320E0DD84F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft Manifest number: 02DC Signing time: Sat 20 Dec 2025 04:01:23 +0000 Manifest this update: Sat 20 Dec 2025 04:01:23 +0000 Manifest next update: Sun 21 Dec 2025 04:01:23 +0000 Files and hashes: 1: QwPxM011rEMsDKp404mnDAnBLKY.crl (hash: CFqDj7iBwDc2nrvmNPEuGR5OijXY+A7fHGl42l6QEfU=) 2: etqHJp94mEXyM-mZRNVFRO7Kziw.roa (hash: Y6iOU/XBP66s91SGzXjQj2BEKS4QjWa/buoOF4uhFqg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:eb:59:a2:19:f3:7f:d6:97:f3:7b:32:0e:0d:d8:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4303f1334d75ac432c0caa78d389a70c09c12ca6 Validity Not Before: Dec 20 04:01:23 2025 GMT Not After : Dec 21 04:01:23 2025 GMT Subject: CN=3c65aab544de1881ffd583f6651dca1aee580c01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:49:1d:69:18:14:0c:6d:12:b6:8b:e0:c7:a0: 67:30:44:23:c9:9c:94:da:bd:12:8a:21:94:27:bd: de:41:ae:b9:35:b4:3e:11:d5:48:ce:c1:65:bf:9a: 78:4f:90:82:da:3e:14:d6:1a:78:9b:80:50:38:27: 2e:50:6b:7a:66:12:b0:4a:32:90:e6:12:b9:01:55: fc:fe:3b:b1:3e:ee:b8:f0:05:a8:fd:78:0b:39:7c: 7d:bf:c7:e2:6a:ae:82:f3:15:b9:17:57:89:dc:f6: c1:f0:dc:2b:85:6f:d5:d0:37:43:1c:17:e5:10:e9: 3b:2a:c1:08:83:c8:df:f9:6a:b2:3a:71:76:ca:18: eb:6b:7b:f5:c1:9b:e6:89:cc:48:1f:a3:d3:09:98: 13:9d:0b:64:65:fe:17:de:5c:f4:8c:23:82:c1:5a: 2a:bc:d9:3e:18:fd:6f:5f:d4:dd:4a:93:09:88:8d: 9e:0f:af:0b:88:d3:0d:2d:3e:ef:82:ef:ba:10:79: 6d:70:4d:d4:bd:0c:7b:ea:a5:22:c5:4c:73:a8:99: a8:b0:c9:28:28:a4:ec:8a:ba:b1:26:9b:4d:6a:de: 2d:5f:02:a7:4c:da:dd:9a:18:04:c9:0c:89:aa:c1: 90:83:34:7c:47:6c:db:a0:86:ed:c7:7e:1b:d5:80: 51:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:65:AA:B5:44:DE:18:81:FF:D5:83:F6:65:1D:CA:1A:EE:58:0C:01 X509v3 Authority Key Identifier: keyid:43:03:F1:33:4D:75:AC:43:2C:0C:AA:78:D3:89:A7:0C:09:C1:2C:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwPxM011rEMsDKp404mnDAnBLKY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/438008-338d-4c31-97c5-4cb97076cff2/1/QwPxM011rEMsDKp404mnDAnBLKY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:f0:ac:4e:aa:95:93:5b:02:c3:e6:0a:02:86:d2:0d:d5:be: aa:97:38:2d:c9:e7:b0:ef:3b:f3:2f:da:f3:1d:5d:97:e8:36: 20:b5:51:0d:57:14:55:14:67:45:42:18:47:8a:ff:23:35:a1: 16:17:9c:e4:1e:40:62:15:fd:a1:64:a2:7d:b2:b4:c3:11:18: 70:c5:05:7b:cd:e5:fb:2b:b4:ea:08:ae:ee:b4:c6:b2:67:e6: 89:56:dd:f3:a2:89:ba:aa:28:90:d8:39:ad:7f:3b:88:1e:e6: 33:b0:ef:4d:5f:95:d3:de:53:8d:d5:5d:3b:ca:e8:95:eb:d6: 60:14:cf:32:c5:7e:4d:52:dc:fc:86:9f:60:64:5d:2a:66:94: 92:7c:64:a6:50:0e:2a:64:72:27:14:09:df:80:87:1a:59:d1: f5:4f:59:b2:46:b5:bf:fd:33:e0:b0:80:55:9c:20:fb:79:1c: 2c:5a:2d:6a:30:b9:9f:7f:1a:b4:fe:31:61:d0:1e:56:17:19: ca:ba:02:73:bb:b5:8b:ef:e8:68:d8:26:82:7a:6c:6f:42:0b: 03:e4:14:dc:e5:a6:9f:f6:35:18:b2:e7:4a:b2:63:5d:35:e0: ed:24:d5:a0:0e:62:f2:24:c8:b0:c4:6c:ba:97:28:74:6c:d0: 7c:d1:b6:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs561miGfN/1pfzezIODdhPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzMDNmMTMzNGQ3NWFjNDMyYzBjYWE3OGQzODlhNzBjMDlj MTJjYTYwHhcNMjUxMjIwMDQwMTIzWhcNMjUxMjIxMDQwMTIzWjAzMTEwLwYDVQQD EygzYzY1YWFiNTQ0ZGUxODgxZmZkNTgzZjY2NTFkY2ExYWVlNTgwYzAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkkdaRgUDG0Stovgx6BnMEQjyZyU 2r0SiiGUJ73eQa65NbQ+EdVIzsFlv5p4T5CC2j4U1hp4m4BQOCcuUGt6ZhKwSjKQ 5hK5AVX8/juxPu648AWo/XgLOXx9v8fiaq6C8xW5F1eJ3PbB8NwrhW/V0DdDHBfl EOk7KsEIg8jf+WqyOnF2yhjra3v1wZvmicxIH6PTCZgTnQtkZf4X3lz0jCOCwVoq vNk+GP1vX9TdSpMJiI2eD68LiNMNLT7vgu+6EHltcE3UvQx76qUixUxzqJmosMko KKTsirqxJptNat4tXwKnTNrdmhgEyQyJqsGQgzR8R2zboIbtx34b1YBRIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDxlqrVE3hiB/9WD9mUdyhruWAwBMB8GA1UdIwQY MBaAFEMD8TNNdaxDLAyqeNOJpwwJwSymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUt NGNiOTcwNzZjZmYyLzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS80MzgwMDgtMzM4ZC00YzMxLTk3YzUtNGNiOTcwNzZjZmYy LzEvUXdQeE0wMTFyRU1zREtwNDA0bW5EQW5CTEtZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfPCsTqqV k1sCw+YKAobSDdW+qpc4LcnnsO878y/a8x1dl+g2ILVRDVcUVRRnRUIYR4r/IzWh Fhec5B5AYhX9oWSifbK0wxEYcMUFe83l+yu06giu7rTGsmfmiVbd86KJuqookNg5 rX87iB7mM7DvTV+V095TjdVdO8rolevWYBTPMsV+TVLc/IafYGRdKmaUknxkplAO KmRyJxQJ34CHGlnR9U9Zska1v/0z4LCAVZwg+3kcLFotajC5n38atP4xYdAeVhcZ yroCc7u1i+/oaNgmgnpsb0ILA+QU3OWmn/Y1GLLnSrJjXTXg7STVoA5i8iTIsMRs upcodGzQfNG2gw== -----END CERTIFICATE-----Generated at Sat Dec 20 08:19:41 2025 by rpki-client