This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft File: QsCVkBFifd0NBX1zHo-lpRApZZI.mft (raw, json) Hash identifier: faa/TWf+5naAw4X3A/1p00n2Yg0bREgIoomvsDD9oQ0= Subject key identifier: 8F:1F:F3:E9:F1:C7:C5:5C:73:E5:AA:BD:BC:F7:5D:BF:1C:7E:F8:A6 Authority key identifier: 42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92 Certificate issuer: /CN=42c0959011627ddd0d057d731e8fa5a510296592 Certificate serial: 019B3A915340CD525784D06FFA9E9A368EB1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 07:02:41 +0000 Manifest this update: Sat 20 Dec 2025 07:02:41 +0000 Manifest next update: Sun 21 Dec 2025 07:02:41 +0000 Files and hashes: 1: QsCVkBFifd0NBX1zHo-lpRApZZI.crl (hash: hkDPM1P82y7HxffMDpMB+H1GHIiegCg0X7Vn6fEX+ls=) 2: nqDbjTD7-4bF8APAmv3q39AmNtk.roa (hash: zWbRV6cXuufmhpJUA1tayT8JP8s9Ez0NcmTuvgMXFF8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:91:53:40:cd:52:57:84:d0:6f:fa:9e:9a:36:8e:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42c0959011627ddd0d057d731e8fa5a510296592 Validity Not Before: Dec 20 07:02:41 2025 GMT Not After : Dec 21 07:02:41 2025 GMT Subject: CN=8f1ff3e9f1c7c55c73e5aabdbcf75dbf1c7ef8a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:22:8a:8e:71:f6:65:12:45:b5:3b:48:df:d0: f4:a0:b3:e8:a6:6d:81:97:2c:0f:2b:31:bd:13:72: ff:90:7b:b7:f4:57:a8:7b:da:7c:0a:3b:98:4b:cb: c9:eb:14:a9:91:89:4c:a0:0b:39:56:7b:bd:10:4d: 3e:0f:22:68:2c:91:3f:4e:dd:d1:68:7e:e7:47:f3: c0:33:c8:ce:1e:10:57:a9:6a:0d:bb:89:68:96:94: e8:1b:64:b0:fd:53:33:ca:3a:52:7c:70:4e:17:42: f2:16:21:ee:c5:c5:21:4f:98:47:a9:e0:16:5a:60: f4:26:7e:de:14:f7:7d:a7:8a:02:88:f6:ff:1e:ea: b7:20:fa:7f:54:49:9d:da:7d:76:e4:30:bb:5b:a2: 69:87:93:0e:45:05:92:ea:ba:69:e0:92:4d:9b:d1: 91:77:15:22:2a:52:9f:71:d1:61:1e:35:1d:f2:9a: 9f:05:e2:34:27:17:d1:0d:10:83:6c:3d:24:04:74: 68:f6:70:87:03:a3:37:08:dc:ca:4f:5b:b8:58:28: b5:41:20:b5:95:01:c1:0b:c1:07:34:dd:63:8b:32: d6:b6:95:b4:4d:35:be:b2:1a:91:4a:62:24:9a:27: 71:f2:d9:6b:c8:ef:88:06:bb:52:e3:f8:76:53:14: 22:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:1F:F3:E9:F1:C7:C5:5C:73:E5:AA:BD:BC:F7:5D:BF:1C:7E:F8:A6 X509v3 Authority Key Identifier: keyid:42:C0:95:90:11:62:7D:DD:0D:05:7D:73:1E:8F:A5:A5:10:29:65:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsCVkBFifd0NBX1zHo-lpRApZZI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ba12cd-2e7e-40dc-ae88-248b59c3696b/1/QsCVkBFifd0NBX1zHo-lpRApZZI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:85:c4:7c:22:fe:87:4a:20:41:bd:f7:d0:b2:32:6c:ef:30: 69:2e:58:6a:36:1b:a5:19:23:59:cc:42:72:56:1e:31:b8:3c: d8:b4:1d:7c:3e:d6:a5:5f:3f:0f:fa:02:2d:1f:56:21:0c:51: 5e:38:b4:9d:66:d9:c3:db:53:b1:22:48:d9:89:ae:a4:d1:96: 9b:68:b7:60:78:ea:1f:cc:10:de:08:9b:3c:11:47:22:67:fb: bb:bc:ea:ae:4e:12:51:bb:cf:5d:58:bc:e8:92:5a:ed:1c:83: 10:6d:30:e5:66:2c:c9:72:75:aa:50:f4:1f:32:77:59:c8:7c: 38:ba:36:d5:ef:0c:63:c9:94:36:23:df:69:10:cf:54:5b:64: 84:e3:28:14:57:f7:74:71:67:44:2c:2a:87:62:8c:0f:d3:89: 59:b4:97:b2:e0:c3:32:51:71:76:95:9c:75:95:85:30:8c:d7: d2:d5:50:8c:93:34:5e:f9:bc:57:3c:40:f1:7f:8b:3c:1d:f8: 62:3a:e0:f6:98:d1:c8:bf:56:a2:2a:b9:1a:24:80:d6:5f:a4: 88:bd:9b:66:2c:95:a4:a5:a4:e8:72:46:53:32:ba:d1:cc:d1: 43:32:1f:53:48:12:21:90:ec:1d:fb:5a:48:f7:c3:f4:5a:b5: cc:37:d9:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kVNAzVJXhNBv+p6aNo6xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyYzA5NTkwMTE2MjdkZGQwZDA1N2Q3MzFlOGZhNWE1MTAy OTY1OTIwHhcNMjUxMjIwMDcwMjQxWhcNMjUxMjIxMDcwMjQxWjAzMTEwLwYDVQQD Eyg4ZjFmZjNlOWYxYzdjNTVjNzNlNWFhYmRiY2Y3NWRiZjFjN2VmOGE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyKKjnH2ZRJFtTtI39D0oLPopm2B lywPKzG9E3L/kHu39Feoe9p8CjuYS8vJ6xSpkYlMoAs5Vnu9EE0+DyJoLJE/Tt3R aH7nR/PAM8jOHhBXqWoNu4lolpToG2Sw/VMzyjpSfHBOF0LyFiHuxcUhT5hHqeAW WmD0Jn7eFPd9p4oCiPb/Huq3IPp/VEmd2n125DC7W6Jph5MORQWS6rpp4JJNm9GR dxUiKlKfcdFhHjUd8pqfBeI0JxfRDRCDbD0kBHRo9nCHA6M3CNzKT1u4WCi1QSC1 lQHBC8EHNN1jizLWtpW0TTW+shqRSmIkmidx8tlryO+IBrtS4/h2UxQiQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI8f8+nxx8Vcc+Wqvbz3Xb8cfvimMB8GA1UdIwQY MBaAFELAlZARYn3dDQV9cx6PpaUQKWWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgt MjQ4YjU5YzM2OTZiLzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9iYTEyY2QtMmU3ZS00MGRjLWFlODgtMjQ4YjU5YzM2OTZi LzEvUXNDVmtCRmlmZDBOQlgxekhvLWxwUkFwWlpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALoXEfCL+ h0ogQb330LIybO8waS5YajYbpRkjWcxCclYeMbg82LQdfD7WpV8/D/oCLR9WIQxR Xji0nWbZw9tTsSJI2YmupNGWm2i3YHjqH8wQ3gibPBFHImf7u7zqrk4SUbvPXVi8 6JJa7RyDEG0w5WYsyXJ1qlD0HzJ3Wch8OLo21e8MY8mUNiPfaRDPVFtkhOMoFFf3 dHFnRCwqh2KMD9OJWbSXsuDDMlFxdpWcdZWFMIzX0tVQjJM0Xvm8VzxA8X+LPB34 Yjrg9pjRyL9Woiq5GiSA1l+kiL2bZiyVpKWk6HJGUzK60czRQzIfU0gSIZDsHfta SPfD9Fq1zDfZkw== -----END CERTIFICATE-----Generated at Sat Dec 20 13:35:27 2025 by rpki-client