This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft File: QD8Iu6_6QWGEMgOop1erbpVGsM4.mft (raw, json) Hash identifier: ql3dBqJ6kAwxYBsBIAwNxMf/R1vxC2rxVUBH0gYecKs= Subject key identifier: 35:D8:E3:C0:A9:B6:9C:A4:A2:F0:30:B4:9E:99:49:75:05:7B:A6:15 Authority key identifier: 40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE Certificate issuer: /CN=403f08bbaffa4161843203a8a757ab6e9546b0ce Certificate serial: 019B54F455FF8E64147FCD41EA154B778386 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft Manifest number: 06A8 Signing time: Thu 25 Dec 2025 10:00:57 +0000 Manifest this update: Thu 25 Dec 2025 10:00:57 +0000 Manifest next update: Fri 26 Dec 2025 10:00:57 +0000 Files and hashes: 1: 4PjPPpWKgAtzAAOasr7gIk0JbPI.roa (hash: yiKX1aQ5yWrVl7HwLmjfK1M9G+FpWFiXbyU5qVlLbDY=) 2: QD8Iu6_6QWGEMgOop1erbpVGsM4.crl (hash: U3foflhtPmco2sKejNcUHc00dfd1h6YFGJSV9kis9Hc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:f4:55:ff:8e:64:14:7f:cd:41:ea:15:4b:77:83:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=403f08bbaffa4161843203a8a757ab6e9546b0ce Validity Not Before: Dec 25 10:00:57 2025 GMT Not After : Dec 26 10:00:57 2025 GMT Subject: CN=35d8e3c0a9b69ca4a2f030b49e994975057ba615 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c3:1f:48:08:64:28:44:e0:81:7c:cd:c4:da: 0b:23:2e:66:4e:c0:e2:00:3b:21:5a:af:28:6d:ae: 71:0f:59:67:85:cc:29:37:88:64:a7:36:67:a4:ae: b2:ee:3f:bb:ac:ef:0c:24:40:8d:c3:dd:01:23:6d: 5a:18:78:a9:46:7a:15:8a:ad:57:e0:12:3f:40:2b: bf:77:e3:d7:66:0b:cd:8b:94:a9:40:10:13:07:5b: 54:d1:5f:2d:dc:1f:c9:ec:e0:33:a6:9d:4c:f3:4f: 92:21:e8:5a:02:4a:99:0f:ca:36:ed:fc:34:e3:2b: 0d:b6:2a:a7:33:92:1b:92:32:5f:8a:8e:99:df:d1: 00:bc:76:6a:9c:fe:68:ba:5f:ce:6c:0d:ca:57:e9: 52:fc:5a:c1:12:1a:73:9d:40:77:ef:19:52:2a:e3: 64:40:89:86:33:bf:57:dd:08:62:26:42:9d:d8:bd: 6c:0f:d7:8c:98:b5:d6:d9:62:03:60:dd:7b:e3:88: 10:5d:9d:8e:2d:80:3e:e4:91:80:7f:15:88:41:a2: 57:2a:94:31:eb:9b:d8:8c:8d:75:c0:8d:4b:3a:bc: 49:03:d9:c5:73:45:9c:b1:f8:a3:35:1a:b0:66:87: 82:7b:38:51:d8:53:8d:16:bb:0f:4c:87:c2:79:0a: 31:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:D8:E3:C0:A9:B6:9C:A4:A2:F0:30:B4:9E:99:49:75:05:7B:A6:15 X509v3 Authority Key Identifier: keyid:40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:12:74:42:02:87:4e:84:ff:dc:77:04:71:ce:3e:f2:da:4e: f6:2e:15:45:e2:b0:92:b3:01:b6:be:13:0c:f5:a7:58:ae:b5: 41:ab:d1:25:aa:4b:1d:6b:e0:9e:c1:e0:31:a5:21:7b:26:46: 9c:60:9f:05:80:31:6a:81:42:48:fc:9f:7e:32:a5:50:e4:35: a3:31:6b:cb:6b:da:7a:b0:86:4c:9e:f1:5b:57:e6:b1:0c:17: 9d:f8:99:3c:e5:fa:22:47:fe:54:da:1a:51:5e:dd:d8:4b:c5: ac:3f:17:c1:51:a0:4d:58:9d:66:eb:5f:dd:b1:01:48:99:eb: cf:39:74:eb:a0:92:3e:64:71:a0:e9:15:49:7d:85:85:05:13: 85:f4:ad:02:9f:bd:b9:2d:8d:16:14:d5:19:7e:98:2d:dc:91: 44:7b:aa:d2:b0:14:85:03:f3:95:97:9a:da:54:35:19:56:ae: fe:64:9e:68:fb:1a:bc:2a:7f:5a:41:29:1d:84:d1:c2:2a:5c: 65:20:82:cd:28:bf:7f:05:8c:74:c4:52:27:16:c5:85:2a:07: 40:22:d1:dc:01:e5:66:fd:40:81:a0:78:c0:c8:a1:4a:30:d2: a0:fd:15:b1:f7:17:ba:19:30:fd:1b:9a:38:05:61:89:df:6a: 6e:30:a1:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtU9FX/jmQUf81B6hVLd4OGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwM2YwOGJiYWZmYTQxNjE4NDMyMDNhOGE3NTdhYjZlOTU0 NmIwY2UwHhcNMjUxMjI1MTAwMDU3WhcNMjUxMjI2MTAwMDU3WjAzMTEwLwYDVQQD EygzNWQ4ZTNjMGE5YjY5Y2E0YTJmMDMwYjQ5ZTk5NDk3NTA1N2JhNjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMMfSAhkKETggXzNxNoLIy5mTsDi ADshWq8oba5xD1lnhcwpN4hkpzZnpK6y7j+7rO8MJECNw90BI21aGHipRnoViq1X 4BI/QCu/d+PXZgvNi5SpQBATB1tU0V8t3B/J7OAzpp1M80+SIehaAkqZD8o27fw0 4ysNtiqnM5IbkjJfio6Z39EAvHZqnP5oul/ObA3KV+lS/FrBEhpznUB37xlSKuNk QImGM79X3QhiJkKd2L1sD9eMmLXW2WIDYN1744gQXZ2OLYA+5JGAfxWIQaJXKpQx 65vYjI11wI1LOrxJA9nFc0WcsfijNRqwZoeCezhR2FONFrsPTIfCeQoxTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDXY48CptpykovAwtJ6ZSXUFe6YVMB8GA1UdIwQY MBaAFEA/CLuv+kFhhDIDqKdXq26VRrDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5Yjgt MzhkOGE3OGE0ODYyLzEvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5YjgtMzhkOGE3OGE0ODYy LzEvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhJ0QgKH ToT/3HcEcc4+8tpO9i4VReKwkrMBtr4TDPWnWK61QavRJapLHWvgnsHgMaUheyZG nGCfBYAxaoFCSPyffjKlUOQ1ozFry2vaerCGTJ7xW1fmsQwXnfiZPOX6Ikf+VNoa UV7d2EvFrD8XwVGgTVidZutf3bEBSJnrzzl066CSPmRxoOkVSX2FhQUThfStAp+9 uS2NFhTVGX6YLdyRRHuq0rAUhQPzlZea2lQ1GVau/mSeaPsavCp/WkEpHYTRwipc ZSCCzSi/fwWMdMRSJxbFhSoHQCLR3AHlZv1AgaB4wMihSjDSoP0VsfcXuhkw/Rua OAVhid9qbjChzg== -----END CERTIFICATE-----Generated at Thu Dec 25 15:42:38 2025 by rpki-client