This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft File: QLnKyTUxHngDS0BzgwqBo897Rdk.mft (raw, json) Hash identifier: FsdE1C+BPJVnr2/t0enBKW9O3I2uoNxCGR2F4O735pk= Subject key identifier: 2D:2B:27:4C:0C:01:23:C7:98:C1:7D:AE:D9:E9:1B:2E:00:BB:57:E9 Authority key identifier: 40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9 Certificate issuer: /CN=40b9cac935311e78034b4073830a81a3cf7b45d9 Certificate serial: 019B559A0826D318FF3CEF045598734F7071 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft Manifest number: 1795 Signing time: Thu 25 Dec 2025 13:01:56 +0000 Manifest this update: Thu 25 Dec 2025 13:01:56 +0000 Manifest next update: Fri 26 Dec 2025 13:01:56 +0000 Files and hashes: 1: 1q_nnAgndZaIqez5io_HHZB7TIg.roa (hash: fcE6bMGj83Q0hVMFOv0EAXM92bWkreUUh6T69N1a/Yo=) 2: QLnKyTUxHngDS0BzgwqBo897Rdk.crl (hash: NTUFYWcAzvtW8EOaXF7FCJvZ5nBhst4Bg6mdqbxHFhI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:9a:08:26:d3:18:ff:3c:ef:04:55:98:73:4f:70:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40b9cac935311e78034b4073830a81a3cf7b45d9 Validity Not Before: Dec 25 13:01:56 2025 GMT Not After : Dec 26 13:01:56 2025 GMT Subject: CN=2d2b274c0c0123c798c17daed9e91b2e00bb57e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:39:d6:39:f5:f0:f1:fd:9f:96:62:ac:73:04: 34:58:6b:22:9d:16:50:7b:c5:e5:33:34:33:0f:4f: e4:ff:05:5e:1a:aa:29:70:7f:db:c2:a6:e2:ea:73: 5c:8d:c6:f9:23:ff:ec:01:57:a5:81:37:4a:34:34: 60:36:8c:e7:f0:65:85:82:3e:fe:03:5a:89:93:16: 66:b1:91:5f:52:97:99:f8:ab:c1:ba:f4:fe:84:ed: 9a:20:fa:c2:15:01:6d:d6:d5:51:20:18:63:82:72: c3:e6:e4:bc:be:23:89:f0:e6:29:90:55:9d:5f:98: 1f:d1:fd:64:ca:e6:fa:0a:95:d8:2d:7f:44:3e:bc: 95:04:80:2b:3b:19:2e:1b:e5:4b:c8:14:03:c5:9d: 02:dd:8f:e7:db:b1:36:4f:86:e1:5f:a1:75:87:46: 55:45:f0:e0:11:93:99:01:89:6a:aa:a1:74:67:05: 74:98:f1:ec:d0:92:c1:26:7b:f7:33:9e:07:eb:97: 31:46:39:29:68:82:08:53:0e:4d:cc:96:b4:55:0b: 0a:d3:01:dc:55:bc:4e:55:8d:e2:56:65:4b:1f:0b: 6c:d9:e3:10:75:a4:8f:dc:07:6c:de:24:c1:cb:1a: ef:cb:cb:88:5b:d8:c8:22:b6:f8:0e:13:af:e9:94: 67:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:2B:27:4C:0C:01:23:C7:98:C1:7D:AE:D9:E9:1B:2E:00:BB:57:E9 X509v3 Authority Key Identifier: keyid:40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:6e:66:03:42:ea:25:c4:1f:6a:66:09:48:56:88:39:76:5c: e9:49:fb:30:d7:3d:27:c7:8f:81:d2:1d:0f:86:29:88:75:f4: 04:86:b6:a4:0c:2d:2d:f0:86:96:80:28:9c:46:6f:df:ef:fe: 91:c8:a2:67:28:19:3c:69:d4:ba:76:fe:f0:94:4c:5e:c5:7d: 0d:3f:8d:d4:4a:24:e5:07:c1:2e:ab:56:93:f0:e0:94:5e:9c: af:86:a3:28:d0:91:6d:9e:2d:4e:59:28:d7:06:20:23:a1:9c: f6:62:d6:fb:5d:09:2b:6d:03:83:73:d9:f5:e4:79:2c:55:fa: ad:4b:90:0b:3f:0a:4b:52:bb:12:18:78:eb:f3:f6:88:3c:96: 3a:d1:f2:fb:b5:a6:0a:14:04:78:e4:84:63:3d:88:e7:47:bc: 39:e0:86:5d:d7:70:c9:5c:e0:62:b2:d4:66:da:34:17:1b:d6: bf:8b:97:28:14:94:cf:84:27:2b:6a:39:8f:eb:a9:4e:b0:1d: 48:ad:a3:2e:39:e1:fc:a7:05:03:7d:a8:38:31:b8:2d:9b:9f: ad:8d:67:bd:9c:5a:cf:0e:ee:47:95:9b:16:80:ea:3b:4a:a8: d2:e3:9d:b5:27:70:d3:fe:66:02:f1:05:c7:71:bb:65:b6:0c: eb:13:4f:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtVmggm0xj/PO8EVZhzT3BxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYjljYWM5MzUzMTFlNzgwMzRiNDA3MzgzMGE4MWEzY2Y3 YjQ1ZDkwHhcNMjUxMjI1MTMwMTU2WhcNMjUxMjI2MTMwMTU2WjAzMTEwLwYDVQQD EygyZDJiMjc0YzBjMDEyM2M3OThjMTdkYWVkOWU5MWIyZTAwYmI1N2U5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TnWOfXw8f2flmKscwQ0WGsinRZQ e8XlMzQzD0/k/wVeGqopcH/bwqbi6nNcjcb5I//sAVelgTdKNDRgNozn8GWFgj7+ A1qJkxZmsZFfUpeZ+KvBuvT+hO2aIPrCFQFt1tVRIBhjgnLD5uS8viOJ8OYpkFWd X5gf0f1kyub6CpXYLX9EPryVBIArOxkuG+VLyBQDxZ0C3Y/n27E2T4bhX6F1h0ZV RfDgEZOZAYlqqqF0ZwV0mPHs0JLBJnv3M54H65cxRjkpaIIIUw5NzJa0VQsK0wHc VbxOVY3iVmVLHwts2eMQdaSP3Ads3iTByxrvy8uIW9jIIrb4DhOv6ZRnqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC0rJ0wMASPHmMF9rtnpGy4Au1fpMB8GA1UdIwQY MBaAFEC5ysk1MR54A0tAc4MKgaPPe0XZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmIt NzUzNGZlMGYxYjgzLzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmItNzUzNGZlMGYxYjgz LzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV25mA0Lq JcQfamYJSFaIOXZc6Un7MNc9J8ePgdIdD4YpiHX0BIa2pAwtLfCGloAonEZv3+/+ kciiZygZPGnUunb+8JRMXsV9DT+N1Eok5QfBLqtWk/DglF6cr4ajKNCRbZ4tTlko 1wYgI6Gc9mLW+10JK20Dg3PZ9eR5LFX6rUuQCz8KS1K7Ehh46/P2iDyWOtHy+7Wm ChQEeOSEYz2I50e8OeCGXddwyVzgYrLUZto0FxvWv4uXKBSUz4QnK2o5j+upTrAd SK2jLjnh/KcFA32oODG4LZufrY1nvZxazw7uR5WbFoDqO0qo0uOdtSdw0/5mAvEF x3G7ZbYM6xNPWw== -----END CERTIFICATE-----Generated at Thu Dec 25 14:38:08 2025 by rpki-client