This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft File: QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft (raw, json) Hash identifier: Cu72IvWOzCFgWAz5yqHxulu58VIKkZfZBDUtuHMu5lM= Subject key identifier: 7D:4C:8C:01:DC:C5:C5:37:17:21:48:FC:A9:B3:54:CB:73:FF:E9:1B Authority key identifier: 40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2 Certificate issuer: /CN=40ee9765864bd11d4a349426e372e11a94348de2 Certificate serial: 019B5F40D40F442B707BBDA2F9D75652CB05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft Manifest number: 08A9 Signing time: Sat 27 Dec 2025 10:00:42 +0000 Manifest this update: Sat 27 Dec 2025 10:00:42 +0000 Manifest next update: Sun 28 Dec 2025 10:00:42 +0000 Files and hashes: 1: QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl (hash: CSxiTdMLrdAlMyW/VyascKmzsJl7fKBHvRfR3vY4E6I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:40:d4:0f:44:2b:70:7b:bd:a2:f9:d7:56:52:cb:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40ee9765864bd11d4a349426e372e11a94348de2 Validity Not Before: Dec 27 10:00:42 2025 GMT Not After : Dec 28 10:00:42 2025 GMT Subject: CN=7d4c8c01dcc5c537172148fca9b354cb73ffe91b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:86:b5:fc:3c:3f:b9:20:55:9d:89:a5:da:a3: 53:a5:ce:6d:f7:5d:00:1f:a1:bd:90:07:3d:fa:2d: 6d:2b:ca:6c:ef:b2:fb:84:50:eb:e7:ab:39:cd:de: f5:40:64:45:2f:9e:18:58:3f:85:7a:85:b3:d3:5f: 43:e5:f4:77:37:c2:a7:86:45:a6:17:99:82:20:5d: 1e:e0:85:c5:c2:a7:78:f8:4f:a7:82:16:de:f0:f5: 34:0c:13:2b:72:ab:d8:f3:e0:95:f7:22:cf:42:b5: 8a:fe:0a:2b:d5:44:61:f3:ec:20:43:1a:7a:c9:99: f4:70:2c:88:08:d2:15:1b:9a:89:53:01:9b:32:54: a0:67:49:4b:6a:5f:f8:bd:2d:78:f0:0d:48:ae:ad: 0a:6d:8e:0e:a4:42:54:4c:a9:b3:eb:15:a8:86:b6: 50:e1:30:4f:44:b8:ef:3c:d1:5c:c2:c0:30:f5:4a: 70:5c:24:ee:72:84:87:e9:fa:b3:9d:c9:4b:59:e0: 9e:12:a4:c5:70:17:8d:11:2f:bf:c9:d0:d2:1f:05: b0:9b:a3:04:c8:c8:f9:37:62:8e:fe:2b:ef:fd:97: 90:66:e8:66:40:50:0e:a9:ff:b4:73:11:67:ad:13: e0:7b:ba:42:7f:23:b9:96:8f:b1:53:d3:17:a1:83: 93:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:4C:8C:01:DC:C5:C5:37:17:21:48:FC:A9:B3:54:CB:73:FF:E9:1B X509v3 Authority Key Identifier: keyid:40:EE:97:65:86:4B:D1:1D:4A:34:94:26:E3:72:E1:1A:94:34:8D:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QO6XZYZL0R1KNJQm43LhGpQ0jeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/65d7b9-ccf9-4b73-b669-3533a512fcf7/1/QO6XZYZL0R1KNJQm43LhGpQ0jeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:ec:e4:28:26:32:cb:ea:50:07:34:6c:55:ea:fb:8c:77:ac: d9:89:97:4a:24:89:f9:65:1e:ca:13:ee:d2:d1:8c:85:56:59: d0:90:ea:e2:0e:d7:b5:a8:1e:e5:fd:dd:0c:4a:55:85:4c:fd: 9e:07:86:1e:e2:57:a9:f9:e7:20:89:0d:62:42:10:fb:a3:e5: d2:b6:45:1a:70:26:9d:5a:d3:02:ed:69:28:71:93:31:8e:97: 5c:ea:3e:7d:99:54:2b:12:ad:22:f0:fa:da:64:51:e3:4a:99: 6c:93:a2:03:16:7a:de:53:36:8f:5d:be:26:74:d7:6e:9a:47: 22:3e:51:d8:04:23:8f:a9:c6:63:d8:ef:65:3d:6d:71:5d:22: 8f:42:20:5e:17:a2:04:f4:98:7d:f0:6a:a0:d0:29:01:45:b1: 62:a3:b6:e9:0a:50:da:7c:be:30:27:21:fa:c5:94:c2:a0:6e: 37:68:e6:a4:6b:91:55:3e:ae:b2:52:f8:d9:b4:60:ab:a2:bf: c6:35:1a:b8:12:a8:8c:79:44:87:01:57:b7:7a:20:2a:2b:8c: 5a:99:0f:12:38:1e:7f:41:b4:63:03:22:b9:29:3d:ed:78:d2: b1:43:c4:e5:12:30:bb:5f:48:ee:fd:3e:60:f2:e8:43:a2:9c: 12:ba:04:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtfQNQPRCtwe72i+ddWUssFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwZWU5NzY1ODY0YmQxMWQ0YTM0OTQyNmUzNzJlMTFhOTQz NDhkZTIwHhcNMjUxMjI3MTAwMDQyWhcNMjUxMjI4MTAwMDQyWjAzMTEwLwYDVQQD Eyg3ZDRjOGMwMWRjYzVjNTM3MTcyMTQ4ZmNhOWIzNTRjYjczZmZlOTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoa1/Dw/uSBVnYml2qNTpc5t910A H6G9kAc9+i1tK8ps77L7hFDr56s5zd71QGRFL54YWD+FeoWz019D5fR3N8KnhkWm F5mCIF0e4IXFwqd4+E+nghbe8PU0DBMrcqvY8+CV9yLPQrWK/gor1URh8+wgQxp6 yZn0cCyICNIVG5qJUwGbMlSgZ0lLal/4vS148A1Irq0KbY4OpEJUTKmz6xWohrZQ 4TBPRLjvPNFcwsAw9UpwXCTucoSH6fqznclLWeCeEqTFcBeNES+/ydDSHwWwm6ME yMj5N2KO/ivv/ZeQZuhmQFAOqf+0cxFnrRPge7pCfyO5lo+xU9MXoYOTawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH1MjAHcxcU3FyFI/KmzVMtz/+kbMB8GA1UdIwQY MBaAFEDul2WGS9EdSjSUJuNy4RqUNI3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2Njkt MzUzM2E1MTJmY2Y3LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC82NWQ3YjktY2NmOS00YjczLWI2NjktMzUzM2E1MTJmY2Y3 LzEvUU82WFpZWkwwUjFLTkpRbTQzTGhHcFEwamVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuzkKCYy y+pQBzRsVer7jHes2YmXSiSJ+WUeyhPu0tGMhVZZ0JDq4g7Xtage5f3dDEpVhUz9 ngeGHuJXqfnnIIkNYkIQ+6Pl0rZFGnAmnVrTAu1pKHGTMY6XXOo+fZlUKxKtIvD6 2mRR40qZbJOiAxZ63lM2j12+JnTXbppHIj5R2AQjj6nGY9jvZT1tcV0ij0IgXhei BPSYffBqoNApAUWxYqO26QpQ2ny+MCch+sWUwqBuN2jmpGuRVT6uslL42bRgq6K/ xjUauBKojHlEhwFXt3ogKiuMWpkPEjgef0G0YwMiuSk97XjSsUPE5RIwu19I7v0+ YPLoQ6KcEroEfA== -----END CERTIFICATE-----Generated at Sat Dec 27 17:47:52 2025 by rpki-client