This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft File: QBY91EFO8-eS4AUB80786UQKnE4.mft (raw, json) Hash identifier: rbbZD6/qG0XmqRIvWuuMuzWiZKzcdWOgmyxHbVUGU8E= Subject key identifier: 74:80:02:50:E6:F6:AC:DE:C9:AF:56:99:88:B3:9F:81:9C:E4:9B:5B Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e Certificate serial: 019B3CEBD4245CC59A1BFE6912842E604050 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft Manifest number: 178A Signing time: Sat 20 Dec 2025 18:00:46 +0000 Manifest this update: Sat 20 Dec 2025 18:00:46 +0000 Manifest next update: Sun 21 Dec 2025 18:00:46 +0000 Files and hashes: 1: QBY91EFO8-eS4AUB80786UQKnE4.crl (hash: qs0bjGw1ecsadCQmHcPwZ45zlO7aBbWECDAzqIz75wc=) 2: gYnUiXQeHZXoU2ZAN-fbsd-Pbx0.roa (hash: V+jQPfwx3Xoa/wL9PzJ6rz+juFyDwb1B2F2Hpp1ngN4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:eb:d4:24:5c:c5:9a:1b:fe:69:12:84:2e:60:40:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e Validity Not Before: Dec 20 18:00:46 2025 GMT Not After : Dec 21 18:00:46 2025 GMT Subject: CN=74800250e6f6acdec9af569988b39f819ce49b5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:e1:b0:4a:0a:ef:91:85:08:db:98:6a:19:54: 44:59:04:9d:d5:bf:5f:b1:ac:42:8f:9e:cc:7d:86: d1:7d:6b:35:11:d9:12:8f:62:1a:65:cf:de:44:f0: 2e:30:d0:ee:76:1c:8a:79:da:af:3c:14:56:45:2d: 95:0c:f2:5b:da:52:a4:bc:ed:69:8c:0c:0b:64:49: 0a:4f:57:c0:58:eb:3b:45:f8:23:2d:8f:c7:14:b1: 8a:53:40:1f:08:7f:a4:40:c4:67:72:9c:0e:52:88: b9:43:ed:14:62:12:e7:cc:74:25:89:e4:d2:ca:57: 15:6b:f0:62:b9:00:b3:5b:e8:7f:18:87:31:66:2c: 61:76:2f:60:e6:bf:aa:a2:32:f6:19:46:1f:bb:24: 0e:fb:46:36:ae:c4:23:53:55:4d:cf:b0:16:23:f4: 72:64:2c:a0:44:f1:1d:01:b4:59:9d:b4:6d:c4:d9: f6:93:70:76:be:12:c3:8f:9f:4f:42:4a:b4:7c:79: d7:40:de:fd:b2:4c:0f:1f:74:48:c8:11:24:f6:ee: d5:c6:17:a3:fa:a9:f1:10:e3:10:9d:91:a2:d1:ce: b4:76:45:fb:ab:ba:0c:db:7a:1f:dc:25:cd:38:29: fd:30:89:26:e3:77:65:b2:cb:4b:81:b6:23:83:b2: 12:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:80:02:50:E6:F6:AC:DE:C9:AF:56:99:88:B3:9F:81:9C:E4:9B:5B X509v3 Authority Key Identifier: keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:5e:3d:56:98:37:34:75:3d:b5:5d:30:d9:f0:e9:93:22:bd: ce:db:91:f0:a0:9a:ae:89:ea:30:79:7d:b2:aa:fe:40:14:af: 9a:f5:a5:bd:a5:9d:90:e5:55:81:84:4a:49:d0:6f:d8:cf:be: 62:35:78:c5:e3:db:d3:07:ac:35:06:62:43:e5:72:b5:11:8c: 2f:40:7c:cf:5f:6a:22:88:59:28:67:41:dc:0b:5b:6a:e0:46: 5c:d6:68:32:78:5e:65:f2:df:2d:7d:46:7c:e9:28:20:2f:1e: 96:b4:81:ea:f8:f4:cf:09:13:4d:65:55:09:01:3c:79:f7:2d: b4:dd:67:d6:62:59:41:2e:f9:4a:eb:01:e3:b6:e0:7b:4d:95: 44:b3:c3:d4:f5:36:63:a8:43:e4:83:51:a1:e0:7d:ae:7a:a3: ca:c0:5b:45:56:66:ee:fe:da:10:f5:a8:bf:7b:f0:e1:13:fa: ee:8d:3c:3d:ce:cf:b2:60:df:df:ad:04:08:d5:3d:81:04:e9: 68:07:f8:28:2c:64:19:cd:53:21:71:97:60:7d:3a:95:8a:92: 2b:e9:dc:1a:52:9c:79:06:49:3c:1b:c5:7a:5e:48:5c:91:c4: c4:af:c1:47:07:98:f7:c6:05:20:99:40:a4:b1:ac:f5:8f:3e: b2:02:58:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs869QkXMWaG/5pEoQuYEBQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw YTljNGUwHhcNMjUxMjIwMTgwMDQ2WhcNMjUxMjIxMTgwMDQ2WjAzMTEwLwYDVQQD Eyg3NDgwMDI1MGU2ZjZhY2RlYzlhZjU2OTk4OGIzOWY4MTljZTQ5YjViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uGwSgrvkYUI25hqGVREWQSd1b9f saxCj57MfYbRfWs1EdkSj2IaZc/eRPAuMNDudhyKedqvPBRWRS2VDPJb2lKkvO1p jAwLZEkKT1fAWOs7RfgjLY/HFLGKU0AfCH+kQMRncpwOUoi5Q+0UYhLnzHQlieTS ylcVa/BiuQCzW+h/GIcxZixhdi9g5r+qojL2GUYfuyQO+0Y2rsQjU1VNz7AWI/Ry ZCygRPEdAbRZnbRtxNn2k3B2vhLDj59PQkq0fHnXQN79skwPH3RIyBEk9u7Vxhej +qnxEOMQnZGi0c60dkX7q7oM23of3CXNOCn9MIkm43dlsstLgbYjg7ISAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHSAAlDm9qzeya9WmYizn4Gc5JtbMB8GA1UdIwQY MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt MzYyMmFjN2Q2NWNjLzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlF49Vpg3 NHU9tV0w2fDpkyK9ztuR8KCaronqMHl9sqr+QBSvmvWlvaWdkOVVgYRKSdBv2M++ YjV4xePb0wesNQZiQ+VytRGML0B8z19qIohZKGdB3AtbauBGXNZoMnheZfLfLX1G fOkoIC8elrSB6vj0zwkTTWVVCQE8efcttN1n1mJZQS75SusB47bge02VRLPD1PU2 Y6hD5INRoeB9rnqjysBbRVZm7v7aEPWov3vw4RP67o08Pc7PsmDf360ECNU9gQTp aAf4KCxkGc1TIXGXYH06lYqSK+ncGlKceQZJPBvFel5IXJHExK/BRweY98YFIJlA pLGs9Y8+sgJYZA== -----END CERTIFICATE-----Generated at Sun Dec 21 03:55:25 2025 by rpki-client