This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft File: QtzU0b098prdQHW2jymvkHBHRDw.mft (raw, json) Hash identifier: 1d7tOCEK2Gz2WtdmOeR+OzZoSeXoi4m4vuBqhH3kPNc= Subject key identifier: C4:71:16:2C:51:A3:76:0F:FC:AE:3A:ED:3C:1A:8E:76:1A:32:76:EA Authority key identifier: 42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C Certificate issuer: /CN=42dcd4d1bd3df29add4075b68f29af907047443c Certificate serial: 019B3AFDE74F4635BAC149A94681C108CC0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft Manifest number: 04B5 Signing time: Sat 20 Dec 2025 09:01:16 +0000 Manifest this update: Sat 20 Dec 2025 09:01:16 +0000 Manifest next update: Sun 21 Dec 2025 09:01:16 +0000 Files and hashes: 1: 21zXl1VT2wOLl9fEbNkRa053DOE.roa (hash: 5emuQVjcm3y58xrRXNGECOspFNylmBXZoEALIIh48B4=) 2: QtzU0b098prdQHW2jymvkHBHRDw.crl (hash: ra/5k2t56zQhxSztOwvLydihbi65fca92T1hvITBXes=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:e7:4f:46:35:ba:c1:49:a9:46:81:c1:08:cc:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42dcd4d1bd3df29add4075b68f29af907047443c Validity Not Before: Dec 20 09:01:16 2025 GMT Not After : Dec 21 09:01:16 2025 GMT Subject: CN=c471162c51a3760ffcae3aed3c1a8e761a3276ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a8:11:87:b1:58:37:a2:b7:bd:8e:5a:6c:7e: 35:8f:16:de:0a:25:d9:40:53:a1:db:85:e5:df:a0: 4d:bb:8d:f1:4c:0c:17:6d:3c:a9:c1:dc:14:64:4f: f6:88:ce:cb:47:8a:4f:38:67:d8:06:53:3e:c3:c9: 35:74:b2:6c:1d:38:e1:65:3e:ca:25:e9:d2:19:60: ce:ab:8e:9f:96:c8:5b:0c:8a:1b:44:93:df:b7:f6: 27:dd:35:f1:00:5b:ff:c2:9e:a9:9e:49:35:40:91: 40:ff:ad:1f:8d:f8:06:89:17:b5:cd:83:ca:99:43: 48:c3:41:be:1e:9c:e5:91:25:7d:6e:4e:75:e8:bf: 8b:a8:58:c7:08:2b:44:ac:c3:a8:8b:b9:10:b2:0d: af:2c:54:4d:95:28:56:19:da:a2:e4:71:ce:90:a7: 58:5a:80:36:5a:bd:30:8e:17:87:23:d0:dd:b5:a1: bc:78:c3:c8:a1:1b:64:22:3f:f6:9a:6c:e2:1d:58: 36:ce:7f:8b:71:29:04:42:8b:61:85:1e:28:15:a8: 9a:9b:47:5c:fd:dd:d9:f2:fd:0d:0f:c2:96:13:33: 68:5b:46:9e:37:e5:51:3b:29:45:a1:0e:48:81:68: 9b:ab:14:dd:95:78:c2:d6:31:01:3a:b6:b7:4b:5d: 9b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:71:16:2C:51:A3:76:0F:FC:AE:3A:ED:3C:1A:8E:76:1A:32:76:EA X509v3 Authority Key Identifier: keyid:42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:f8:b8:2f:e0:ca:be:88:20:9a:d8:7b:ae:df:38:4f:52:71: 0a:11:cf:8f:3a:bb:30:07:1a:2c:f4:e1:38:14:88:74:9a:43: c9:75:96:39:4c:e0:b3:ed:8d:37:fc:b5:16:4d:6e:c9:31:0a: c3:ff:b1:61:3d:46:65:6e:a4:7d:43:a2:f4:27:73:02:67:69: 0b:a1:2d:ce:8d:a4:bf:c2:20:1d:64:f8:e2:7a:92:d8:a7:3b: 7f:d6:46:91:ca:83:38:f5:71:6f:ee:ca:41:d6:0a:f9:72:fd: c2:f7:70:b1:5f:19:18:46:fb:b9:f1:a1:a6:db:25:ec:28:99: 7f:54:41:e6:ca:ac:0f:53:ed:04:3d:a1:6b:5d:4c:c1:3c:dd: 99:ca:b6:c6:ca:ee:b0:0f:dc:7d:4e:42:f9:3e:62:8d:99:20: 9d:13:80:bb:bf:a3:4e:4a:d2:b8:2f:77:5f:08:f1:10:c1:34: 40:83:50:e6:0f:7a:6c:14:1f:c5:fd:0c:77:97:5a:24:83:c6: 55:d0:9b:55:2c:98:57:ca:39:f5:bb:ba:75:c7:11:6b:6b:b6: ec:0b:d1:5f:f9:fd:7b:d7:13:5b:d1:1c:fe:bf:05:85:bb:e5: 70:3f:5b:de:de:23:29:99:88:47:4b:4e:07:1a:b8:2f:c0:49: 16:46:3d:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/edPRjW6wUmpRoHBCMwKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyZGNkNGQxYmQzZGYyOWFkZDQwNzViNjhmMjlhZjkwNzA0 NzQ0M2MwHhcNMjUxMjIwMDkwMTE2WhcNMjUxMjIxMDkwMTE2WjAzMTEwLwYDVQQD EyhjNDcxMTYyYzUxYTM3NjBmZmNhZTNhZWQzYzFhOGU3NjFhMzI3NmVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKgRh7FYN6K3vY5abH41jxbeCiXZ QFOh24Xl36BNu43xTAwXbTypwdwUZE/2iM7LR4pPOGfYBlM+w8k1dLJsHTjhZT7K JenSGWDOq46flshbDIobRJPft/Yn3TXxAFv/wp6pnkk1QJFA/60fjfgGiRe1zYPK mUNIw0G+HpzlkSV9bk516L+LqFjHCCtErMOoi7kQsg2vLFRNlShWGdqi5HHOkKdY WoA2Wr0wjheHI9DdtaG8eMPIoRtkIj/2mmziHVg2zn+LcSkEQothhR4oFaiam0dc /d3Z8v0ND8KWEzNoW0aeN+VROylFoQ5IgWibqxTdlXjC1jEBOra3S12bqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMRxFixRo3YP/K467TwajnYaMnbqMB8GA1UdIwQY MBaAFELc1NG9PfKa3UB1to8pr5BwR0Q8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2Yt ZmI5OGZlM2RiYzE0LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2YtZmI5OGZlM2RiYzE0 LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUvi4L+DK voggmth7rt84T1JxChHPjzq7MAcaLPThOBSIdJpDyXWWOUzgs+2NN/y1Fk1uyTEK w/+xYT1GZW6kfUOi9CdzAmdpC6Etzo2kv8IgHWT44nqS2Kc7f9ZGkcqDOPVxb+7K QdYK+XL9wvdwsV8ZGEb7ufGhptsl7CiZf1RB5sqsD1PtBD2ha11MwTzdmcq2xsru sA/cfU5C+T5ijZkgnROAu7+jTkrSuC93XwjxEME0QINQ5g96bBQfxf0Md5daJIPG VdCbVSyYV8o59bu6dccRa2u27AvRX/n9e9cTW9Ec/r8FhbvlcD9b3t4jKZmIR0tO Bxq4L8BJFkY91g== -----END CERTIFICATE-----Generated at Sat Dec 20 18:06:40 2025 by rpki-client