This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/adb871-6972-4dd6-8360-f1982a691d45/1/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.mft File: QI-gF1Mv9tn7OLQAN4lq-vCqz4s.mft (raw, json) Hash identifier: ARwG2MBCuuIv4GjmAMSFPvWD6Hts7l6y2b9V7Gjs6ec= Subject key identifier: D7:50:0B:5D:D6:1E:F4:F1:95:2C:D0:D5:45:AE:B4:81:F1:1C:A7:CC Authority key identifier: 40:8F:A0:17:53:2F:F6:D9:FB:38:B4:00:37:89:6A:FA:F0:AA:CF:8B Certificate issuer: /CN=408fa017532ff6d9fb38b40037896afaf0aacf8b Certificate serial: 019B5AF603F61B9CE5DDAA5DEBEA12F3A456 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/adb871-6972-4dd6-8360-f1982a691d45/1/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.mft Manifest number: 0964 Signing time: Fri 26 Dec 2025 14:00:30 +0000 Manifest this update: Fri 26 Dec 2025 14:00:30 +0000 Manifest next update: Sat 27 Dec 2025 14:00:30 +0000 Files and hashes: 1: QI-gF1Mv9tn7OLQAN4lq-vCqz4s.crl (hash: 3crzcoGlOMjjAAYIgvTo7NtTF0touwwblCtQwuuBR0Q=) 2: Z5KDHzf527U1qRAIHwgcHaWLd8Y.roa (hash: 2FLC0+uc30V7W0I0O5nyFk8rgVmBx+XIWSxS6WsMyJY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/adb871-6972-4dd6-8360-f1982a691d45/1/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/adb871-6972-4dd6-8360-f1982a691d45/1/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.mft rsync://rpki.ripe.net/repository/DEFAULT/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:03:f6:1b:9c:e5:dd:aa:5d:eb:ea:12:f3:a4:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408fa017532ff6d9fb38b40037896afaf0aacf8b Validity Not Before: Dec 26 14:00:30 2025 GMT Not After : Dec 27 14:00:30 2025 GMT Subject: CN=d7500b5dd61ef4f1952cd0d545aeb481f11ca7cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:56:8b:1d:a4:22:28:27:45:24:fe:13:b6:f3: 59:a7:6e:0b:1b:0c:75:5f:38:ce:c9:cf:88:63:f6: 82:e8:c9:f8:c7:f6:26:d8:23:77:8d:86:ae:c8:6b: 79:34:cb:e3:54:b3:ec:5b:60:59:d8:9d:db:3f:38: d5:ad:63:f6:92:79:eb:ed:69:cf:7c:19:de:7b:5f: 59:39:c5:c8:5f:69:cb:05:09:73:da:47:1c:4c:d3: 92:dc:2c:1d:81:2e:20:5a:83:11:01:dc:3b:1b:61: fe:5f:a4:04:8d:2f:c4:2e:12:93:49:5d:51:d1:9f: a7:20:ff:5e:fd:ec:92:27:87:e6:03:98:1c:23:51: 4c:9c:b7:0a:52:83:ef:e3:cb:40:a2:b3:57:06:b5: 04:99:6b:89:97:9e:e7:00:f8:38:4f:ac:f7:f3:37: 73:06:e4:51:4e:16:2d:45:a8:7f:0d:1d:ca:f4:30: 13:61:1f:5a:97:3f:80:2c:1c:fd:e1:02:eb:86:09: bb:36:d4:ed:5e:5c:df:26:1f:20:04:15:02:b5:d1: 61:f6:27:c1:8d:5b:58:cd:bc:e5:80:1b:fd:91:9a: a6:f0:b2:1d:e7:71:ad:b9:c5:27:af:e6:a9:eb:03: 8c:9d:1d:7f:5b:41:fa:43:81:55:14:c8:b2:3b:c9: 07:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:50:0B:5D:D6:1E:F4:F1:95:2C:D0:D5:45:AE:B4:81:F1:1C:A7:CC X509v3 Authority Key Identifier: keyid:40:8F:A0:17:53:2F:F6:D9:FB:38:B4:00:37:89:6A:FA:F0:AA:CF:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/adb871-6972-4dd6-8360-f1982a691d45/1/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/adb871-6972-4dd6-8360-f1982a691d45/1/QI-gF1Mv9tn7OLQAN4lq-vCqz4s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:59:f1:a7:99:e4:b9:22:50:26:a1:b7:22:6c:cb:4d:18:81: 2e:46:c6:24:71:8c:93:6e:2b:16:0c:f2:0b:9a:ae:e6:89:e5: a7:f3:33:1a:77:ff:1c:46:11:15:3a:4f:3c:ec:91:70:f0:46: 0a:3c:27:03:8c:cc:df:ae:cb:ce:e3:d5:1b:da:27:4f:da:bb: 4e:4c:d5:7e:28:51:a1:05:0b:d7:98:9a:b5:5f:7f:65:3a:f9: da:f5:40:8d:03:93:e4:33:90:37:0d:08:dc:c9:39:33:08:ec: dd:34:c6:78:61:8d:96:35:2e:be:ec:c6:58:47:3b:3e:43:a9: 78:f0:fb:66:66:0c:3e:2b:23:bd:ff:ef:39:cc:f2:a7:35:7e: c1:c3:86:65:2b:3e:a0:54:76:8f:c4:83:4c:30:62:58:c7:3c: 48:5e:09:78:23:bb:ad:19:8b:5b:ab:a2:de:a2:da:15:e6:28: 40:45:f2:7b:15:09:ac:ff:5d:37:5a:92:84:a5:9c:9a:01:ec: 67:de:cb:a7:d2:b4:27:04:11:bc:a2:4b:d1:60:20:5b:47:ba: 37:b0:b9:c1:c2:24:b9:29:f0:31:90:ff:be:c5:4f:08:66:9b: 9d:d9:aa:65:c0:3f:28:be:03:77:69:b4:7d:88:24:f4:e0:e4: 89:e0:5c:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9gP2G5zl3apd6+oS86RWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwOGZhMDE3NTMyZmY2ZDlmYjM4YjQwMDM3ODk2YWZhZjBh YWNmOGIwHhcNMjUxMjI2MTQwMDMwWhcNMjUxMjI3MTQwMDMwWjAzMTEwLwYDVQQD EyhkNzUwMGI1ZGQ2MWVmNGYxOTUyY2QwZDU0NWFlYjQ4MWYxMWNhN2NjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1aLHaQiKCdFJP4TtvNZp24LGwx1 XzjOyc+IY/aC6Mn4x/Ym2CN3jYauyGt5NMvjVLPsW2BZ2J3bPzjVrWP2knnr7WnP fBnee19ZOcXIX2nLBQlz2kccTNOS3CwdgS4gWoMRAdw7G2H+X6QEjS/ELhKTSV1R 0Z+nIP9e/eySJ4fmA5gcI1FMnLcKUoPv48tAorNXBrUEmWuJl57nAPg4T6z38zdz BuRRThYtRah/DR3K9DATYR9alz+ALBz94QLrhgm7NtTtXlzfJh8gBBUCtdFh9ifB jVtYzbzlgBv9kZqm8LId53GtucUnr+ap6wOMnR1/W0H6Q4FVFMiyO8kHcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNdQC13WHvTxlSzQ1UWutIHxHKfMMB8GA1UdIwQY MBaAFECPoBdTL/bZ+zi0ADeJavrwqs+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUktZ0YxTXY5dG43T0xRQU40bHEtdkNxejRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hZGI4NzEtNjk3Mi00ZGQ2LTgzNjAt ZjE5ODJhNjkxZDQ1LzEvUUktZ0YxTXY5dG43T0xRQU40bHEtdkNxejRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9hZGI4NzEtNjk3Mi00ZGQ2LTgzNjAtZjE5ODJhNjkxZDQ1 LzEvUUktZ0YxTXY5dG43T0xRQU40bHEtdkNxejRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN1nxp5nk uSJQJqG3ImzLTRiBLkbGJHGMk24rFgzyC5qu5onlp/MzGnf/HEYRFTpPPOyRcPBG CjwnA4zM367LzuPVG9onT9q7TkzVfihRoQUL15iatV9/ZTr52vVAjQOT5DOQNw0I 3Mk5Mwjs3TTGeGGNljUuvuzGWEc7PkOpePD7ZmYMPisjvf/vOczypzV+wcOGZSs+ oFR2j8SDTDBiWMc8SF4JeCO7rRmLW6ui3qLaFeYoQEXyexUJrP9dN1qShKWcmgHs Z97Lp9K0JwQRvKJL0WAgW0e6N7C5wcIkuSnwMZD/vsVPCGabndmqZcA/KL4Dd2m0 fYgk9ODkieBciQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:04:57 2025 by rpki-client