This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft File: QnbajwSHyFCAm0qYcoysIXKycD0.mft (raw, json) Hash identifier: G10fK0Wl3fl2S4mNv/Do00L4gF0p+IJ7FMgP3IIWtBw= Subject key identifier: CD:A2:5C:31:4F:E6:D6:4A:99:D3:D8:FA:A4:9D:16:3D:7B:BB:F1:39 Authority key identifier: 42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D Certificate issuer: /CN=4276da8f0487c850809b4a98728cac2172b2703d Certificate serial: 019B3A90ABA39D4C74799F6F65D1AE42F052 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft Manifest number: 1785 Signing time: Sat 20 Dec 2025 07:01:58 +0000 Manifest this update: Sat 20 Dec 2025 07:01:58 +0000 Manifest next update: Sun 21 Dec 2025 07:01:58 +0000 Files and hashes: 1: QnbajwSHyFCAm0qYcoysIXKycD0.crl (hash: vaIt9dDOhVyr1Uyn7kuuHkNvOwCbJ4zfFnBvAb8x+Vg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:ab:a3:9d:4c:74:79:9f:6f:65:d1:ae:42:f0:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4276da8f0487c850809b4a98728cac2172b2703d Validity Not Before: Dec 20 07:01:58 2025 GMT Not After : Dec 21 07:01:58 2025 GMT Subject: CN=cda25c314fe6d64a99d3d8faa49d163d7bbbf139 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:00:2c:51:2e:3d:75:48:be:2a:29:98:96:08: b8:4b:76:f3:e9:be:03:74:f5:7c:7e:cb:d9:8f:ae: ca:af:cd:d6:ea:91:d1:91:15:cf:bc:2b:98:41:71: d2:55:01:52:c5:e2:2a:ee:cf:4b:84:f4:10:8f:2a: b1:51:e8:0b:6a:7f:9b:1f:14:0d:61:15:60:a8:41: ee:9a:2f:63:06:0b:cc:37:1a:1a:a6:a9:9e:87:ae: d6:42:95:54:d9:24:92:3b:e6:31:1a:c7:76:86:b9: 02:58:a3:77:11:f8:e5:95:c3:dc:a8:0d:22:93:6e: f2:ea:a3:3a:ff:06:54:00:45:68:6e:4b:48:f2:87: ed:19:26:a7:09:4a:f0:e8:97:fd:05:1f:8a:42:f8: 32:dc:57:b1:9e:9d:28:c9:ec:60:c1:10:33:61:8c: ca:ee:da:90:bc:9c:d0:0f:7e:2e:11:8c:16:03:d6: 42:b6:cb:5b:5f:1b:b0:a5:2f:8a:75:55:06:e9:e8: 7a:5d:94:1e:06:fa:7b:73:c8:58:63:19:3f:06:b6: 5e:d4:d4:c6:c0:2b:be:27:8e:98:fd:b1:8b:5c:a0: a6:2b:0d:62:52:f9:e2:b2:b0:0e:e9:84:56:6a:0f: 02:91:ce:b8:a2:8e:cf:36:b2:4b:ec:69:c3:ff:91: ac:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:A2:5C:31:4F:E6:D6:4A:99:D3:D8:FA:A4:9D:16:3D:7B:BB:F1:39 X509v3 Authority Key Identifier: keyid:42:76:DA:8F:04:87:C8:50:80:9B:4A:98:72:8C:AC:21:72:B2:70:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnbajwSHyFCAm0qYcoysIXKycD0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ea1072-f326-4e51-adf1-ba9b0fa1b7a2/1/QnbajwSHyFCAm0qYcoysIXKycD0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:2a:df:09:7d:41:34:6b:c0:d8:21:03:6f:92:ab:f6:63:7e: 86:6a:71:c2:72:5d:e6:35:fa:53:28:1c:ef:51:b6:65:a3:8d: 1a:48:e1:3c:56:b7:1a:0a:ee:76:c6:d9:b1:f1:04:55:79:08: e9:a8:bd:20:ee:e1:1f:41:78:9c:c5:f7:2f:74:bd:69:4e:bf: fb:47:fd:a4:6a:f5:75:c1:ab:a6:e3:1f:ad:8d:62:3f:2f:20: 17:1d:82:89:1a:fc:7d:86:5d:32:51:c3:2f:af:c3:3c:09:18: 17:80:f7:14:1e:98:86:57:39:33:fa:e5:23:6c:e8:2c:43:57: be:7f:81:e5:85:55:47:4f:68:d8:d4:51:3c:47:88:e4:f1:30: 76:83:99:de:b7:72:53:0a:40:ed:9a:42:07:64:7b:73:41:22: 29:06:8d:9c:b3:3f:f7:35:b6:60:f1:84:41:c9:25:db:7c:5c: 5a:82:e2:3f:99:26:05:e1:48:6e:4c:be:a0:2e:4a:bf:78:ce: a9:60:a8:a3:18:e5:31:bb:7e:93:69:21:3f:f8:c7:05:a6:b3: 9b:15:0a:9d:20:24:84:03:c6:d5:5c:9f:34:43:95:18:11:9a: ce:5d:9e:00:c7:50:21:45:69:f8:fd:07:26:17:bd:4a:1f:87: fb:98:e1:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kKujnUx0eZ9vZdGuQvBSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyNzZkYThmMDQ4N2M4NTA4MDliNGE5ODcyOGNhYzIxNzJi MjcwM2QwHhcNMjUxMjIwMDcwMTU4WhcNMjUxMjIxMDcwMTU4WjAzMTEwLwYDVQQD EyhjZGEyNWMzMTRmZTZkNjRhOTlkM2Q4ZmFhNDlkMTYzZDdiYmJmMTM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowAsUS49dUi+KimYlgi4S3bz6b4D dPV8fsvZj67Kr83W6pHRkRXPvCuYQXHSVQFSxeIq7s9LhPQQjyqxUegLan+bHxQN YRVgqEHumi9jBgvMNxoapqmeh67WQpVU2SSSO+YxGsd2hrkCWKN3EfjllcPcqA0i k27y6qM6/wZUAEVobktI8oftGSanCUrw6Jf9BR+KQvgy3Fexnp0oyexgwRAzYYzK 7tqQvJzQD34uEYwWA9ZCtstbXxuwpS+KdVUG6eh6XZQeBvp7c8hYYxk/BrZe1NTG wCu+J46Y/bGLXKCmKw1iUvnisrAO6YRWag8Ckc64oo7PNrJL7GnD/5Gs/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM2iXDFP5tZKmdPY+qSdFj17u/E5MB8GA1UdIwQY MBaAFEJ22o8Eh8hQgJtKmHKMrCFysnA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEt YmE5YjBmYTFiN2EyLzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9lYTEwNzItZjMyNi00ZTUxLWFkZjEtYmE5YjBmYTFiN2Ey LzEvUW5iYWp3U0h5RkNBbTBxWWNveXNJWEt5Y0QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiyrfCX1B NGvA2CEDb5Kr9mN+hmpxwnJd5jX6Uygc71G2ZaONGkjhPFa3GgrudsbZsfEEVXkI 6ai9IO7hH0F4nMX3L3S9aU6/+0f9pGr1dcGrpuMfrY1iPy8gFx2CiRr8fYZdMlHD L6/DPAkYF4D3FB6Yhlc5M/rlI2zoLENXvn+B5YVVR09o2NRRPEeI5PEwdoOZ3rdy UwpA7ZpCB2R7c0EiKQaNnLM/9zW2YPGEQckl23xcWoLiP5kmBeFIbky+oC5Kv3jO qWCooxjlMbt+k2khP/jHBaazmxUKnSAkhAPG1VyfNEOVGBGazl2eAMdQIUVp+P0H Jhe9Sh+H+5jhIA== -----END CERTIFICATE-----Generated at Sat Dec 20 10:47:02 2025 by rpki-client