This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft File: QPwHKZcRrfoiLiexKLdtHZdFBYI.mft (raw, json) Hash identifier: fICH6o2Kb+/DfnULLH5AM7k0Cm4Bz0GYnp4RC6PEZ+U= Subject key identifier: A5:60:73:B1:00:06:0F:51:BD:5B:2F:A1:14:CF:E2:0A:FA:61:54:F8 Authority key identifier: 40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82 Certificate issuer: /CN=40fc07299711adfa222e27b128b76d1d97450582 Certificate serial: 019B4B15C887A46F0A801303757E7AD9480D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft Manifest number: 143D Signing time: Tue 23 Dec 2025 12:01:17 +0000 Manifest this update: Tue 23 Dec 2025 12:01:17 +0000 Manifest next update: Wed 24 Dec 2025 12:01:17 +0000 Files and hashes: 1: 6KpfPRVUGyFsCkAEFBqf-wSXAyw.roa (hash: kWhiEuOzAfB/QvRqngqpda0Xfcej2KhLVFQbnAjy7tQ=) 2: QPwHKZcRrfoiLiexKLdtHZdFBYI.crl (hash: hxlGxw/ahJ7weUF3ZiSZOWc+uGJ/ko2K8i2FW35dNOo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:15:c8:87:a4:6f:0a:80:13:03:75:7e:7a:d9:48:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40fc07299711adfa222e27b128b76d1d97450582 Validity Not Before: Dec 23 12:01:17 2025 GMT Not After : Dec 24 12:01:17 2025 GMT Subject: CN=a56073b100060f51bd5b2fa114cfe20afa6154f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:fd:82:fc:ae:f8:51:2a:ea:b5:6f:ec:d9:05: b1:3c:99:1b:07:ae:f7:e6:a3:d8:93:25:15:8e:d1: bb:57:e2:56:33:1e:ec:56:b6:9e:8c:a7:f1:c2:26: 14:60:43:89:a4:7f:f1:e1:e3:1d:e0:4b:5b:cf:d3: e5:d4:a9:5d:a1:3c:f2:e1:3d:d1:23:ea:ba:99:b0: b7:d3:a2:95:99:c5:4b:4b:c6:1d:ea:6c:f2:9c:50: 91:73:09:7a:64:84:ce:82:ec:ce:a5:45:75:33:2a: 72:46:73:63:a5:cc:ba:7f:ba:73:3f:06:15:90:89: d1:17:3b:0f:11:b5:42:1c:03:17:61:dc:65:90:87: 2c:f1:91:b0:46:a8:68:0f:4d:14:9a:25:37:ab:87: 46:80:c6:3f:bc:35:fe:52:ca:3e:bf:a7:e9:a2:90: 5a:56:b3:ee:30:1f:47:b9:e4:cc:34:6d:a0:ac:8c: 20:f3:68:b7:66:af:91:8b:b3:48:c5:d9:fc:2a:f6: f3:f4:6b:6e:7a:44:2d:e3:a6:5c:f5:7a:ff:c3:eb: a7:ae:e0:55:5b:cd:02:b7:a2:8f:cd:67:87:fb:ee: b5:c0:69:b0:d3:3e:9b:23:d3:b1:ac:1b:c9:77:19: 25:7c:88:60:a2:63:d8:f3:fe:86:a1:7e:f4:90:bf: 53:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:60:73:B1:00:06:0F:51:BD:5B:2F:A1:14:CF:E2:0A:FA:61:54:F8 X509v3 Authority Key Identifier: keyid:40:FC:07:29:97:11:AD:FA:22:2E:27:B1:28:B7:6D:1D:97:45:05:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPwHKZcRrfoiLiexKLdtHZdFBYI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5dc87a-f329-4c44-8235-77e3beab61eb/1/QPwHKZcRrfoiLiexKLdtHZdFBYI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:70:36:34:e2:0f:38:f4:fc:d1:be:f4:ae:02:94:2f:a5:c5: 42:05:ed:37:bf:5d:fb:13:7d:5e:bc:ef:20:40:8f:3d:f7:1b: 00:a8:7c:3c:1e:c1:8d:0f:2c:1e:6c:ca:f5:06:75:d2:2b:6a: 3b:49:a8:ba:cb:a9:88:94:72:a2:29:73:4a:dc:2c:fb:88:3b: 75:9c:d9:27:38:02:ae:83:33:83:c7:ff:7d:fc:c9:c9:d1:c3: 55:65:b5:fe:f5:a1:87:0d:dc:9a:cc:1f:02:49:b0:aa:aa:e8: 82:62:b7:a5:af:a5:64:00:c5:55:6d:61:44:f2:50:52:91:ad: 08:84:a9:0c:ed:58:44:34:7d:8d:a8:f2:46:2d:81:4c:92:6b: 1d:e1:db:f4:79:8c:35:6c:97:96:2e:5b:2d:41:be:02:03:50: 3b:b5:99:d8:18:28:82:2d:24:d4:aa:0a:ce:a2:dd:b9:c9:31: 41:62:ad:dc:5f:fb:e9:c3:55:68:6d:ef:03:75:e1:aa:53:46: 7b:2c:33:ae:e5:14:71:b9:58:7f:b0:1b:d6:26:39:a0:b7:db: 0a:63:73:fd:10:f1:4a:0c:8d:df:3e:05:03:76:31:31:0f:1a: b1:9c:99:91:10:cf:d7:89:58:40:71:eb:c1:ac:b8:29:b4:47: 43:43:29:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLFciHpG8KgBMDdX562UgNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwZmMwNzI5OTcxMWFkZmEyMjJlMjdiMTI4Yjc2ZDFkOTc0 NTA1ODIwHhcNMjUxMjIzMTIwMTE3WhcNMjUxMjI0MTIwMTE3WjAzMTEwLwYDVQQD EyhhNTYwNzNiMTAwMDYwZjUxYmQ1YjJmYTExNGNmZTIwYWZhNjE1NGY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/2C/K74USrqtW/s2QWxPJkbB673 5qPYkyUVjtG7V+JWMx7sVraejKfxwiYUYEOJpH/x4eMd4Etbz9Pl1KldoTzy4T3R I+q6mbC306KVmcVLS8Yd6mzynFCRcwl6ZITOguzOpUV1MypyRnNjpcy6f7pzPwYV kInRFzsPEbVCHAMXYdxlkIcs8ZGwRqhoD00UmiU3q4dGgMY/vDX+Uso+v6fpopBa VrPuMB9HueTMNG2grIwg82i3Zq+Ri7NIxdn8Kvbz9GtuekQt46Zc9Xr/w+unruBV W80Ct6KPzWeH++61wGmw0z6bI9OxrBvJdxklfIhgomPY8/6GoX70kL9T8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKVgc7EABg9RvVsvoRTP4gr6YVT4MB8GA1UdIwQY MBaAFED8BymXEa36Ii4nsSi3bR2XRQWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUt NzdlM2JlYWI2MWViLzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi81ZGM4N2EtZjMyOS00YzQ0LTgyMzUtNzdlM2JlYWI2MWVi LzEvUVB3SEtaY1JyZm9pTGlleEtMZHRIWmRGQllJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3A2NOIP OPT80b70rgKUL6XFQgXtN79d+xN9XrzvIECPPfcbAKh8PB7BjQ8sHmzK9QZ10itq O0mousupiJRyoilzStws+4g7dZzZJzgCroMzg8f/ffzJydHDVWW1/vWhhw3cmswf AkmwqqrogmK3pa+lZADFVW1hRPJQUpGtCISpDO1YRDR9jajyRi2BTJJrHeHb9HmM NWyXli5bLUG+AgNQO7WZ2Bgogi0k1KoKzqLduckxQWKt3F/76cNVaG3vA3XhqlNG eywzruUUcblYf7Ab1iY5oLfbCmNz/RDxSgyN3z4FA3YxMQ8asZyZkRDP14lYQHHr way4KbRHQ0Mptg== -----END CERTIFICATE-----Generated at Tue Dec 23 14:53:08 2025 by rpki-client