This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft File: QAlHG9muvWlFaoNaP7CjUbBSZgI.mft (raw, json) Hash identifier: w2/uu1i/pyE7BKkDMZC5bPjatvd98YJ/OFqyth/fLQE= Subject key identifier: 12:51:87:B2:90:6E:5C:67:A5:15:87:6C:C9:CA:1C:F4:DB:F8:43:DD Authority key identifier: 40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02 Certificate issuer: /CN=4009471bd9aebd69456a835a3fb0a351b0526602 Certificate serial: 019B59ACB39970A5C0F2BF4056677D77AD1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft Manifest number: 01B3 Signing time: Fri 26 Dec 2025 08:00:48 +0000 Manifest this update: Fri 26 Dec 2025 08:00:48 +0000 Manifest next update: Sat 27 Dec 2025 08:00:48 +0000 Files and hashes: 1: QAlHG9muvWlFaoNaP7CjUbBSZgI.crl (hash: EBebKn9hVZvqziUpbvBj3SKxVd9jskvnHPAAt+MZbFE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:b3:99:70:a5:c0:f2:bf:40:56:67:7d:77:ad:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4009471bd9aebd69456a835a3fb0a351b0526602 Validity Not Before: Dec 26 08:00:48 2025 GMT Not After : Dec 27 08:00:48 2025 GMT Subject: CN=125187b2906e5c67a515876cc9ca1cf4dbf843dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:16:68:35:4c:f2:73:09:fb:ed:6e:50:cf:87: 0c:97:7f:74:73:7c:2f:44:18:7e:1e:e1:9b:ca:44: 35:5d:7e:ca:b0:88:a6:e2:4f:18:eb:1c:b9:07:9a: af:9f:94:06:4a:44:cd:02:97:fb:c5:cb:c1:6d:f6: b4:5f:87:e6:ac:ad:74:01:b9:c3:4a:3f:45:8d:84: 6b:14:9e:cf:a3:9d:95:d4:22:9a:44:05:4b:25:dc: 69:02:64:20:fa:64:ee:6b:64:cf:65:fd:82:41:ce: ac:9d:a1:73:7d:1b:6c:4a:e8:75:f9:f5:f6:a4:5e: b4:0a:ec:6b:47:f4:45:ad:83:b5:e9:56:20:5a:4e: 81:98:65:c8:bb:25:44:a2:a9:4b:8a:e7:80:92:6c: 1a:b5:12:e4:dc:5e:63:03:0c:5a:8e:96:a2:b5:d5: 1b:dd:df:df:d0:56:0a:ad:37:04:8f:31:87:ec:70: a8:74:e1:30:a6:56:f5:41:51:75:b4:cb:80:b0:d7: b5:f1:2a:a5:97:86:58:31:27:ed:03:89:51:02:fc: 62:d5:a4:86:76:82:57:47:62:1b:58:5b:00:c8:44: 5b:bb:d4:1e:69:c1:70:9a:b8:f8:af:f1:66:1b:ca: 54:ce:18:e9:ec:61:bd:64:97:8c:be:92:6b:6f:9b: c4:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:51:87:B2:90:6E:5C:67:A5:15:87:6C:C9:CA:1C:F4:DB:F8:43:DD X509v3 Authority Key Identifier: keyid:40:09:47:1B:D9:AE:BD:69:45:6A:83:5A:3F:B0:A3:51:B0:52:66:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAlHG9muvWlFaoNaP7CjUbBSZgI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b136f-0041-4dc4-ac7b-43ecdc3f4bef/1/QAlHG9muvWlFaoNaP7CjUbBSZgI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:eb:54:b3:85:4b:2f:87:01:86:fe:8a:78:f3:ed:60:f0:7d: a2:ef:7c:79:bc:8d:4d:b1:c2:ea:2c:e6:e2:21:20:09:24:fd: f4:ce:da:96:5d:f7:40:51:c1:f4:e7:2e:8e:d7:5e:d8:6e:7c: 8d:39:1d:91:a6:06:84:53:d4:fb:c9:ab:34:7b:00:61:80:2c: 89:b6:81:3d:23:38:71:13:77:6c:ab:97:ad:4a:c9:5d:4f:e1: 5d:a3:62:bd:7e:75:cd:7f:f2:b2:5e:e6:a6:0d:94:47:8f:8e: b4:08:8f:42:53:33:ab:b7:ca:7a:37:f8:1f:4b:7c:2f:6a:5a: 5d:53:ec:72:fb:72:e5:13:4f:1e:54:05:c5:60:8e:f7:ae:e4: 18:f4:e6:7c:03:b6:35:4e:27:2b:75:b9:d9:27:5a:61:e7:e3: 05:6e:06:a8:82:91:9c:22:68:a1:0d:a2:02:50:48:f1:1a:a4: 4b:c7:f2:90:2c:94:3b:1c:52:ac:12:6c:18:1f:ec:fd:ca:97: 92:ba:94:70:ec:79:76:5f:cc:fc:9e:d6:27:ad:62:6a:fb:ba: ae:f1:4c:28:a4:8b:f1:b8:a3:35:80:f0:1b:ba:39:b1:bc:b8: 4d:e8:89:ba:71:12:24:dd:e4:a3:13:f1:ea:bc:88:28:0a:79: 05:f5:fc:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrLOZcKXA8r9AVmd9d60bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMDk0NzFiZDlhZWJkNjk0NTZhODM1YTNmYjBhMzUxYjA1 MjY2MDIwHhcNMjUxMjI2MDgwMDQ4WhcNMjUxMjI3MDgwMDQ4WjAzMTEwLwYDVQQD EygxMjUxODdiMjkwNmU1YzY3YTUxNTg3NmNjOWNhMWNmNGRiZjg0M2RkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxZoNUzycwn77W5Qz4cMl390c3wv RBh+HuGbykQ1XX7KsIim4k8Y6xy5B5qvn5QGSkTNApf7xcvBbfa0X4fmrK10AbnD Sj9FjYRrFJ7Po52V1CKaRAVLJdxpAmQg+mTua2TPZf2CQc6snaFzfRtsSuh1+fX2 pF60CuxrR/RFrYO16VYgWk6BmGXIuyVEoqlLiueAkmwatRLk3F5jAwxajpaitdUb 3d/f0FYKrTcEjzGH7HCodOEwplb1QVF1tMuAsNe18Sqll4ZYMSftA4lRAvxi1aSG doJXR2IbWFsAyERbu9QeacFwmrj4r/FmG8pUzhjp7GG9ZJeMvpJrb5vEKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBJRh7KQblxnpRWHbMnKHPTb+EPdMB8GA1UdIwQY MBaAFEAJRxvZrr1pRWqDWj+wo1GwUmYCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2It NDNlY2RjM2Y0YmVmLzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8yYjEzNmYtMDA0MS00ZGM0LWFjN2ItNDNlY2RjM2Y0YmVm LzEvUUFsSEc5bXV2V2xGYW9OYVA3Q2pVYkJTWmdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+tUs4VL L4cBhv6KePPtYPB9ou98ebyNTbHC6izm4iEgCST99M7all33QFHB9Ocujtde2G58 jTkdkaYGhFPU+8mrNHsAYYAsibaBPSM4cRN3bKuXrUrJXU/hXaNivX51zX/ysl7m pg2UR4+OtAiPQlMzq7fKejf4H0t8L2paXVPscvty5RNPHlQFxWCO967kGPTmfAO2 NU4nK3W52SdaYefjBW4GqIKRnCJooQ2iAlBI8RqkS8fykCyUOxxSrBJsGB/s/cqX krqUcOx5dl/M/J7WJ61iavu6rvFMKKSL8bijNYDwG7o5sby4TeiJunESJN3koxPx 6ryIKAp5BfX8+Q== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:19 2025 by rpki-client