This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft File: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json) Hash identifier: tLwSSI+OOeanC1DZiNFtn/MjAWb9JVTHODLqY8Jlens= Subject key identifier: 05:24:5F:60:85:77:87:7C:61:69:25:22:87:7E:E0:E3:B2:44:5A:0A Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94 Certificate issuer: /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394 Certificate serial: 019B3569FD2F409C947BD429BE25F14E9420 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft Manifest number: 1780 Signing time: Fri 19 Dec 2025 07:01:37 +0000 Manifest this update: Fri 19 Dec 2025 07:01:37 +0000 Manifest next update: Sat 20 Dec 2025 07:01:37 +0000 Files and hashes: 1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: b6hMAc8Zxw8emEk91Pz/U/yNrrX1VieeXn/KJg1DARc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:fd:2f:40:9c:94:7b:d4:29:be:25:f1:4e:94:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394 Validity Not Before: Dec 19 07:01:37 2025 GMT Not After : Dec 20 07:01:37 2025 GMT Subject: CN=05245f608577877c61692522877ee0e3b2445a0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:98:b9:16:a5:7c:69:32:c2:c6:81:c9:18:2d: de:7f:f9:b6:65:ac:3a:a4:c0:cd:3d:da:77:7e:26: 09:18:27:35:b3:5a:e4:ef:db:97:85:c7:d1:43:46: 9f:75:41:d0:dc:a2:27:cd:1a:6e:6a:ba:6f:e3:22: 0b:be:94:4a:13:c3:5d:59:73:39:ec:e3:f7:b9:08: ed:e0:7d:4e:6d:5c:99:96:f5:72:d5:27:67:0f:07: 97:2a:90:b0:5f:0a:76:b7:63:51:25:8a:3d:5b:b2: 15:83:2f:6b:d1:fb:4d:19:22:ef:7d:b4:ef:28:fc: a6:af:49:b7:6b:c8:b7:a1:f5:a9:23:6a:cb:21:4b: aa:37:2d:82:7c:66:48:5f:67:34:b3:8d:5f:f5:47: a5:76:f9:83:2e:69:5a:4a:eb:a4:f3:05:03:8c:22: 9b:88:da:da:fe:93:ae:79:02:36:23:a2:d7:51:d5: 9f:15:53:0f:23:49:86:db:27:6c:18:21:5c:e0:4f: 72:64:66:0f:56:7f:07:03:12:94:cf:22:ca:4e:e6: bd:0d:8b:9f:fd:09:b8:cb:0a:cb:93:09:b4:22:51: 95:5d:d4:7d:43:a6:62:91:f7:39:5b:f3:24:bb:55: 71:c5:e2:ab:d2:bb:40:0c:64:5b:ec:de:ce:79:32: fe:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:24:5F:60:85:77:87:7C:61:69:25:22:87:7E:E0:E3:B2:44:5A:0A X509v3 Authority Key Identifier: keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:90:1d:1d:cc:00:7c:17:93:5c:58:21:ab:2e:4a:52:39:fb: bf:30:05:41:ba:1f:f0:35:47:5a:f4:7a:5b:19:7d:09:35:ab: d0:63:3a:fe:83:1d:8d:e1:dc:2a:64:89:14:a0:33:f4:0e:1a: 22:25:6a:f6:cc:f8:9c:13:db:c5:d9:5e:57:9c:95:f4:d7:98: 0d:e4:fa:78:0c:f6:ad:2e:3e:bc:20:21:25:4d:4d:08:42:69: 85:52:3c:c9:f6:7a:44:2b:c3:09:5f:a7:c5:ae:66:b4:37:a1: a1:69:5f:64:f2:e3:58:2a:33:5a:ef:c3:cf:1e:04:2a:a2:bc: 75:94:c3:c9:b2:61:3a:87:f4:99:be:db:8d:d1:46:30:97:a7: 20:ce:64:15:8b:88:7a:0c:e1:61:84:60:44:50:30:aa:d3:5d: 8a:e1:25:31:7b:44:fb:e2:69:95:b6:df:77:52:53:15:78:6b: 2b:ed:a6:00:9f:11:03:97:08:f6:b2:98:5a:12:dd:3e:91:76: 4a:6b:56:fb:7f:ea:05:88:aa:d1:d0:4e:e7:da:ac:02:a6:d0: b6:fa:04:80:8e:fe:e8:aa:fa:c0:93:57:de:98:ab:da:b7:c1: c7:02:3c:30:fa:d9:65:17:82:10:df:a1:98:85:da:59:4d:63: 63:03:c8:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1af0vQJyUe9QpviXxTpQgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky YzEzOTQwHhcNMjUxMjE5MDcwMTM3WhcNMjUxMjIwMDcwMTM3WjAzMTEwLwYDVQQD EygwNTI0NWY2MDg1Nzc4NzdjNjE2OTI1MjI4NzdlZTBlM2IyNDQ1YTBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpi5FqV8aTLCxoHJGC3ef/m2Zaw6 pMDNPdp3fiYJGCc1s1rk79uXhcfRQ0afdUHQ3KInzRpuarpv4yILvpRKE8NdWXM5 7OP3uQjt4H1ObVyZlvVy1SdnDweXKpCwXwp2t2NRJYo9W7IVgy9r0ftNGSLvfbTv KPymr0m3a8i3ofWpI2rLIUuqNy2CfGZIX2c0s41f9UeldvmDLmlaSuuk8wUDjCKb iNra/pOueQI2I6LXUdWfFVMPI0mG2ydsGCFc4E9yZGYPVn8HAxKUzyLKTua9DYuf /Qm4ywrLkwm0IlGVXdR9Q6Zikfc5W/Mku1VxxeKr0rtADGRb7N7OeTL+dQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAUkX2CFd4d8YWklIod+4OOyRFoKMB8GA1UdIwQY MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAepAdHcwA fBeTXFghqy5KUjn7vzAFQbof8DVHWvR6Wxl9CTWr0GM6/oMdjeHcKmSJFKAz9A4a IiVq9sz4nBPbxdleV5yV9NeYDeT6eAz2rS4+vCAhJU1NCEJphVI8yfZ6RCvDCV+n xa5mtDehoWlfZPLjWCozWu/Dzx4EKqK8dZTDybJhOof0mb7bjdFGMJenIM5kFYuI egzhYYRgRFAwqtNdiuElMXtE++Jplbbfd1JTFXhrK+2mAJ8RA5cI9rKYWhLdPpF2 SmtW+3/qBYiq0dBO59qsAqbQtvoEgI7+6Kr6wJNX3pir2rfBxwI8MPrZZReCEN+h mIXaWU1jYwPI+g== -----END CERTIFICATE-----Generated at Fri Dec 19 10:40:32 2025 by rpki-client