This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft File: QB0ZYVrOK7vPoJFpCAgIdipksX4.mft (raw, json) Hash identifier: 1lbDieis2PMjTv9QcsfefVpN1U7AwXlBFSutp4HAENw= Subject key identifier: 78:FC:13:90:EE:10:61:3A:B9:D2:B1:05:95:4C:A2:90:61:E8:0D:10 Authority key identifier: 40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E Certificate issuer: /CN=401d19615ace2bbbcfa09169080808762a64b17e Certificate serial: 019B3BA215F839877868C1AE987555B8157E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft Manifest number: 0656 Signing time: Sat 20 Dec 2025 12:00:36 +0000 Manifest this update: Sat 20 Dec 2025 12:00:36 +0000 Manifest next update: Sun 21 Dec 2025 12:00:36 +0000 Files and hashes: 1: KrtTh6gsfptfdAcGq3CmJjqfV2o.roa (hash: eRRAdGSdFwP7Zvo2rxHWeAe37W0cOjnKNlia+tVBb+M=) 2: QB0ZYVrOK7vPoJFpCAgIdipksX4.crl (hash: MglnyU6OGdWYEZSZ9ETgMv09Vt1UNP7LNaKsHxLmCiM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:15:f8:39:87:78:68:c1:ae:98:75:55:b8:15:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=401d19615ace2bbbcfa09169080808762a64b17e Validity Not Before: Dec 20 12:00:36 2025 GMT Not After : Dec 21 12:00:36 2025 GMT Subject: CN=78fc1390ee10613ab9d2b105954ca29061e80d10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:1d:88:59:79:92:5b:1e:fc:5d:2a:7b:c6:05: 63:bf:78:b0:f6:d3:2d:7e:ae:95:1c:37:ee:57:d2: 3a:9f:c0:47:3a:c2:7c:c5:3a:49:db:cb:10:ef:5d: 2e:a1:f8:84:c6:66:44:c7:da:d6:99:85:80:c5:be: e0:72:8d:dc:81:e4:0f:3e:b3:be:d7:de:46:3f:23: 1b:67:9b:95:12:cd:73:14:43:c1:2e:cf:7b:d8:dd: 71:cd:1b:9a:30:2b:87:66:a7:b8:b5:b1:49:4a:72: 77:8d:28:c3:79:9c:55:a8:1d:ff:74:66:27:46:29: bc:ae:40:81:d8:d8:98:0b:98:80:36:45:c9:45:ba: ec:51:74:9a:ff:61:73:f6:3c:58:4d:45:3c:19:d8: c8:3c:dc:80:5a:e4:b7:f5:75:ec:21:7e:75:cb:8b: 0d:5c:7e:43:dc:7f:4b:43:4a:a5:05:77:54:47:6c: 4f:46:b3:2a:df:7b:b0:73:79:a3:dd:90:7d:28:31: e6:70:f3:29:c8:50:b6:71:d0:70:f3:66:a2:70:dc: 08:1a:33:65:1e:49:cb:5a:b4:5b:a0:e2:80:a1:b7: 07:cf:46:1d:38:fe:26:61:79:0f:4a:85:3f:9f:3d: 41:82:f1:cf:6e:d9:df:47:e6:a8:4c:f5:24:8a:6f: fc:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:FC:13:90:EE:10:61:3A:B9:D2:B1:05:95:4C:A2:90:61:E8:0D:10 X509v3 Authority Key Identifier: keyid:40:1D:19:61:5A:CE:2B:BB:CF:A0:91:69:08:08:08:76:2A:64:B1:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QB0ZYVrOK7vPoJFpCAgIdipksX4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b5da70-4210-463e-9dc6-979972a0014d/1/QB0ZYVrOK7vPoJFpCAgIdipksX4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:33:42:3d:9b:fb:0b:72:86:05:e7:a7:06:97:f9:d8:07:ac: 58:3b:71:ec:69:f3:6b:2e:ae:09:e7:2a:97:4c:45:12:3d:7a: b0:5c:15:ec:d5:4e:50:30:8a:ec:1c:68:51:ca:23:b2:80:11: d2:51:03:ff:ab:fb:53:22:15:5e:89:91:72:a6:64:8f:3f:4e: 64:24:99:32:b3:57:68:48:29:63:a2:35:f1:46:1f:a5:dc:30: f1:0d:e6:9e:88:c9:ed:5a:b6:e2:a0:0a:73:30:dd:c5:2a:20: 0d:28:d8:33:07:3e:2e:68:34:34:db:26:b7:c4:1c:b4:ae:a1: d4:47:8f:d9:cd:cc:e5:d0:ab:8d:0c:12:6a:76:be:cb:d6:84: fa:62:19:6a:c0:08:21:3f:36:80:68:5a:37:1f:2f:f9:36:26: 98:cd:fe:52:36:f5:91:23:86:8f:00:63:3a:f7:c2:1a:b2:96: ff:7c:7d:fc:ee:84:f7:8a:a3:7b:81:d3:8e:df:62:36:29:81: 70:40:d8:44:a4:dd:c9:a3:23:d1:08:72:6b:24:d7:83:db:cd: 14:53:8f:12:07:c6:3a:4c:69:1d:88:52:94:a3:a5:1b:00:aa: 98:0b:1a:9d:0b:31:74:7a:0a:9d:a7:9f:97:d9:40:15:45:6d: 7b:0f:5f:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7ohX4OYd4aMGumHVVuBV+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMWQxOTYxNWFjZTJiYmJjZmEwOTE2OTA4MDgwODc2MmE2 NGIxN2UwHhcNMjUxMjIwMTIwMDM2WhcNMjUxMjIxMTIwMDM2WjAzMTEwLwYDVQQD Eyg3OGZjMTM5MGVlMTA2MTNhYjlkMmIxMDU5NTRjYTI5MDYxZTgwZDEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR2IWXmSWx78XSp7xgVjv3iw9tMt fq6VHDfuV9I6n8BHOsJ8xTpJ28sQ710uofiExmZEx9rWmYWAxb7gco3cgeQPPrO+ 195GPyMbZ5uVEs1zFEPBLs972N1xzRuaMCuHZqe4tbFJSnJ3jSjDeZxVqB3/dGYn Rim8rkCB2NiYC5iANkXJRbrsUXSa/2Fz9jxYTUU8GdjIPNyAWuS39XXsIX51y4sN XH5D3H9LQ0qlBXdUR2xPRrMq33uwc3mj3ZB9KDHmcPMpyFC2cdBw82aicNwIGjNl HknLWrRboOKAobcHz0YdOP4mYXkPSoU/nz1BgvHPbtnfR+aoTPUkim/8XwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHj8E5DuEGE6udKxBZVMopBh6A0QMB8GA1UdIwQY MBaAFEAdGWFaziu7z6CRaQgICHYqZLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYt OTc5OTcyYTAwMTRkLzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9iNWRhNzAtNDIxMC00NjNlLTlkYzYtOTc5OTcyYTAwMTRk LzEvUUIwWllWck9LN3ZQb0pGcENBZ0lkaXBrc1g0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuDNCPZv7 C3KGBeenBpf52AesWDtx7Gnzay6uCecql0xFEj16sFwV7NVOUDCK7BxoUcojsoAR 0lED/6v7UyIVXomRcqZkjz9OZCSZMrNXaEgpY6I18UYfpdww8Q3mnojJ7Vq24qAK czDdxSogDSjYMwc+Lmg0NNsmt8QctK6h1EeP2c3M5dCrjQwSana+y9aE+mIZasAI IT82gGhaNx8v+TYmmM3+Ujb1kSOGjwBjOvfCGrKW/3x9/O6E94qje4HTjt9iNimB cEDYRKTdyaMj0QhyayTXg9vNFFOPEgfGOkxpHYhSlKOlGwCqmAsanQsxdHoKnaef l9lAFUVtew9fsQ== -----END CERTIFICATE-----Generated at Sat Dec 20 16:04:07 2025 by rpki-client