This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft File: QfIoYMpivSg4-DKPF4OdHoYI0m0.mft (raw, json) Hash identifier: S+seUd0Su4Er510Ez2FqRDFqp8/B8z3N2i7NVhZ7e2I= Subject key identifier: 54:7F:4A:34:92:62:D2:5E:DE:FE:E4:18:AD:4D:D2:E8:01:E7:A5:FA Authority key identifier: 41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D Certificate issuer: /CN=41f22860ca62bd2838f8328f17839d1e8608d26d Certificate serial: 019B5AF691761F545B3347B488BF17E1F97D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft Manifest number: 0371 Signing time: Fri 26 Dec 2025 14:01:06 +0000 Manifest this update: Fri 26 Dec 2025 14:01:06 +0000 Manifest next update: Sat 27 Dec 2025 14:01:06 +0000 Files and hashes: 1: QfIoYMpivSg4-DKPF4OdHoYI0m0.crl (hash: M1ZmqYISPwy80Hin5A3R6CxvxC1q+CjETm+XncSw2cs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:91:76:1f:54:5b:33:47:b4:88:bf:17:e1:f9:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41f22860ca62bd2838f8328f17839d1e8608d26d Validity Not Before: Dec 26 14:01:06 2025 GMT Not After : Dec 27 14:01:06 2025 GMT Subject: CN=547f4a349262d25edefee418ad4dd2e801e7a5fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:18:d2:f9:24:a6:8f:e8:f2:3a:23:d2:44:d0: c0:3e:8d:ac:78:4e:87:72:81:c1:2b:45:8a:c7:db: b3:c9:e5:96:38:13:d2:e1:95:e5:ff:f7:ab:89:c5: 2a:a4:78:e6:b0:37:12:46:ce:d9:f2:79:5a:94:2f: d2:8e:13:95:74:2c:18:ce:ac:52:af:54:ea:29:ef: 5b:ed:57:d8:a0:19:0a:b0:32:da:73:d6:d0:5f:2a: e6:3f:f8:3f:b5:4e:9b:13:d4:0e:05:b8:4a:6f:fc: 1f:f0:1f:2b:51:c9:46:5b:45:da:06:9e:cf:94:fc: 9f:c2:1e:4a:7e:bc:d9:f5:0b:56:1a:0a:95:be:e7: ba:0c:37:d4:9c:e9:a2:2d:d1:9a:8f:c0:61:70:77: 6e:ef:fb:cf:33:1b:e2:84:c0:0f:4b:18:c1:ec:35: 45:7c:e6:0d:49:e2:c5:c2:c5:ad:1f:67:b5:c6:20: 56:6d:e7:2b:42:bf:33:97:02:0b:83:cd:19:e6:8b: 2a:f0:14:6b:cd:3a:ee:a3:5e:89:2b:7c:3e:df:2d: a2:8f:a5:09:a5:be:92:4f:f6:db:a4:b1:70:d1:59: d1:47:12:da:a8:52:e0:cd:10:7c:bc:ba:28:4b:fe: e3:97:96:13:c5:6a:71:dc:68:60:56:ca:17:2b:5a: 6b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:7F:4A:34:92:62:D2:5E:DE:FE:E4:18:AD:4D:D2:E8:01:E7:A5:FA X509v3 Authority Key Identifier: keyid:41:F2:28:60:CA:62:BD:28:38:F8:32:8F:17:83:9D:1E:86:08:D2:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfIoYMpivSg4-DKPF4OdHoYI0m0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/63a990-04bf-4f77-84a1-fac64e1fb342/1/QfIoYMpivSg4-DKPF4OdHoYI0m0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:15:91:16:ad:b8:f1:b6:54:29:bb:37:65:3b:6a:d7:30:99: 0f:35:43:49:c8:46:9a:64:e9:b2:94:d2:ca:3c:9a:6e:11:49: aa:cd:d7:58:85:5b:b0:7e:75:41:b8:d1:5b:83:52:f9:10:d3: 71:2d:f4:19:d4:86:d7:4d:0b:1e:15:be:72:d4:d8:f9:3d:af: 16:a9:9d:90:50:f8:31:a8:39:f5:ce:95:d5:c7:5d:92:1c:e4: 20:e8:60:b8:fb:0b:28:b4:f4:ab:80:38:f2:82:8c:24:b0:b7: 3d:31:c6:a2:44:4b:d9:00:a1:45:3e:20:23:1e:4c:6b:94:3f: ee:01:04:13:e0:13:66:57:3e:0a:86:b9:13:89:b3:4c:36:62: 0a:cb:d8:9b:ea:e7:41:b9:8d:46:ee:8b:e8:e5:7e:73:1c:ee: a9:21:ca:81:9a:5d:44:53:02:d2:b2:76:96:cb:84:fc:99:2a: 13:64:d6:6d:cb:fa:92:0d:7e:bd:39:02:80:c8:2e:aa:6a:d9: f1:08:59:cf:f7:48:f3:bf:a0:a8:6a:62:2c:28:39:0d:40:94: 1a:27:ff:35:74:ba:74:d0:82:00:aa:68:11:fc:71:03:38:19: 56:55:d1:53:84:47:75:ca:f2:9c:c8:c8:15:e7:7a:ba:1d:60: c3:90:8c:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9pF2H1RbM0e0iL8X4fl9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxZjIyODYwY2E2MmJkMjgzOGY4MzI4ZjE3ODM5ZDFlODYw OGQyNmQwHhcNMjUxMjI2MTQwMTA2WhcNMjUxMjI3MTQwMTA2WjAzMTEwLwYDVQQD Eyg1NDdmNGEzNDkyNjJkMjVlZGVmZWU0MThhZDRkZDJlODAxZTdhNWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hjS+SSmj+jyOiPSRNDAPo2seE6H coHBK0WKx9uzyeWWOBPS4ZXl//ericUqpHjmsDcSRs7Z8nlalC/SjhOVdCwYzqxS r1TqKe9b7VfYoBkKsDLac9bQXyrmP/g/tU6bE9QOBbhKb/wf8B8rUclGW0XaBp7P lPyfwh5KfrzZ9QtWGgqVvue6DDfUnOmiLdGaj8BhcHdu7/vPMxvihMAPSxjB7DVF fOYNSeLFwsWtH2e1xiBWbecrQr8zlwILg80Z5osq8BRrzTruo16JK3w+3y2ij6UJ pb6ST/bbpLFw0VnRRxLaqFLgzRB8vLooS/7jl5YTxWpx3GhgVsoXK1pr3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFR/SjSSYtJe3v7kGK1N0ugB56X6MB8GA1UdIwQY MBaAFEHyKGDKYr0oOPgyjxeDnR6GCNJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEt ZmFjNjRlMWZiMzQyLzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82M2E5OTAtMDRiZi00Zjc3LTg0YTEtZmFjNjRlMWZiMzQy LzEvUWZJb1lNcGl2U2c0LURLUEY0T2RIb1lJMG0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABBWRFq24 8bZUKbs3ZTtq1zCZDzVDSchGmmTpspTSyjyabhFJqs3XWIVbsH51QbjRW4NS+RDT cS30GdSG100LHhW+ctTY+T2vFqmdkFD4Mag59c6V1cddkhzkIOhguPsLKLT0q4A4 8oKMJLC3PTHGokRL2QChRT4gIx5Ma5Q/7gEEE+ATZlc+Coa5E4mzTDZiCsvYm+rn QbmNRu6L6OV+cxzuqSHKgZpdRFMC0rJ2lsuE/JkqE2TWbcv6kg1+vTkCgMguqmrZ 8QhZz/dI87+gqGpiLCg5DUCUGif/NXS6dNCCAKpoEfxxAzgZVlXRU4RHdcrynMjI Fed6uh1gw5CMiQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:28 2025 by rpki-client