This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft File: QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft (raw, json) Hash identifier: Sf9uct+YGZK1LCaUknw4+xDpvIu4tiTEoPXj1yThaFI= Subject key identifier: 1F:D6:8D:D9:A9:11:C6:0F:9B:2A:C1:79:67:13:F8:E0:BB:64:49:CC Authority key identifier: 40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C Certificate issuer: /CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c Certificate serial: 019B2287EA1C626C974EB482F60903EAF08C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft Manifest number: 1778 Signing time: Mon 15 Dec 2025 15:01:31 +0000 Manifest this update: Mon 15 Dec 2025 15:01:31 +0000 Manifest next update: Tue 16 Dec 2025 15:01:31 +0000 Files and hashes: 1: QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl (hash: 2AmJ8yWOQW29s/E2aUlbeeVtkd+Mppz4ws6pfaC8QqI=) 2: zxt5ioQXS4YKJLP4ilCQM5v8g2Y.roa (hash: RY5SWWwhf3VR6uGt8AADVTrl85kwmlR4e1dP9tOTtrg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:87:ea:1c:62:6c:97:4e:b4:82:f6:09:03:ea:f0:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40aa71157e20d98036bbd693b8ecbb2b99f0f03c Validity Not Before: Dec 15 15:01:31 2025 GMT Not After : Dec 16 15:01:31 2025 GMT Subject: CN=1fd68dd9a911c60f9b2ac1796713f8e0bb6449cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a2:27:b5:47:a9:a0:69:cf:07:87:be:b9:5a: 52:ce:9a:33:b7:d0:e4:67:33:f9:91:ec:29:44:5d: 6d:71:3c:74:01:f9:0c:8f:4c:9d:8b:0b:ed:da:ea: 9c:d4:e8:4d:f9:5c:36:cd:53:b5:b4:22:2d:27:45: 06:eb:d9:e8:5b:dd:55:75:70:17:24:f0:03:81:16: 89:5b:aa:88:38:e6:10:8a:1b:0f:1a:0c:f9:d7:24: 42:63:fe:4b:01:84:ea:26:1e:10:4b:64:34:16:37: f9:08:dd:8e:b4:15:9f:b0:fd:84:0b:af:1f:f6:02: 4f:50:4e:13:a8:47:76:ed:a6:69:75:81:c1:1d:26: ed:6a:66:ee:be:42:96:b5:26:a8:c5:7e:f9:26:1b: 67:26:f9:c7:1c:20:19:16:c7:81:2f:ad:87:fb:d3: 57:24:c2:88:30:0d:7a:85:fe:99:4c:ee:0f:eb:77: 8a:bb:96:82:38:d1:bb:1f:76:df:43:02:ad:70:8b: c6:d4:c9:f2:56:fc:04:c1:70:79:c6:13:2d:f1:5a: 8f:90:d0:21:7d:56:99:32:2c:16:f2:9f:75:9f:3a: c0:f6:b8:50:95:ac:1d:34:e7:69:d2:cd:d9:06:b4: 37:58:37:2f:5f:90:8d:0c:34:e8:d7:7b:bf:e7:e5: b9:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:D6:8D:D9:A9:11:C6:0F:9B:2A:C1:79:67:13:F8:E0:BB:64:49:CC X509v3 Authority Key Identifier: keyid:40:AA:71:15:7E:20:D9:80:36:BB:D6:93:B8:EC:BB:2B:99:F0:F0:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2e2c8e-4c2b-48e9-afd5-235aba19d9f9/1/QKpxFX4g2YA2u9aTuOy7K5nw8Dw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:4f:3d:5f:59:25:b2:11:35:6f:56:56:a6:3b:65:51:6f:9f: 7b:99:99:fb:c8:73:61:18:ea:13:4a:d4:c9:e2:61:ac:8f:a4: 38:0e:f6:94:ab:cf:c5:1d:3a:fe:30:45:b5:4e:20:96:bd:54: c0:93:55:e6:e1:75:a4:dc:32:48:dd:28:cc:93:12:af:e6:80: fe:a9:0b:3f:d7:95:5c:56:4b:46:97:ca:b5:13:33:87:70:98: 7d:fb:16:fc:92:5f:73:af:de:04:7b:14:94:4e:2c:c1:74:a2: a5:86:bd:ac:54:78:8f:17:47:44:ba:e3:44:11:5b:17:2a:a1: 45:ca:72:a1:69:17:7b:74:7a:cc:39:b7:82:25:29:0c:52:60: e5:36:8e:06:25:4f:11:6c:34:e4:d7:54:8f:bb:cf:81:87:4a: 42:f9:2d:57:76:96:1d:4d:88:12:51:78:30:4b:e2:2b:57:e2: 27:ae:d8:3d:6d:23:05:8f:38:e7:31:b9:de:e6:dc:a8:79:f8: a0:07:95:d0:ac:2a:20:08:8d:25:c1:f5:d8:ce:64:d4:7b:d0: 08:b9:76:31:10:a1:46:a8:da:e4:b2:a5:e6:ec:71:27:7b:84: 31:00:12:46:c9:96:2f:38:e9:62:2b:c5:e0:5a:60:cb:b8:59: a4:a9:7c:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsih+ocYmyXTrSC9gkD6vCMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYWE3MTE1N2UyMGQ5ODAzNmJiZDY5M2I4ZWNiYjJiOTlm MGYwM2MwHhcNMjUxMjE1MTUwMTMxWhcNMjUxMjE2MTUwMTMxWjAzMTEwLwYDVQQD EygxZmQ2OGRkOWE5MTFjNjBmOWIyYWMxNzk2NzEzZjhlMGJiNjQ0OWNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6IntUepoGnPB4e+uVpSzpozt9Dk ZzP5kewpRF1tcTx0AfkMj0ydiwvt2uqc1OhN+Vw2zVO1tCItJ0UG69noW91VdXAX JPADgRaJW6qIOOYQihsPGgz51yRCY/5LAYTqJh4QS2Q0Fjf5CN2OtBWfsP2EC68f 9gJPUE4TqEd27aZpdYHBHSbtambuvkKWtSaoxX75JhtnJvnHHCAZFseBL62H+9NX JMKIMA16hf6ZTO4P63eKu5aCONG7H3bfQwKtcIvG1MnyVvwEwXB5xhMt8VqPkNAh fVaZMiwW8p91nzrA9rhQlawdNOdp0s3ZBrQ3WDcvX5CNDDTo13u/5+W5OwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB/WjdmpEcYPmyrBeWcT+OC7ZEnMMB8GA1UdIwQY MBaAFECqcRV+INmANrvWk7jsuyuZ8PA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUt MjM1YWJhMTlkOWY5LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yZTJjOGUtNGMyYi00OGU5LWFmZDUtMjM1YWJhMTlkOWY5 LzEvUUtweEZYNGcyWUEydTlhVHVPeTdLNW53OER3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHk89X1kl shE1b1ZWpjtlUW+fe5mZ+8hzYRjqE0rUyeJhrI+kOA72lKvPxR06/jBFtU4glr1U wJNV5uF1pNwySN0ozJMSr+aA/qkLP9eVXFZLRpfKtRMzh3CYffsW/JJfc6/eBHsU lE4swXSipYa9rFR4jxdHRLrjRBFbFyqhRcpyoWkXe3R6zDm3giUpDFJg5TaOBiVP EWw05NdUj7vPgYdKQvktV3aWHU2IElF4MEviK1fiJ67YPW0jBY845zG53ubcqHn4 oAeV0KwqIAiNJcH12M5k1HvQCLl2MRChRqja5LKl5uxxJ3uEMQASRsmWLzjpYivF 4Fpgy7hZpKl8tA== -----END CERTIFICATE-----Generated at Mon Dec 15 16:55:47 2025 by rpki-client