This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft File: qklDGDthG-Ogd1OCUJSQBIsK1zg.mft (raw, json) Hash identifier: ygdn7U7z4V69v504bnAOSbNUGLs4+dUVGpAIhuaEddo= Subject key identifier: A7:E2:66:5D:E2:EB:C4:47:3C:58:61:B6:18:07:31:4E:62:2F:B4:79 Authority key identifier: AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38 Certificate issuer: /CN=aa4943183b611be3a0775382509490048b0ad738 Certificate serial: 019B5A88B8211F102D5CBB2589D428A60987 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft Manifest number: 179A Signing time: Fri 26 Dec 2025 12:01:08 +0000 Manifest this update: Fri 26 Dec 2025 12:01:08 +0000 Manifest next update: Sat 27 Dec 2025 12:01:08 +0000 Files and hashes: 1: _b9uzDBnaBhrr4RiKYd-HrjhIyY.roa (hash: zuVo5YCjE6oxIWEPlMV6dA4fTWapSfHiFlgPsUG/qhk=) 2: qklDGDthG-Ogd1OCUJSQBIsK1zg.crl (hash: qmvVQpbqBITbzd0LPVVVvvzSKl8tzyW0+hwRedcDxv0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:b8:21:1f:10:2d:5c:bb:25:89:d4:28:a6:09:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa4943183b611be3a0775382509490048b0ad738 Validity Not Before: Dec 26 12:01:08 2025 GMT Not After : Dec 27 12:01:08 2025 GMT Subject: CN=a7e2665de2ebc4473c5861b61807314e622fb479 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:a3:ee:e1:66:0a:e0:4e:05:c7:c9:1c:2b:7e: 71:55:80:aa:70:c6:f8:c7:23:fa:d8:10:7c:61:08: da:df:7b:16:94:35:55:9e:9c:89:43:7a:86:b7:e3: 8b:98:6c:15:39:bb:94:6c:9f:ae:a2:8c:c4:bc:d3: bf:0e:73:72:b6:a3:e4:19:73:30:05:ef:ff:40:52: eb:af:40:d3:2a:31:ed:05:be:54:99:4d:4f:2e:a9: 76:b6:98:9c:36:d2:a3:1f:72:0a:fc:00:f2:dd:70: 59:80:e8:3e:45:4b:fa:1b:8f:9e:82:ad:83:63:79: 14:d5:13:08:dc:72:ed:e3:3f:a7:26:6c:fe:b2:f2: 4a:23:7c:53:75:f8:fd:72:77:84:f3:09:20:68:69: 8b:ed:57:79:ac:9f:9e:1a:68:2e:4b:e4:64:76:a3: 76:ba:90:40:27:27:5b:c3:f2:3d:c9:a6:e1:51:4f: 44:d6:6c:3f:f2:61:6f:5d:71:01:c7:77:bc:8d:0b: 49:8b:4b:5f:c2:b4:a6:d9:43:25:47:45:af:71:78: 41:55:80:bf:d6:92:57:a9:42:39:77:ab:69:af:6e: 1f:0b:03:c4:f5:5f:fb:5a:87:e3:46:1a:db:ca:af: 35:ec:f3:2b:78:94:17:85:64:ad:88:08:56:65:45: b4:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:E2:66:5D:E2:EB:C4:47:3C:58:61:B6:18:07:31:4E:62:2F:B4:79 X509v3 Authority Key Identifier: keyid:AA:49:43:18:3B:61:1B:E3:A0:77:53:82:50:94:90:04:8B:0A:D7:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qklDGDthG-Ogd1OCUJSQBIsK1zg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7bb038-01bc-4d85-9f04-d22274bba713/1/qklDGDthG-Ogd1OCUJSQBIsK1zg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:9e:ce:61:04:59:74:21:fe:6d:e4:94:3a:e2:4c:39:7c:06: fa:f5:10:57:f1:e0:44:f5:a2:d7:37:c8:cc:1a:ba:e9:56:30: be:dc:6a:00:bb:9c:4a:18:33:10:ed:27:82:91:d4:dc:d0:91: 84:fc:d8:4c:0e:09:c3:19:46:f4:5f:66:40:cb:21:01:e9:1f: 44:3e:46:90:50:23:9e:aa:95:a6:81:5b:59:d1:47:5f:82:bf: 1a:19:ad:86:2f:99:37:be:d4:4f:68:83:e6:4a:45:c6:8f:22: a1:13:ba:de:d2:f5:df:68:9d:ee:56:d4:aa:8a:51:46:0a:37: 8f:fe:c1:fd:4b:df:1d:79:7c:22:f7:f8:c3:78:26:86:29:ac: 7a:ac:c3:b4:8e:d3:32:ad:43:8b:a7:5a:d6:57:26:00:71:40: 10:49:b8:35:0b:a6:4c:db:60:8d:ad:68:7a:e9:ab:53:7f:e8: 0f:8b:36:37:78:ab:ff:fa:2a:4c:e7:b9:98:84:0f:9e:07:59: 0c:ca:1c:c7:29:12:17:76:9f:59:9c:c2:85:66:3a:9f:da:ce: e9:66:cb:51:55:03:57:6b:be:2f:f1:fd:55:2b:6c:07:a1:24: 85:53:75:b5:60:7c:cd:ec:0e:85:e9:cc:fc:c3:35:0e:f6:2c: a8:c4:44:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiLghHxAtXLslidQopgmHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNDk0MzE4M2I2MTFiZTNhMDc3NTM4MjUwOTQ5MDA0OGIw YWQ3MzgwHhcNMjUxMjI2MTIwMTA4WhcNMjUxMjI3MTIwMTA4WjAzMTEwLwYDVQQD EyhhN2UyNjY1ZGUyZWJjNDQ3M2M1ODYxYjYxODA3MzE0ZTYyMmZiNDc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqPu4WYK4E4Fx8kcK35xVYCqcMb4 xyP62BB8YQja33sWlDVVnpyJQ3qGt+OLmGwVObuUbJ+uoozEvNO/DnNytqPkGXMw Be//QFLrr0DTKjHtBb5UmU1PLql2tpicNtKjH3IK/ADy3XBZgOg+RUv6G4+egq2D Y3kU1RMI3HLt4z+nJmz+svJKI3xTdfj9cneE8wkgaGmL7Vd5rJ+eGmguS+RkdqN2 upBAJydbw/I9yabhUU9E1mw/8mFvXXEBx3e8jQtJi0tfwrSm2UMlR0WvcXhBVYC/ 1pJXqUI5d6tpr24fCwPE9V/7WofjRhrbyq817PMreJQXhWStiAhWZUW0nwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKfiZl3i68RHPFhhthgHMU5iL7R5MB8GA1UdIwQY MBaAFKpJQxg7YRvjoHdTglCUkASLCtc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQt ZDIyMjc0YmJhNzEzLzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS83YmIwMzgtMDFiYy00ZDg1LTlmMDQtZDIyMjc0YmJhNzEz LzEvcWtsREdEdGhHLU9nZDFPQ1VKU1FCSXNLMXpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQp7OYQRZ dCH+beSUOuJMOXwG+vUQV/HgRPWi1zfIzBq66VYwvtxqALucShgzEO0ngpHU3NCR hPzYTA4JwxlG9F9mQMshAekfRD5GkFAjnqqVpoFbWdFHX4K/Ghmthi+ZN77UT2iD 5kpFxo8ioRO63tL132id7lbUqopRRgo3j/7B/UvfHXl8Ivf4w3gmhimseqzDtI7T Mq1Di6da1lcmAHFAEEm4NQumTNtgja1oeumrU3/oD4s2N3ir//oqTOe5mIQPngdZ DMocxykSF3afWZzChWY6n9rO6WbLUVUDV2u+L/H9VStsB6EkhVN1tWB8zewOhenM /MM1DvYsqMRExQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:08:51 2025 by rpki-client