This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.mft File: QLt2qpbfjrfWd3s1clLhEVUjh4U.mft (raw, json) Hash identifier: A7L9x269oboM0SaLpw39rHLg252XJeATS8TJQRNlpT4= Subject key identifier: 72:85:AE:AF:64:93:66:AE:9A:78:45:26:FB:BD:CB:37:D0:11:F3:22 Authority key identifier: 40:BB:76:AA:96:DF:8E:B7:D6:77:7B:35:72:52:E1:11:55:23:87:85 Certificate issuer: /CN=40bb76aa96df8eb7d6777b357252e11155238785 Certificate serial: 019B066CA3C91D6C42AD6C8249EA37D9A6A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLt2qpbfjrfWd3s1clLhEVUjh4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.mft Manifest number: 14C4 Signing time: Wed 10 Dec 2025 04:02:21 +0000 Manifest this update: Wed 10 Dec 2025 04:02:21 +0000 Manifest next update: Thu 11 Dec 2025 04:02:21 +0000 Files and hashes: 1: 78S4WmbXMNI8p1WLj4U6NB6Bpk8.roa (hash: bBamnPgie/uUwEiZyXlGtHo6lmaBP0c5URwdBpztxDc=) 2: QLt2qpbfjrfWd3s1clLhEVUjh4U.crl (hash: SUQ8C4iPb43sGYKrTAgkavxPl7avYauYGCvtQKZTrKc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.crl rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.mft rsync://rpki.ripe.net/repository/DEFAULT/QLt2qpbfjrfWd3s1clLhEVUjh4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:06:6c:a3:c9:1d:6c:42:ad:6c:82:49:ea:37:d9:a6:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40bb76aa96df8eb7d6777b357252e11155238785 Validity Not Before: Dec 10 04:02:21 2025 GMT Not After : Dec 11 04:02:21 2025 GMT Subject: CN=7285aeaf649366ae9a784526fbbdcb37d011f322 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b9:46:b1:f3:a5:0f:65:9a:17:df:09:dc:4c: c8:07:67:ac:8b:65:e1:f4:d2:63:43:85:34:fe:66: 70:e7:9c:10:79:41:52:e7:c2:67:2a:c8:1f:85:df: 68:bd:89:46:6f:a1:72:6f:8a:bf:07:0e:ee:5b:62: 81:27:03:29:49:12:2f:3a:cd:7e:80:51:9d:76:be: 20:c7:d8:0c:51:df:f1:6e:44:80:e8:7c:06:db:88: 21:10:f0:4a:98:1c:6b:ec:5c:02:99:3a:60:ba:e3: 5c:cd:6e:f7:8a:bd:33:7d:93:5d:82:59:7f:69:97: a4:71:cc:d8:54:2a:85:44:a1:d6:bd:06:6c:d2:87: 33:db:5f:f5:75:20:eb:b7:44:2f:20:3f:fb:29:3a: 7c:0b:03:83:77:11:53:f4:0c:77:c8:ee:ef:b5:63: f1:93:5b:46:71:7e:df:49:cd:6b:de:ba:e5:83:a6: d4:b1:5e:d7:55:c1:19:43:19:27:33:3d:63:81:83: 1c:ef:9a:5b:55:d8:b8:db:aa:7f:48:b0:d0:29:e2: 40:49:de:58:16:ad:53:f5:12:48:a4:8f:11:ea:4a: 0d:64:66:38:94:44:d1:1c:de:ba:ff:7b:93:04:57: 7e:50:b9:f0:4e:27:75:25:ca:0b:51:d3:18:e2:19: 16:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:85:AE:AF:64:93:66:AE:9A:78:45:26:FB:BD:CB:37:D0:11:F3:22 X509v3 Authority Key Identifier: keyid:40:BB:76:AA:96:DF:8E:B7:D6:77:7B:35:72:52:E1:11:55:23:87:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLt2qpbfjrfWd3s1clLhEVUjh4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e31d68-cb63-4bd1-99b9-35ee7a739fd9/1/QLt2qpbfjrfWd3s1clLhEVUjh4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:51:4a:d2:2b:7a:6d:38:c3:e6:21:94:34:79:01:06:23:55: 6c:c0:de:52:00:35:cf:4d:ab:f2:da:dc:51:ca:ac:8d:f9:64: 4f:5a:d8:31:49:a3:0c:69:6c:33:00:92:06:d5:cf:c4:de:b6: 45:e3:d0:7f:dd:01:01:9f:05:56:9e:bc:b6:d9:4c:15:6a:13: f9:27:e0:fd:9c:c4:49:4c:d9:de:fd:c8:6b:b7:b8:78:53:83: 11:e6:35:ab:71:56:23:93:32:c4:3e:6c:7a:2c:05:2a:4d:2e: 40:66:64:2a:43:b7:e2:29:1a:d1:89:ea:18:c5:bb:55:8c:96: 08:10:dc:23:3b:13:b8:66:77:a3:58:88:36:bb:09:b7:00:b2: 84:cb:37:02:82:ea:61:dc:00:69:c3:cc:30:5c:2d:a1:6b:b6: 2c:2b:d9:2e:42:5f:45:35:6e:e0:2b:e0:7b:ae:47:c5:5a:bd: c1:86:12:45:1c:76:48:28:5c:eb:a0:e4:bd:99:09:98:87:08: e6:55:80:97:ec:0b:62:9b:d0:7c:a9:8e:65:c8:66:91:54:0b: c2:64:09:e3:c7:7e:81:9a:7f:4e:97:65:14:0a:4a:21:40:7c: cd:4a:50:fc:fb:02:a3:bc:bb:3d:b2:a2:d6:29:3b:0e:5b:bf: 72:91:89:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsGbKPJHWxCrWyCSeo32aanMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYmI3NmFhOTZkZjhlYjdkNjc3N2IzNTcyNTJlMTExNTUy Mzg3ODUwHhcNMjUxMjEwMDQwMjIxWhcNMjUxMjExMDQwMjIxWjAzMTEwLwYDVQQD Eyg3Mjg1YWVhZjY0OTM2NmFlOWE3ODQ1MjZmYmJkY2IzN2QwMTFmMzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrlGsfOlD2WaF98J3EzIB2esi2Xh 9NJjQ4U0/mZw55wQeUFS58JnKsgfhd9ovYlGb6Fyb4q/Bw7uW2KBJwMpSRIvOs1+ gFGddr4gx9gMUd/xbkSA6HwG24ghEPBKmBxr7FwCmTpguuNczW73ir0zfZNdgll/ aZekcczYVCqFRKHWvQZs0ocz21/1dSDrt0QvID/7KTp8CwODdxFT9Ax3yO7vtWPx k1tGcX7fSc1r3rrlg6bUsV7XVcEZQxknMz1jgYMc75pbVdi426p/SLDQKeJASd5Y Fq1T9RJIpI8R6koNZGY4lETRHN66/3uTBFd+ULnwTid1JcoLUdMY4hkWaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKFrq9kk2aumnhFJvu9yzfQEfMiMB8GA1UdIwQY MBaAFEC7dqqW34631nd7NXJS4RFVI4eFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUx0MnFwYmZqcmZXZDNzMWNsTGhFVlVqaDRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMzFkNjgtY2I2My00YmQxLTk5Yjkt MzVlZTdhNzM5ZmQ5LzEvUUx0MnFwYmZqcmZXZDNzMWNsTGhFVlVqaDRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9lMzFkNjgtY2I2My00YmQxLTk5YjktMzVlZTdhNzM5ZmQ5 LzEvUUx0MnFwYmZqcmZXZDNzMWNsTGhFVlVqaDRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX1FK0it6 bTjD5iGUNHkBBiNVbMDeUgA1z02r8trcUcqsjflkT1rYMUmjDGlsMwCSBtXPxN62 RePQf90BAZ8FVp68ttlMFWoT+Sfg/ZzESUzZ3v3Ia7e4eFODEeY1q3FWI5MyxD5s eiwFKk0uQGZkKkO34ika0YnqGMW7VYyWCBDcIzsTuGZ3o1iINrsJtwCyhMs3AoLq YdwAacPMMFwtoWu2LCvZLkJfRTVu4Cvge65HxVq9wYYSRRx2SChc66DkvZkJmIcI 5lWAl+wLYpvQfKmOZchmkVQLwmQJ48d+gZp/TpdlFApKIUB8zUpQ/PsCo7y7PbKi 1ik7Dlu/cpGJeA== -----END CERTIFICATE-----Generated at Wed Dec 10 09:12:56 2025 by rpki-client