This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft File: QA3igTHHO19TIPUdrmwb1Hq4L5I.mft (raw, json) Hash identifier: 7qQDJG5kdQl8jsGc3HZuiy6q7bcIwJWEqibldI8G5qE= Subject key identifier: 97:D4:F5:BB:6B:37:73:AA:7C:50:E8:43:DD:BA:6A:E4:F2:DA:53:79 Authority key identifier: 40:0D:E2:81:31:C7:3B:5F:53:20:F5:1D:AE:6C:1B:D4:7A:B8:2F:92 Certificate issuer: /CN=400de28131c73b5f5320f51dae6c1bd47ab82f92 Certificate serial: 019B5A8829620AB18D4AF6F4FCC91CCE5EAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft Manifest number: 049D Signing time: Fri 26 Dec 2025 12:00:31 +0000 Manifest this update: Fri 26 Dec 2025 12:00:31 +0000 Manifest next update: Sat 27 Dec 2025 12:00:31 +0000 Files and hashes: 1: QA3igTHHO19TIPUdrmwb1Hq4L5I.crl (hash: nOIqSUsX6QoYAz+OzT4gX1OB0zsTLmzsWTInykmizgs=) 2: YPXVOgtlv47MULpqvQ2eiJqw0s0.roa (hash: 1U3YQJEvDPze+SY3FCaghiXBlRWFSFhPdqgWDRzyuw0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.crl rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:29:62:0a:b1:8d:4a:f6:f4:fc:c9:1c:ce:5e:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=400de28131c73b5f5320f51dae6c1bd47ab82f92 Validity Not Before: Dec 26 12:00:31 2025 GMT Not After : Dec 27 12:00:31 2025 GMT Subject: CN=97d4f5bb6b3773aa7c50e843ddba6ae4f2da5379 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:3d:dc:ae:db:12:82:5c:58:c7:d7:13:52:2a: 5b:6e:f3:f2:bd:45:d3:89:77:d5:f2:84:f5:61:b5: 8a:a3:f6:6e:95:25:7d:46:2d:a3:0d:cd:96:bc:3f: 56:0f:54:79:c0:fb:eb:92:2e:0c:db:32:07:62:11: 7b:05:52:c0:bc:f8:89:06:a1:8e:c2:e0:24:85:4f: 75:f4:f2:78:4a:8d:a8:1f:36:46:80:09:2c:6f:04: b1:04:71:17:95:32:1f:bd:29:08:64:ac:22:1e:65: e3:7b:77:ff:0c:d0:1e:8b:12:d0:d1:aa:76:c2:a8: 15:6e:a5:18:95:ea:ca:b8:d9:dd:6e:95:e1:29:bd: 3f:3c:d5:a5:84:17:6f:19:03:0f:9a:6f:e2:76:74: 3c:89:a7:90:63:ac:d8:99:5a:45:44:53:88:40:ca: a6:d2:37:d7:a8:e5:b8:5f:83:45:37:c2:49:4d:23: 5f:be:7f:82:98:22:f9:50:69:a9:0e:76:0a:5d:2b: 5a:40:1b:73:74:81:05:dc:3a:1c:86:84:6c:d0:ed: 39:c7:ee:3e:73:3c:38:35:84:ff:75:0e:03:c7:c8: ca:1e:ec:0a:6a:15:e3:00:d2:c8:ee:ec:c9:5b:4c: fa:78:65:a0:ee:66:0f:4b:76:f8:2d:67:84:49:4e: 04:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:D4:F5:BB:6B:37:73:AA:7C:50:E8:43:DD:BA:6A:E4:F2:DA:53:79 X509v3 Authority Key Identifier: keyid:40:0D:E2:81:31:C7:3B:5F:53:20:F5:1D:AE:6C:1B:D4:7A:B8:2F:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA3igTHHO19TIPUdrmwb1Hq4L5I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e797f2-f272-4663-b145-bc6a1b21fd5e/1/QA3igTHHO19TIPUdrmwb1Hq4L5I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:09:7d:e2:71:26:a5:15:70:f6:ee:41:78:4d:c8:b8:08:78: 60:67:7b:1c:7e:b0:1c:2f:44:d8:fc:e4:21:17:91:c0:c6:a2: f9:2f:e5:63:ed:1b:d8:03:0d:7a:2f:29:ad:6e:c3:ce:2e:1e: 69:36:e5:bb:67:b0:1e:1f:4a:cb:33:12:e8:27:d3:0f:05:78: de:68:1b:80:8f:64:ba:f2:68:0f:3d:28:ec:bf:87:ce:1e:c6: 39:1c:f5:4e:5a:23:49:56:37:da:53:38:61:c3:65:bf:a7:8a: 62:83:3c:c7:18:5d:1a:52:8c:60:d7:6d:49:79:8a:80:dd:65: 88:f5:e8:28:6b:fc:f8:d5:b0:4b:30:a2:13:fd:e4:fb:6e:25: a1:d1:4a:2e:0d:41:51:d0:03:4b:0f:29:28:ff:3f:8b:6b:6d: d1:d5:f1:ac:fa:ea:cf:25:31:ba:22:28:f1:dd:30:8e:54:02: e7:4a:55:60:c9:fc:dc:fb:8a:f7:d7:3c:62:2b:6c:6a:a9:60: de:d7:99:10:ec:16:b8:15:d6:b8:d1:e3:e3:e7:39:88:36:b5: b2:dc:df:49:9f:02:ca:db:d5:27:ca:8b:90:a8:d9:13:58:c1: 55:3a:08:29:b1:ee:f2:9f:5f:25:3a:d8:99:e8:98:35:50:8a: 26:10:2d:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiCliCrGNSvb0/Mkczl6rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwMGRlMjgxMzFjNzNiNWY1MzIwZjUxZGFlNmMxYmQ0N2Fi ODJmOTIwHhcNMjUxMjI2MTIwMDMxWhcNMjUxMjI3MTIwMDMxWjAzMTEwLwYDVQQD Eyg5N2Q0ZjViYjZiMzc3M2FhN2M1MGU4NDNkZGJhNmFlNGYyZGE1Mzc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+D3crtsSglxYx9cTUipbbvPyvUXT iXfV8oT1YbWKo/ZulSV9Ri2jDc2WvD9WD1R5wPvrki4M2zIHYhF7BVLAvPiJBqGO wuAkhU919PJ4So2oHzZGgAksbwSxBHEXlTIfvSkIZKwiHmXje3f/DNAeixLQ0ap2 wqgVbqUYlerKuNndbpXhKb0/PNWlhBdvGQMPmm/idnQ8iaeQY6zYmVpFRFOIQMqm 0jfXqOW4X4NFN8JJTSNfvn+CmCL5UGmpDnYKXStaQBtzdIEF3DochoRs0O05x+4+ czw4NYT/dQ4Dx8jKHuwKahXjANLI7uzJW0z6eGWg7mYPS3b4LWeESU4EOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJfU9btrN3OqfFDoQ926auTy2lN5MB8GA1UdIwQY MBaAFEAN4oExxztfUyD1Ha5sG9R6uC+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzk3ZjItZjI3Mi00NjYzLWIxNDUt YmM2YTFiMjFmZDVlLzEvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9lNzk3ZjItZjI3Mi00NjYzLWIxNDUtYmM2YTFiMjFmZDVl LzEvUUEzaWdUSEhPMTlUSVBVZHJtd2IxSHE0TDVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALQl94nEm pRVw9u5BeE3IuAh4YGd7HH6wHC9E2PzkIReRwMai+S/lY+0b2AMNei8prW7Dzi4e aTblu2ewHh9KyzMS6CfTDwV43mgbgI9kuvJoDz0o7L+Hzh7GORz1TlojSVY32lM4 YcNlv6eKYoM8xxhdGlKMYNdtSXmKgN1liPXoKGv8+NWwSzCiE/3k+24lodFKLg1B UdADSw8pKP8/i2tt0dXxrPrqzyUxuiIo8d0wjlQC50pVYMn83PuK99c8Yitsaqlg 3teZEOwWuBXWuNHj4+c5iDa1stzfSZ8CytvVJ8qLkKjZE1jBVToIKbHu8p9fJTrY meiYNVCKJhAtWg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:25 2025 by rpki-client