This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d177dc-43b3-4bdd-8bf5-f52d6064dd8b/1/QHSniVh1zyxnhUT2zm9LI59JKfs.mft File: QHSniVh1zyxnhUT2zm9LI59JKfs.mft (raw, json) Hash identifier: kgRzeK2sKq2YnmZsRLZTfFRDtSLJyrdv1zPA7faQGHc= Subject key identifier: 3C:C0:E0:82:0F:82:51:29:B4:9B:62:62:FB:17:DC:24:BE:CB:60:97 Authority key identifier: 40:74:A7:89:58:75:CF:2C:67:85:44:F6:CE:6F:4B:23:9F:49:29:FB Certificate issuer: /CN=4074a7895875cf2c678544f6ce6f4b239f4929fb Certificate serial: 019AFEB3683928B4FC25BA99F16CD7E979AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHSniVh1zyxnhUT2zm9LI59JKfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d177dc-43b3-4bdd-8bf5-f52d6064dd8b/1/QHSniVh1zyxnhUT2zm9LI59JKfs.mft Manifest number: 1767 Signing time: Mon 08 Dec 2025 16:02:41 +0000 Manifest this update: Mon 08 Dec 2025 16:02:41 +0000 Manifest next update: Tue 09 Dec 2025 16:02:41 +0000 Files and hashes: 1: QHSniVh1zyxnhUT2zm9LI59JKfs.crl (hash: OAOU4Yzw/uO1SwRke44JFj4nDJY/YgxTUlxYzQCuP3E=) 2: wQqY6GzbDftcPzXJa8kVYZmeUUk.roa (hash: JDvmaY6VGQlVNt+ZPlklOrTqgJ6a+KsUqH/Pcr7SIcU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d177dc-43b3-4bdd-8bf5-f52d6064dd8b/1/QHSniVh1zyxnhUT2zm9LI59JKfs.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/d177dc-43b3-4bdd-8bf5-f52d6064dd8b/1/QHSniVh1zyxnhUT2zm9LI59JKfs.mft rsync://rpki.ripe.net/repository/DEFAULT/QHSniVh1zyxnhUT2zm9LI59JKfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 15:46:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fe:b3:68:39:28:b4:fc:25:ba:99:f1:6c:d7:e9:79:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4074a7895875cf2c678544f6ce6f4b239f4929fb Validity Not Before: Dec 8 16:02:41 2025 GMT Not After : Dec 9 16:02:41 2025 GMT Subject: CN=3cc0e0820f825129b49b6262fb17dc24becb6097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ea:e1:39:9e:12:89:8a:1a:86:69:ab:ef:1c: c0:81:d0:35:34:5b:0e:91:14:c3:9e:56:62:fd:f7: 61:0a:ab:db:28:04:04:82:0f:bc:0e:3c:13:ee:3e: 66:97:49:a0:65:78:c0:f9:b1:34:2e:9b:f4:05:52: d7:82:c4:c4:04:df:6c:72:3f:7c:5e:73:e3:15:74: 3c:79:da:2b:4b:c6:86:fd:50:1e:1a:e9:c3:7b:96: b7:bf:c4:8c:91:32:90:d5:ec:a7:54:69:40:8e:e1: b8:c9:d4:4b:0d:bd:a8:28:27:3e:83:87:cc:73:2f: 49:8f:91:b2:50:55:41:d2:55:26:4b:16:c8:b7:87: 4f:fe:34:16:52:89:e0:40:d4:76:20:ec:ee:55:a9: 15:92:18:d3:58:2c:ab:db:19:46:ba:7d:d4:4a:ff: 40:f0:b6:29:81:c1:0b:d6:df:20:b7:9a:71:a7:a5: b4:62:d0:f9:12:64:ee:c6:23:e2:84:8c:df:d9:67: bd:22:c6:5b:76:1a:bb:32:07:32:6d:49:04:e3:bd: 06:f2:f8:13:20:0d:fc:39:53:3b:14:e7:62:30:e5: 7b:e9:6d:65:28:a8:2f:d7:6e:8a:a9:dc:2e:e4:48: bc:56:9a:2e:e7:3a:23:8c:43:94:9e:e5:65:b8:b3: 32:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:C0:E0:82:0F:82:51:29:B4:9B:62:62:FB:17:DC:24:BE:CB:60:97 X509v3 Authority Key Identifier: keyid:40:74:A7:89:58:75:CF:2C:67:85:44:F6:CE:6F:4B:23:9F:49:29:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHSniVh1zyxnhUT2zm9LI59JKfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d177dc-43b3-4bdd-8bf5-f52d6064dd8b/1/QHSniVh1zyxnhUT2zm9LI59JKfs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d177dc-43b3-4bdd-8bf5-f52d6064dd8b/1/QHSniVh1zyxnhUT2zm9LI59JKfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:77:d2:59:20:b2:5b:34:3e:a9:24:c3:f8:b9:5d:ae:bf:b9: 3c:8b:e6:91:5e:c8:df:79:3b:76:ff:d1:be:69:d5:2c:a9:58: a9:01:b9:39:87:cd:8f:fe:d8:77:60:db:3b:a5:a8:dd:45:b6: 86:a1:6e:7f:7f:cf:95:ac:96:84:6e:98:6a:68:28:ab:22:8b: 25:64:d9:f9:bb:ec:cb:ae:cc:7a:c0:61:2c:29:e2:76:6a:ba: 6d:39:3a:41:77:db:98:a2:25:e5:fe:4a:52:d5:34:ca:85:14: bb:da:f2:93:da:7e:5b:80:a8:db:c9:2b:34:e4:20:b4:f0:34: a0:d3:c9:d7:9d:3f:b2:9f:12:24:f8:b3:be:94:a6:dd:39:da: 26:1a:e8:ec:4a:c4:c2:9a:c5:0b:97:fd:41:be:23:96:90:ff: b3:ec:9c:5f:82:6e:d9:c5:5a:77:67:62:ce:f4:b1:75:b0:7a: d4:76:e7:7d:68:11:7f:73:38:34:ce:73:f2:58:c6:58:d3:e8: 89:fc:91:7c:71:0e:f7:7a:35:92:38:6d:eb:40:f7:ae:49:e3: 0f:af:53:60:e3:f8:c6:6f:1d:20:69:b9:59:ce:9b:7a:1b:5d: 7b:3e:18:c5:dc:74:e4:48:6a:9a:de:06:ac:d0:1b:1e:24:13: a2:0a:d6:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr+s2g5KLT8JbqZ8WzX6XmuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwNzRhNzg5NTg3NWNmMmM2Nzg1NDRmNmNlNmY0YjIzOWY0 OTI5ZmIwHhcNMjUxMjA4MTYwMjQxWhcNMjUxMjA5MTYwMjQxWjAzMTEwLwYDVQQD EygzY2MwZTA4MjBmODI1MTI5YjQ5YjYyNjJmYjE3ZGMyNGJlY2I2MDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOrhOZ4SiYoahmmr7xzAgdA1NFsO kRTDnlZi/fdhCqvbKAQEgg+8DjwT7j5ml0mgZXjA+bE0Lpv0BVLXgsTEBN9scj98 XnPjFXQ8edorS8aG/VAeGunDe5a3v8SMkTKQ1eynVGlAjuG4ydRLDb2oKCc+g4fM cy9Jj5GyUFVB0lUmSxbIt4dP/jQWUongQNR2IOzuVakVkhjTWCyr2xlGun3USv9A 8LYpgcEL1t8gt5pxp6W0YtD5EmTuxiPihIzf2We9IsZbdhq7MgcybUkE470G8vgT IA38OVM7FOdiMOV76W1lKKgv126Kqdwu5Ei8Vpou5zojjEOUnuVluLMyFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDzA4IIPglEptJtiYvsX3CS+y2CXMB8GA1UdIwQY MBaAFEB0p4lYdc8sZ4VE9s5vSyOfSSn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUhTbmlWaDF6eXhuaFVUMnptOUxJNTlKS2ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kMTc3ZGMtNDNiMy00YmRkLThiZjUt ZjUyZDYwNjRkZDhiLzEvUUhTbmlWaDF6eXhuaFVUMnptOUxJNTlKS2ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC9kMTc3ZGMtNDNiMy00YmRkLThiZjUtZjUyZDYwNjRkZDhi LzEvUUhTbmlWaDF6eXhuaFVUMnptOUxJNTlKS2ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3fSWSCy WzQ+qSTD+Lldrr+5PIvmkV7I33k7dv/RvmnVLKlYqQG5OYfNj/7Yd2DbO6Wo3UW2 hqFuf3/PlayWhG6YamgoqyKLJWTZ+bvsy67MesBhLCnidmq6bTk6QXfbmKIl5f5K UtU0yoUUu9ryk9p+W4Co28krNOQgtPA0oNPJ150/sp8SJPizvpSm3TnaJhro7ErE wprFC5f9Qb4jlpD/s+ycX4Ju2cVad2dizvSxdbB61HbnfWgRf3M4NM5z8ljGWNPo ifyRfHEO93o1kjht60D3rknjD69TYOP4xm8dIGm5Wc6behtdez4Yxdx05Ehqmt4G rNAbHiQTogrWIw== -----END CERTIFICATE-----Generated at Mon Dec 8 18:20:53 2025 by rpki-client