This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft File: QD8Iu6_6QWGEMgOop1erbpVGsM4.mft (raw, json) Hash identifier: i7bNxOy2FcQQwX5pQNo1nNTP0yDDbF2evPpMu6wj6lI= Subject key identifier: 2B:19:EB:D5:F0:76:2C:09:42:04:7D:1E:64:D2:2A:C5:C1:8F:8F:66 Authority key identifier: 40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE Certificate issuer: /CN=403f08bbaffa4161843203a8a757ab6e9546b0ce Certificate serial: 019B4392A03F0E78B790D61356AD782C4984 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft Manifest number: 069F Signing time: Mon 22 Dec 2025 01:00:41 +0000 Manifest this update: Mon 22 Dec 2025 01:00:41 +0000 Manifest next update: Tue 23 Dec 2025 01:00:41 +0000 Files and hashes: 1: 4PjPPpWKgAtzAAOasr7gIk0JbPI.roa (hash: yiKX1aQ5yWrVl7HwLmjfK1M9G+FpWFiXbyU5qVlLbDY=) 2: QD8Iu6_6QWGEMgOop1erbpVGsM4.crl (hash: vmLZ8BqZJWUnaJ98+uotusjqm9JBT2OTG41f0dBmnh0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:a0:3f:0e:78:b7:90:d6:13:56:ad:78:2c:49:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=403f08bbaffa4161843203a8a757ab6e9546b0ce Validity Not Before: Dec 22 01:00:41 2025 GMT Not After : Dec 23 01:00:41 2025 GMT Subject: CN=2b19ebd5f0762c0942047d1e64d22ac5c18f8f66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fd:36:5b:e9:7c:93:b6:80:df:20:e6:ed:06: dc:b8:bb:3c:5a:8c:9b:60:bb:4d:4b:25:5d:82:87: f4:35:24:eb:a6:f9:34:14:a8:f5:b7:f7:33:95:f5: fe:be:c0:fb:7d:42:5e:be:f6:b1:96:81:ed:42:47: 72:b0:37:8e:01:c4:2f:60:39:07:e2:8f:bf:9e:8b: b7:56:9d:cb:93:89:76:c4:66:4a:6a:ad:0e:58:55: e1:91:47:aa:4b:2a:8b:f7:af:50:28:e5:60:0c:3a: 8f:01:d8:ad:c0:19:8c:35:c2:62:35:f7:78:52:08: e0:b6:b6:c9:62:89:5d:13:d5:f6:d8:eb:07:5e:b1: 03:e9:2f:a3:a3:ff:d3:dc:87:ed:3e:30:5b:37:f2: 70:86:c7:f3:5f:b7:f8:4d:1e:26:d7:1f:af:1e:47: 30:7d:ff:79:49:33:e8:0c:85:83:e7:28:99:63:c0: f0:44:cb:86:42:b0:29:15:de:72:58:35:30:43:a9: 4c:df:d8:a0:f2:34:b7:8f:30:2a:af:62:c3:21:da: 3b:01:1b:c4:8a:37:b4:9e:40:bf:8e:23:37:41:cf: 0d:98:36:2c:94:2b:99:51:6f:d4:da:03:56:0c:52: 11:c0:59:5f:65:73:e6:b9:77:04:4c:5c:cb:89:c6: a0:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:19:EB:D5:F0:76:2C:09:42:04:7D:1E:64:D2:2A:C5:C1:8F:8F:66 X509v3 Authority Key Identifier: keyid:40:3F:08:BB:AF:FA:41:61:84:32:03:A8:A7:57:AB:6E:95:46:B0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QD8Iu6_6QWGEMgOop1erbpVGsM4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/d06832-dbdf-4f87-99b8-38d8a78a4862/1/QD8Iu6_6QWGEMgOop1erbpVGsM4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:b0:b6:64:80:0a:b3:61:cd:6c:5c:d1:d4:77:be:ab:4f:2f: ac:37:fe:84:3d:96:34:cc:cf:33:c3:66:0c:e0:35:df:14:ac: a9:80:e6:1f:b5:d0:b0:96:7f:f1:d7:8b:09:83:00:74:02:73: 73:55:fc:e0:bc:59:36:34:b0:ca:5b:62:f7:6c:cb:96:33:9a: 45:fd:e2:b7:fa:fb:32:4d:ce:11:28:e7:5e:38:2b:3f:04:2e: 0c:78:b7:76:30:e2:f1:92:51:47:3f:6b:bf:68:36:47:36:78: 0e:60:d9:2e:15:3c:7e:fc:c0:2f:39:56:e2:69:75:1e:e0:8c: 49:71:25:f1:57:e7:b8:74:2e:1b:57:3d:1e:45:db:ac:d1:ae: 7e:7a:a1:9f:37:7a:8f:d6:f8:96:58:7b:bc:76:10:9f:15:3a: a3:31:29:57:43:bf:3b:a1:a5:05:3d:0b:ee:75:f0:cb:66:1e: d2:1d:3c:d1:f1:3c:8f:c0:44:32:9b:86:19:cc:42:e2:84:c6: 52:d7:c9:b6:8f:04:96:67:0a:1b:05:ec:06:3d:34:f7:f0:40: 8f:6a:6c:68:c3:a7:5d:fa:0e:21:01:5d:6f:88:e9:a7:e0:d6: f9:24:0e:60:86:a0:fe:48:80:30:3f:08:8e:24:23:12:1a:df: 32:61:90:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkqA/Dni3kNYTVq14LEmEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwM2YwOGJiYWZmYTQxNjE4NDMyMDNhOGE3NTdhYjZlOTU0 NmIwY2UwHhcNMjUxMjIyMDEwMDQxWhcNMjUxMjIzMDEwMDQxWjAzMTEwLwYDVQQD EygyYjE5ZWJkNWYwNzYyYzA5NDIwNDdkMWU2NGQyMmFjNWMxOGY4ZjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3v02W+l8k7aA3yDm7QbcuLs8Woyb YLtNSyVdgof0NSTrpvk0FKj1t/czlfX+vsD7fUJevvaxloHtQkdysDeOAcQvYDkH 4o+/nou3Vp3Lk4l2xGZKaq0OWFXhkUeqSyqL969QKOVgDDqPAditwBmMNcJiNfd4 UgjgtrbJYoldE9X22OsHXrED6S+jo//T3IftPjBbN/JwhsfzX7f4TR4m1x+vHkcw ff95STPoDIWD5yiZY8DwRMuGQrApFd5yWDUwQ6lM39ig8jS3jzAqr2LDIdo7ARvE ije0nkC/jiM3Qc8NmDYslCuZUW/U2gNWDFIRwFlfZXPmuXcETFzLicagvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCsZ69XwdiwJQgR9HmTSKsXBj49mMB8GA1UdIwQY MBaAFEA/CLuv+kFhhDIDqKdXq26VRrDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5Yjgt MzhkOGE3OGE0ODYyLzEvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9kMDY4MzItZGJkZi00Zjg3LTk5YjgtMzhkOGE3OGE0ODYy LzEvUUQ4SXU2XzZRV0dFTWdPb3AxZXJicFZHc000LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnrC2ZIAK s2HNbFzR1He+q08vrDf+hD2WNMzPM8NmDOA13xSsqYDmH7XQsJZ/8deLCYMAdAJz c1X84LxZNjSwylti92zLljOaRf3it/r7Mk3OESjnXjgrPwQuDHi3djDi8ZJRRz9r v2g2RzZ4DmDZLhU8fvzALzlW4ml1HuCMSXEl8VfnuHQuG1c9HkXbrNGufnqhnzd6 j9b4llh7vHYQnxU6ozEpV0O/O6GlBT0L7nXwy2Ye0h080fE8j8BEMpuGGcxC4oTG UtfJto8ElmcKGwXsBj009/BAj2psaMOnXfoOIQFdb4jpp+DW+SQOYIag/kiAMD8I jiQjEhrfMmGQEQ== -----END CERTIFICATE-----Generated at Mon Dec 22 05:33:13 2025 by rpki-client