This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft File: QLnKyTUxHngDS0BzgwqBo897Rdk.mft (raw, json) Hash identifier: i49bOflfkWPmGbUs/6TXSbx0XgbA8Rv+rXjzRZfslWw= Subject key identifier: C6:8A:31:E0:2A:DA:CD:4B:37:CC:68:A7:90:B6:37:AF:89:F3:10:5E Authority key identifier: 40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9 Certificate issuer: /CN=40b9cac935311e78034b4073830a81a3cf7b45d9 Certificate serial: 019B2174B40C3EC72B2CBD107631BAA9835A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft Manifest number: 177A Signing time: Mon 15 Dec 2025 10:00:54 +0000 Manifest this update: Mon 15 Dec 2025 10:00:54 +0000 Manifest next update: Tue 16 Dec 2025 10:00:54 +0000 Files and hashes: 1: 1q_nnAgndZaIqez5io_HHZB7TIg.roa (hash: fcE6bMGj83Q0hVMFOv0EAXM92bWkreUUh6T69N1a/Yo=) 2: QLnKyTUxHngDS0BzgwqBo897Rdk.crl (hash: e8wZsDMVBbkGVjcECK5Y3+RdHIJVXHMSV1Zi6rR9hkk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:74:b4:0c:3e:c7:2b:2c:bd:10:76:31:ba:a9:83:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40b9cac935311e78034b4073830a81a3cf7b45d9 Validity Not Before: Dec 15 10:00:54 2025 GMT Not After : Dec 16 10:00:54 2025 GMT Subject: CN=c68a31e02adacd4b37cc68a790b637af89f3105e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0b:7a:f8:82:11:f2:c3:b6:16:b8:79:1c:44: ee:96:53:09:19:f8:c8:79:8f:bb:5b:09:21:0d:9a: 47:17:79:d3:fe:bf:c4:03:cf:39:60:50:dc:e0:4a: 65:1b:32:f6:e7:08:0b:3e:f0:f2:50:b6:7a:2e:9f: 1a:b0:cd:14:5b:14:63:93:fb:a0:05:85:7e:11:84: 5c:22:2e:9b:ac:d6:4e:b1:1b:0d:b5:6e:7b:68:03: 67:a0:12:c2:44:0d:b6:c4:42:f8:5a:aa:40:1c:6e: 1e:ff:7b:f5:09:6d:31:34:ce:5a:4e:fc:52:05:ab: ea:fb:f6:a4:9f:76:36:83:ed:7e:9a:e1:92:84:ce: cf:a9:0c:15:21:d6:e6:33:e8:f7:9f:fd:84:03:7b: b4:ba:36:11:0b:d3:61:2f:48:f8:e7:dc:1c:66:63: 9c:59:ef:67:a3:49:1e:4b:b6:6d:19:3f:a7:eb:a2: 95:95:c3:48:3c:25:ab:97:7e:69:08:96:1c:59:15: fc:7e:b9:f2:e9:bf:75:54:58:0b:f2:c4:84:aa:6c: 9b:02:22:92:e3:7b:d5:22:47:1a:91:c2:d7:d2:73: 18:e2:03:04:dd:6b:c7:60:53:a0:20:1b:53:aa:c6: ab:7e:f5:4e:32:5b:fa:7f:5a:54:7d:ed:6f:1d:7e: 5c:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:8A:31:E0:2A:DA:CD:4B:37:CC:68:A7:90:B6:37:AF:89:F3:10:5E X509v3 Authority Key Identifier: keyid:40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:06:fe:0c:99:4b:1d:f2:4f:b6:8c:65:4e:b2:17:d2:d4:80: 80:a7:d4:48:21:c2:c9:a1:a3:d7:07:c4:9f:26:65:31:b8:f4: d8:a4:0a:36:42:4c:40:eb:02:96:0d:db:b4:f2:c8:11:12:47: f9:45:50:6d:5f:e0:af:d5:6e:24:57:c4:3e:3f:c0:52:3b:58: 73:79:07:43:34:d4:60:13:3c:03:81:d3:14:82:b3:a6:ed:24: 97:a6:36:1e:3f:fb:2e:74:7d:7e:e0:9e:56:38:5d:16:08:1e: 97:2d:a0:54:77:19:15:4c:85:a9:1c:45:e3:90:25:c0:09:f9: 56:5e:48:69:5c:de:3d:13:40:0a:fd:8d:3b:0f:39:41:66:b4: bd:d1:8d:bc:5d:9a:6c:21:12:e0:c7:44:f8:1a:62:c0:f9:75: c0:0f:eb:c5:66:19:be:8e:39:3d:28:c2:37:3d:6c:a6:67:c2: 11:b2:bb:5d:1b:15:88:f7:27:e8:9b:44:9f:7a:56:32:42:66: bc:d0:93:6f:bd:4e:11:3e:db:d3:2e:fd:bd:b6:9c:4a:bc:fd: 66:46:5f:57:e1:8e:d6:c6:e2:b2:d0:3f:03:56:7a:d3:19:be: 4d:f3:a3:03:53:ec:7a:b4:8d:11:fd:1c:1f:cd:46:71:78:8b: 71:56:0d:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdLQMPscrLL0QdjG6qYNaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYjljYWM5MzUzMTFlNzgwMzRiNDA3MzgzMGE4MWEzY2Y3 YjQ1ZDkwHhcNMjUxMjE1MTAwMDU0WhcNMjUxMjE2MTAwMDU0WjAzMTEwLwYDVQQD EyhjNjhhMzFlMDJhZGFjZDRiMzdjYzY4YTc5MGI2MzdhZjg5ZjMxMDVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAt6+IIR8sO2Frh5HETullMJGfjI eY+7WwkhDZpHF3nT/r/EA885YFDc4EplGzL25wgLPvDyULZ6Lp8asM0UWxRjk/ug BYV+EYRcIi6brNZOsRsNtW57aANnoBLCRA22xEL4WqpAHG4e/3v1CW0xNM5aTvxS Bavq+/akn3Y2g+1+muGShM7PqQwVIdbmM+j3n/2EA3u0ujYRC9NhL0j459wcZmOc We9no0keS7ZtGT+n66KVlcNIPCWrl35pCJYcWRX8frny6b91VFgL8sSEqmybAiKS 43vVIkcakcLX0nMY4gME3WvHYFOgIBtTqsarfvVOMlv6f1pUfe1vHX5cMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMaKMeAq2s1LN8xop5C2N6+J8xBeMB8GA1UdIwQY MBaAFEC5ysk1MR54A0tAc4MKgaPPe0XZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmIt NzUzNGZlMGYxYjgzLzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8yODVhYjYtMDEwOS00NGUxLWJiMmItNzUzNGZlMGYxYjgz LzEvUUxuS3lUVXhIbmdEUzBCemd3cUJvODk3UmRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAb+DJlL HfJPtoxlTrIX0tSAgKfUSCHCyaGj1wfEnyZlMbj02KQKNkJMQOsClg3btPLIERJH +UVQbV/gr9VuJFfEPj/AUjtYc3kHQzTUYBM8A4HTFIKzpu0kl6Y2Hj/7LnR9fuCe VjhdFggely2gVHcZFUyFqRxF45AlwAn5Vl5IaVzePRNACv2NOw85QWa0vdGNvF2a bCES4MdE+BpiwPl1wA/rxWYZvo45PSjCNz1spmfCEbK7XRsViPcn6JtEn3pWMkJm vNCTb71OET7b0y79vbacSrz9ZkZfV+GO1sbistA/A1Z60xm+TfOjA1PserSNEf0c H81GcXiLcVYNbw== -----END CERTIFICATE-----Generated at Mon Dec 15 13:14:41 2025 by rpki-client