This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft File: QFphtYwdUt5SLgQQCcv80fflK3w.mft (raw, json) Hash identifier: zhHmxKiyZbrQDmWbS81jo6Y9lOR9k8oMSOzlrsM+33o= Subject key identifier: 54:6A:49:6C:07:E1:22:AD:45:A3:3A:75:12:4E:46:F4:91:38:DF:FE Authority key identifier: 40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C Certificate issuer: /CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c Certificate serial: 019B2EFA93F02AE0CA578CDF99D4190468CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft Manifest number: 127B Signing time: Thu 18 Dec 2025 01:02:12 +0000 Manifest this update: Thu 18 Dec 2025 01:02:12 +0000 Manifest next update: Fri 19 Dec 2025 01:02:12 +0000 Files and hashes: 1: QFphtYwdUt5SLgQQCcv80fflK3w.crl (hash: 3ua6rR/Q9FmjdaaH1jwDlr4g8/AyDF8AQsxv+sakxN0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:93:f0:2a:e0:ca:57:8c:df:99:d4:19:04:68:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=405a61b58c1d52de522e041009cbfcd1f7e52b7c Validity Not Before: Dec 18 01:02:12 2025 GMT Not After : Dec 19 01:02:12 2025 GMT Subject: CN=546a496c07e122ad45a33a75124e46f49138dffe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:4a:b3:29:e2:61:6e:bf:41:64:ae:41:94:6d: 41:00:7a:34:f4:04:c6:26:cd:4a:f7:c6:bd:4a:08: ff:b8:25:e5:8e:b1:f2:f6:d3:07:ed:06:ea:89:50: 7f:f7:c9:c2:13:e3:37:24:6a:b8:f7:cc:c1:28:1f: ca:0b:14:15:c8:f8:39:d2:86:07:74:c3:50:5e:15: 78:e5:c3:60:fb:88:03:e1:94:c3:12:ce:a1:48:67: fd:d5:8c:c4:cb:d7:9e:d0:fe:e3:fa:d9:f0:93:c5: 30:d3:77:6f:79:62:ff:95:d1:a7:e4:3d:c6:01:94: 50:f6:81:b3:fe:2c:5e:db:43:b9:62:81:da:55:e0: 80:b9:ba:ae:15:cc:90:5a:82:d3:a6:24:90:0c:f8: 30:8e:20:7d:0f:87:8d:d6:c5:3c:a7:8d:cc:2b:90: 37:6f:8a:31:96:b4:90:3e:f8:8a:a7:03:a7:86:97: 3c:70:f5:c1:46:2d:dd:40:41:b2:1b:25:ea:bc:c3: 9b:92:fd:32:de:58:79:86:95:f4:ae:91:01:78:2d: ff:dd:ef:03:c0:36:75:9f:8d:3f:9d:8c:35:8f:ef: 61:07:07:10:67:ee:7d:80:05:fd:47:6b:d6:7d:33: 89:70:55:fc:35:f1:e5:86:67:8b:19:31:c1:a5:42: 81:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:6A:49:6C:07:E1:22:AD:45:A3:3A:75:12:4E:46:F4:91:38:DF:FE X509v3 Authority Key Identifier: keyid:40:5A:61:B5:8C:1D:52:DE:52:2E:04:10:09:CB:FC:D1:F7:E5:2B:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFphtYwdUt5SLgQQCcv80fflK3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81306a-f1dd-4040-8357-fe0133cda535/1/QFphtYwdUt5SLgQQCcv80fflK3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:5e:c1:8c:93:14:56:2a:7a:ee:d6:a6:03:df:1f:f2:ac:e9: 5e:28:f1:9f:1c:81:8b:59:70:1c:c0:4f:1c:7e:c6:3d:14:79: 62:ca:3a:b5:bf:c9:42:5f:14:70:ae:13:01:2c:aa:dd:14:d6: 1e:9f:04:88:86:66:6a:4c:1e:af:4b:23:2b:e4:07:3a:4d:ca: 7d:ef:a9:89:4e:b2:c1:d9:24:28:ac:c9:74:64:e8:76:04:98: 2b:f3:96:ea:76:ce:10:78:ee:6c:cb:64:00:26:26:7f:17:6f: 80:83:cf:94:f8:86:b0:26:39:f6:4f:e5:27:f4:31:9d:a0:e5: 2b:75:eb:5f:ba:3b:17:39:5a:f7:80:ad:3a:31:2d:92:a9:a3: 76:d3:24:28:45:b3:2f:f2:29:a9:ce:b5:dd:30:98:71:55:d2: 73:8e:6d:91:82:73:5a:e4:ca:c8:65:3d:58:26:cf:bf:33:be: 95:e6:2b:2b:20:af:b0:27:3d:66:77:23:20:b8:05:00:9c:39: 5d:30:13:4a:42:f6:fc:59:6e:07:ce:af:51:d7:8f:62:bf:47: 92:66:62:2e:2a:a6:e4:e6:a5:ca:07:a4:8d:31:06:e6:22:0b: 56:2e:79:c8:d9:f6:64:61:cf:22:97:00:77:57:03:94:47:2b: b9:18:ec:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+pPwKuDKV4zfmdQZBGjLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwNWE2MWI1OGMxZDUyZGU1MjJlMDQxMDA5Y2JmY2QxZjdl NTJiN2MwHhcNMjUxMjE4MDEwMjEyWhcNMjUxMjE5MDEwMjEyWjAzMTEwLwYDVQQD Eyg1NDZhNDk2YzA3ZTEyMmFkNDVhMzNhNzUxMjRlNDZmNDkxMzhkZmZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUqzKeJhbr9BZK5BlG1BAHo09ATG Js1K98a9Sgj/uCXljrHy9tMH7QbqiVB/98nCE+M3JGq498zBKB/KCxQVyPg50oYH dMNQXhV45cNg+4gD4ZTDEs6hSGf91YzEy9ee0P7j+tnwk8Uw03dveWL/ldGn5D3G AZRQ9oGz/ixe20O5YoHaVeCAubquFcyQWoLTpiSQDPgwjiB9D4eN1sU8p43MK5A3 b4oxlrSQPviKpwOnhpc8cPXBRi3dQEGyGyXqvMObkv0y3lh5hpX0rpEBeC3/3e8D wDZ1n40/nYw1j+9hBwcQZ+59gAX9R2vWfTOJcFX8NfHlhmeLGTHBpUKBOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRqSWwH4SKtRaM6dRJORvSRON/+MB8GA1UdIwQY MBaAFEBaYbWMHVLeUi4EEAnL/NH35St8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTct ZmUwMTMzY2RhNTM1LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy84MTMwNmEtZjFkZC00MDQwLTgzNTctZmUwMTMzY2RhNTM1 LzEvUUZwaHRZd2RVdDVTTGdRUUNjdjgwZmZsSzN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALl7BjJMU Vip67tamA98f8qzpXijxnxyBi1lwHMBPHH7GPRR5Yso6tb/JQl8UcK4TASyq3RTW Hp8EiIZmakwer0sjK+QHOk3Kfe+piU6ywdkkKKzJdGTodgSYK/OW6nbOEHjubMtk ACYmfxdvgIPPlPiGsCY59k/lJ/QxnaDlK3XrX7o7Fzla94CtOjEtkqmjdtMkKEWz L/Ipqc613TCYcVXSc45tkYJzWuTKyGU9WCbPvzO+leYrKyCvsCc9ZncjILgFAJw5 XTATSkL2/FluB86vUdePYr9HkmZiLiqm5OalygekjTEG5iILVi55yNn2ZGHPIpcA d1cDlEcruRjslw== -----END CERTIFICATE-----Generated at Thu Dec 18 08:03:57 2025 by rpki-client