This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.mft File: QM_TpJvHHnSg0L9-NGyomylZehI.mft (raw, json) Hash identifier: pPsKpCOPwo27ifBfAqqDsSi9zcgrRQQNpoybAw0e2Vg= Subject key identifier: B2:B2:4F:FA:62:F1:FD:47:29:A5:08:A4:5A:10:C0:A1:06:9D:5E:4B Authority key identifier: 40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12 Certificate issuer: /CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12 Certificate serial: 019B085B15DAE93923A3AEE94F7BF33637E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.mft Manifest number: 176D Signing time: Wed 10 Dec 2025 13:02:25 +0000 Manifest this update: Wed 10 Dec 2025 13:02:25 +0000 Manifest next update: Thu 11 Dec 2025 13:02:25 +0000 Files and hashes: 1: QM_TpJvHHnSg0L9-NGyomylZehI.crl (hash: 2hDWZyIMp6Ia+F/G+6XTAPxNYvsyNDn3CEWkKYvSdBY=) 2: cOU0f1SCKSAnKUQtSDidcXUui3Y.roa (hash: SxetuqQIAbe3h1o0xhzW+JEeQWRKvCIOYuGwJHKjEXs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.mft rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:5b:15:da:e9:39:23:a3:ae:e9:4f:7b:f3:36:37:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12 Validity Not Before: Dec 10 13:02:25 2025 GMT Not After : Dec 11 13:02:25 2025 GMT Subject: CN=b2b24ffa62f1fd4729a508a45a10c0a1069d5e4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6b:60:7a:cf:82:09:b7:e4:bf:dc:5a:4e:47: 3d:31:3f:bb:81:d4:c5:e6:b7:12:33:61:57:69:70: 79:3a:86:db:43:92:39:1a:d2:1b:0c:a1:32:29:25: 59:7a:5f:e4:5c:9a:9c:51:88:a7:c3:6f:a4:77:3b: c4:38:76:4e:21:88:64:59:8e:96:1f:39:d0:15:9b: c1:7d:19:08:8a:1c:d6:48:52:ec:f5:6f:91:23:3c: 00:2b:4b:ed:bc:4b:ee:91:97:29:d7:af:87:33:ba: ea:3a:23:90:7e:3c:20:26:89:e9:6e:63:5a:dc:01: cc:e3:ee:66:2c:5d:60:32:02:39:f1:8f:52:82:9c: 8d:34:1a:3b:b0:ae:b5:e2:0f:33:fa:d9:d9:8c:d4: a1:9e:4c:0b:44:25:89:d3:e7:c1:3e:e8:7a:76:59: 2e:bb:5a:44:d1:4b:38:56:27:29:26:4f:6c:94:4f: 02:cf:30:1e:84:ef:e1:25:2a:17:c6:fc:eb:b6:58: 8e:eb:0d:38:ce:ea:ca:7d:3e:0e:52:d1:06:7f:c4: 62:0b:37:e8:f8:66:3e:ea:c7:ed:11:ba:4d:b5:74: 56:b1:89:0b:3e:fc:44:27:0d:bf:f3:45:ff:e2:77: 33:e2:50:d8:d7:80:bb:4d:e5:10:f5:ae:76:52:ee: 15:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:B2:4F:FA:62:F1:FD:47:29:A5:08:A4:5A:10:C0:A1:06:9D:5E:4B X509v3 Authority Key Identifier: keyid:40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:49:f1:3e:d1:24:67:79:5d:a5:01:62:62:a8:e3:9f:93:72: 9d:da:ab:26:68:9d:83:24:94:92:62:f1:71:ff:6f:7c:43:45: a9:3c:4b:6c:80:62:9e:3c:c4:cc:87:e7:17:43:77:31:82:94: ef:26:ca:92:b9:6a:7c:64:54:d8:2d:f2:a5:b0:57:05:74:bc: 70:7f:e2:73:23:dc:ba:80:f1:6a:ea:9b:4e:98:76:da:45:b8: 25:2f:da:a3:ad:31:d6:75:0c:d6:09:97:3f:f3:49:21:dd:9f: 20:82:b9:c0:9b:3a:48:d2:32:8f:16:55:c5:6d:37:5b:ac:e4: 71:f4:6c:80:4e:e0:81:29:62:41:a5:9d:13:7e:fd:62:41:52: f8:0b:89:9e:2e:69:9d:8d:33:93:ab:23:6f:2a:6c:9a:7d:e8: ea:45:3c:5f:1e:33:b3:b9:1b:25:20:c3:fa:c7:13:61:4e:24: 05:5f:a7:7b:de:a4:69:19:6e:28:0c:71:ee:75:19:0e:18:80: ce:eb:00:c9:7d:f1:ab:81:92:51:9a:61:2e:3a:c7:33:1b:54: ef:ae:98:77:9c:0d:b8:5f:00:de:b2:de:01:21:0e:2b:21:71: f0:f4:79:66:f0:40:bf:a4:0f:e3:8d:e7:1c:1f:fd:7c:dd:44: 16:e6:a2:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsIWxXa6Tkjo67pT3vzNjflMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwY2ZkM2E0OWJjNzFlNzRhMGQwYmY3ZTM0NmNhODliMjk1 OTdhMTIwHhcNMjUxMjEwMTMwMjI1WhcNMjUxMjExMTMwMjI1WjAzMTEwLwYDVQQD EyhiMmIyNGZmYTYyZjFmZDQ3MjlhNTA4YTQ1YTEwYzBhMTA2OWQ1ZTRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2tges+CCbfkv9xaTkc9MT+7gdTF 5rcSM2FXaXB5OobbQ5I5GtIbDKEyKSVZel/kXJqcUYinw2+kdzvEOHZOIYhkWY6W HznQFZvBfRkIihzWSFLs9W+RIzwAK0vtvEvukZcp16+HM7rqOiOQfjwgJonpbmNa 3AHM4+5mLF1gMgI58Y9SgpyNNBo7sK614g8z+tnZjNShnkwLRCWJ0+fBPuh6dlku u1pE0Us4VicpJk9slE8CzzAehO/hJSoXxvzrtliO6w04zurKfT4OUtEGf8RiCzfo +GY+6sftEbpNtXRWsYkLPvxEJw2/80X/4ncz4lDY14C7TeUQ9a52Uu4VLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKyT/pi8f1HKaUIpFoQwKEGnV5LMB8GA1UdIwQY MBaAFEDP06Sbxx50oNC/fjRsqJspWXoSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUt NjBiNmViYmI3ZTZmLzEvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUtNjBiNmViYmI3ZTZm LzEvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEnxPtEk Z3ldpQFiYqjjn5NyndqrJmidgySUkmLxcf9vfENFqTxLbIBinjzEzIfnF0N3MYKU 7ybKkrlqfGRU2C3ypbBXBXS8cH/icyPcuoDxauqbTph22kW4JS/ao60x1nUM1gmX P/NJId2fIIK5wJs6SNIyjxZVxW03W6zkcfRsgE7ggSliQaWdE379YkFS+AuJni5p nY0zk6sjbypsmn3o6kU8Xx4zs7kbJSDD+scTYU4kBV+ne96kaRluKAxx7nUZDhiA zusAyX3xq4GSUZphLjrHMxtU766Yd5wNuF8A3rLeASEOKyFx8PR5ZvBAv6QP443n HB/9fN1EFuaiqQ== -----END CERTIFICATE-----Generated at Wed Dec 10 18:45:32 2025 by rpki-client