This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft File: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft (raw, json) Hash identifier: jwYVLNiwAE4U5p9A1e6odQQLbHz8+nlUm7bMdlpzPMQ= Subject key identifier: 63:AC:AA:16:C6:CC:40:85:70:12:C4:1D:75:0B:F2:5B:EF:E9:72:55 Authority key identifier: 41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5 Certificate issuer: /CN=412dad820699f153a31a66ed6783a1de4e0f8cf5 Certificate serial: 019B34C535E933369E0E30628AD4DD818926 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft Manifest number: 0D70 Signing time: Fri 19 Dec 2025 04:01:38 +0000 Manifest this update: Fri 19 Dec 2025 04:01:38 +0000 Manifest next update: Sat 20 Dec 2025 04:01:38 +0000 Files and hashes: 1: QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl (hash: r/HxBn2qUrl1UmIrUADyA0Za3eLj/K4hApKwNtHdIgA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:35:e9:33:36:9e:0e:30:62:8a:d4:dd:81:89:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=412dad820699f153a31a66ed6783a1de4e0f8cf5 Validity Not Before: Dec 19 04:01:38 2025 GMT Not After : Dec 20 04:01:38 2025 GMT Subject: CN=63acaa16c6cc40857012c41d750bf25befe97255 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:8d:2b:07:21:1c:c7:ba:b9:b6:8f:97:fa:ac: a0:1f:17:f8:3b:a3:80:2c:6d:18:26:3a:9c:2b:b5: b2:fe:35:51:bc:7e:07:ff:18:5d:5b:e0:ae:1d:73: 26:7f:ed:75:e5:00:fa:65:2a:38:67:85:45:ec:ab: 8f:c7:ae:2f:1c:ea:7e:49:0d:eb:7e:7f:c5:e7:c2: ce:c6:51:ac:a9:56:15:e7:90:43:87:b2:ea:40:45: 8c:73:bb:8f:97:2f:b5:76:82:be:06:ec:4c:d8:97: a8:5d:54:57:60:30:7d:35:0c:38:c8:03:39:4c:98: c1:e8:03:05:c1:a7:dd:b7:7c:e2:81:a0:87:13:09: d9:63:50:a0:41:02:bf:8f:9e:2c:40:00:56:1d:21: bf:24:f2:89:d9:9e:bb:0d:fc:4e:f7:25:4e:36:f9: a1:d5:a3:3b:c6:51:41:d6:e2:c5:b8:97:d8:0f:50: 63:b4:99:4f:a2:89:0a:e6:ca:b5:e5:96:41:86:f2: 03:fe:94:8a:17:2b:11:dc:7e:a9:87:68:ce:db:f8: 24:17:c3:19:ef:1d:b7:aa:02:20:77:49:ab:89:c8: b7:4f:40:57:bc:8b:6f:54:5c:02:d0:fb:4c:81:1e: 8e:9c:5c:05:d4:72:c4:b3:0d:b7:41:18:a1:8c:a9: 87:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:AC:AA:16:C6:CC:40:85:70:12:C4:1D:75:0B:F2:5B:EF:E9:72:55 X509v3 Authority Key Identifier: keyid:41:2D:AD:82:06:99:F1:53:A3:1A:66:ED:67:83:A1:DE:4E:0F:8C:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ba94f4-8a20-4d10-927f-a882da6c0cfc/1/QS2tggaZ8VOjGmbtZ4Oh3k4PjPU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:87:b6:73:d7:83:b7:c6:8a:68:57:db:d7:37:a2:f2:bc:da: 1a:ef:3d:59:cf:d9:7b:e0:4b:5f:38:85:80:e1:43:77:30:09: 59:2d:44:48:75:76:96:42:e9:fc:6f:3d:56:fa:d4:15:1f:f2: a5:a6:a8:d5:45:2d:a8:9f:cd:00:91:9d:dd:b0:94:cb:f2:86: 99:fa:da:8b:32:4c:13:e8:ee:3e:b7:1f:ca:88:e4:4d:16:a3: 17:77:ba:ee:e8:23:46:4c:6b:dc:48:d3:e3:04:7f:97:78:4f: f9:41:fd:a3:4f:fb:21:96:59:e6:6e:47:ab:b9:95:20:9f:4d: 79:d9:0f:5b:28:d7:f2:c2:43:5b:b2:12:71:af:8b:25:4b:15: 2f:bd:9b:3c:4f:56:9c:0e:a0:d9:31:b9:8c:c1:69:81:3b:9e: c8:43:2e:64:90:fe:ee:33:a0:c6:a7:84:42:99:c5:91:79:d6: 64:0b:9b:d4:80:a2:4d:d8:4e:f6:81:39:f2:2f:b6:28:68:52: 31:48:07:77:95:7e:46:e3:5f:60:48:2b:dd:12:8c:68:b9:4c: 70:29:5b:8f:81:f1:09:f0:47:e3:73:57:af:41:c5:d2:b8:27: a9:93:ff:cc:18:c3:28:74:2d:4d:66:db:8c:d6:b2:c5:64:5a: 8f:4b:81:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xTXpMzaeDjBiitTdgYkmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMmRhZDgyMDY5OWYxNTNhMzFhNjZlZDY3ODNhMWRlNGUw ZjhjZjUwHhcNMjUxMjE5MDQwMTM4WhcNMjUxMjIwMDQwMTM4WjAzMTEwLwYDVQQD Eyg2M2FjYWExNmM2Y2M0MDg1NzAxMmM0MWQ3NTBiZjI1YmVmZTk3MjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY0rByEcx7q5to+X+qygHxf4O6OA LG0YJjqcK7Wy/jVRvH4H/xhdW+CuHXMmf+115QD6ZSo4Z4VF7KuPx64vHOp+SQ3r fn/F58LOxlGsqVYV55BDh7LqQEWMc7uPly+1doK+BuxM2JeoXVRXYDB9NQw4yAM5 TJjB6AMFwafdt3zigaCHEwnZY1CgQQK/j54sQABWHSG/JPKJ2Z67DfxO9yVONvmh 1aM7xlFB1uLFuJfYD1BjtJlPookK5sq15ZZBhvID/pSKFysR3H6ph2jO2/gkF8MZ 7x23qgIgd0mrici3T0BXvItvVFwC0PtMgR6OnFwF1HLEsw23QRihjKmHtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGOsqhbGzECFcBLEHXUL8lvv6XJVMB8GA1UdIwQY MBaAFEEtrYIGmfFToxpm7WeDod5OD4z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2Yt YTg4MmRhNmMwY2ZjLzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iYTk0ZjQtOGEyMC00ZDEwLTkyN2YtYTg4MmRhNmMwY2Zj LzEvUVMydGdnYVo4Vk9qR21idFo0T2gzazRQalBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApYe2c9eD t8aKaFfb1zei8rzaGu89Wc/Ze+BLXziFgOFDdzAJWS1ESHV2lkLp/G89VvrUFR/y paao1UUtqJ/NAJGd3bCUy/KGmfraizJME+juPrcfyojkTRajF3e67ugjRkxr3EjT 4wR/l3hP+UH9o0/7IZZZ5m5Hq7mVIJ9NedkPWyjX8sJDW7ISca+LJUsVL72bPE9W nA6g2TG5jMFpgTueyEMuZJD+7jOgxqeEQpnFkXnWZAub1ICiTdhO9oE58i+2KGhS MUgHd5V+RuNfYEgr3RKMaLlMcClbj4HxCfBH43NXr0HF0rgnqZP/zBjDKHQtTWbb jNayxWRaj0uBpQ== -----END CERTIFICATE-----Generated at Fri Dec 19 06:44:55 2025 by rpki-client