This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft File: QtzU0b098prdQHW2jymvkHBHRDw.mft (raw, json) Hash identifier: 0TL2vfIRWo+eFvZFKRj8aG3ACyy6hEMhJMTACJ1G420= Subject key identifier: 9D:3E:D1:1C:F2:47:9E:A4:E7:1B:A7:C1:FC:10:59:20:A4:07:8D:90 Authority key identifier: 42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C Certificate issuer: /CN=42dcd4d1bd3df29add4075b68f29af907047443c Certificate serial: 019B0E92F4F49CC8BBAE401EEA7011DB5317 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft Manifest number: 049E Signing time: Thu 11 Dec 2025 18:01:10 +0000 Manifest this update: Thu 11 Dec 2025 18:01:10 +0000 Manifest next update: Fri 12 Dec 2025 18:01:10 +0000 Files and hashes: 1: 21zXl1VT2wOLl9fEbNkRa053DOE.roa (hash: 5emuQVjcm3y58xrRXNGECOspFNylmBXZoEALIIh48B4=) 2: QtzU0b098prdQHW2jymvkHBHRDw.crl (hash: Z+RLu6iXU7ggge9ykEVJl7dq+p/8XZOHqQtlEia1z2I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:92:f4:f4:9c:c8:bb:ae:40:1e:ea:70:11:db:53:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42dcd4d1bd3df29add4075b68f29af907047443c Validity Not Before: Dec 11 18:01:10 2025 GMT Not After : Dec 12 18:01:10 2025 GMT Subject: CN=9d3ed11cf2479ea4e71ba7c1fc105920a4078d90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a6:4f:15:60:b6:2c:38:a9:82:54:1e:c8:37: 5d:87:d0:34:37:0c:b8:f4:ce:c0:34:8e:94:00:d9: 9e:aa:ac:02:10:86:38:d3:ff:b5:b6:1b:ed:43:b9: 41:a5:10:64:de:5d:04:1a:4a:df:75:73:21:38:b9: 88:a8:dd:c0:83:2b:c6:0a:d2:5e:d9:1c:96:93:8c: 63:90:50:a8:bd:dc:0b:17:09:2b:74:98:84:ce:cd: ba:8e:53:ca:25:86:89:e2:1d:a0:66:73:3b:73:2b: 1c:cc:fc:3c:80:1c:5f:62:a9:45:68:45:67:a9:d4: b9:c6:91:2f:96:49:e5:b4:a9:fc:2b:49:e2:df:14: 2a:70:43:84:37:9d:ef:56:9b:8a:a1:60:49:a6:87: 36:28:03:83:ac:54:bd:a7:e8:08:bd:7d:20:ab:20: 14:0a:d6:85:49:d9:64:0c:62:97:28:6a:93:98:e7: 34:dc:f8:5b:45:99:cf:14:45:7f:10:7b:fa:dd:64: 48:e3:a1:ac:5a:62:83:71:1d:66:98:01:8a:6c:6d: 64:58:5b:c6:80:97:a7:37:ee:d5:5e:3c:3f:2f:1e: 2d:db:43:15:e7:83:33:57:7f:53:5b:42:c8:bc:92: a6:09:fb:6e:1c:d2:11:00:75:d6:90:04:41:9d:5d: c4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:3E:D1:1C:F2:47:9E:A4:E7:1B:A7:C1:FC:10:59:20:A4:07:8D:90 X509v3 Authority Key Identifier: keyid:42:DC:D4:D1:BD:3D:F2:9A:DD:40:75:B6:8F:29:AF:90:70:47:44:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtzU0b098prdQHW2jymvkHBHRDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/297f1e-922b-45b4-893f-fb98fe3dbc14/1/QtzU0b098prdQHW2jymvkHBHRDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:ae:ef:5b:a2:ec:2e:50:de:5a:c8:ab:57:52:a8:46:e1:6b: 9c:46:f3:c3:5c:84:81:1f:12:1a:27:a2:17:ce:58:95:04:3d: 9c:19:af:c8:16:5e:85:72:92:04:ba:3b:42:48:09:98:62:5b: 91:42:81:52:53:47:ef:08:ba:e9:c2:42:9f:94:e0:8d:cb:04: 89:94:ee:35:56:96:9b:d8:cc:05:bc:1e:56:a7:36:8b:a1:83: 6a:cd:20:dc:42:f8:b4:a2:1b:02:aa:2f:a8:3d:b4:2d:f7:b1: 2c:97:b7:63:35:f8:a7:1e:45:94:c4:45:a7:2e:96:93:bd:34: 7b:6e:ef:3d:39:29:2d:64:42:99:89:fa:07:5c:82:52:35:51: 8b:25:0d:22:fb:48:7a:23:59:54:74:7f:1c:bc:36:06:bd:5c: 23:21:50:24:52:30:3c:17:e6:d0:81:b6:c4:d4:e8:f4:23:ed: 8f:1e:42:23:72:63:8a:10:2b:34:75:68:0b:8a:16:7a:4f:22: 1b:dc:8b:8d:96:05:27:45:2e:08:ab:41:11:a4:1f:48:4f:9e: 12:84:19:df:08:dd:f1:94:b0:07:7e:d7:39:28:54:0b:6a:3d: 21:21:44:69:6a:4e:64:be:b4:b9:99:1b:8c:19:e4:39:c8:83: 7d:a5:3a:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOkvT0nMi7rkAe6nAR21MXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyZGNkNGQxYmQzZGYyOWFkZDQwNzViNjhmMjlhZjkwNzA0 NzQ0M2MwHhcNMjUxMjExMTgwMTEwWhcNMjUxMjEyMTgwMTEwWjAzMTEwLwYDVQQD Eyg5ZDNlZDExY2YyNDc5ZWE0ZTcxYmE3YzFmYzEwNTkyMGE0MDc4ZDkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqZPFWC2LDipglQeyDddh9A0Nwy4 9M7ANI6UANmeqqwCEIY40/+1thvtQ7lBpRBk3l0EGkrfdXMhOLmIqN3AgyvGCtJe 2RyWk4xjkFCovdwLFwkrdJiEzs26jlPKJYaJ4h2gZnM7cysczPw8gBxfYqlFaEVn qdS5xpEvlknltKn8K0ni3xQqcEOEN53vVpuKoWBJpoc2KAODrFS9p+gIvX0gqyAU CtaFSdlkDGKXKGqTmOc03PhbRZnPFEV/EHv63WRI46GsWmKDcR1mmAGKbG1kWFvG gJenN+7VXjw/Lx4t20MV54MzV39TW0LIvJKmCftuHNIRAHXWkARBnV3EVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ0+0RzyR56k5xunwfwQWSCkB42QMB8GA1UdIwQY MBaAFELc1NG9PfKa3UB1to8pr5BwR0Q8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2Yt ZmI5OGZlM2RiYzE0LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8yOTdmMWUtOTIyYi00NWI0LTg5M2YtZmI5OGZlM2RiYzE0 LzEvUXR6VTBiMDk4cHJkUUhXMmp5bXZrSEJIUkR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF67vW6Ls LlDeWsirV1KoRuFrnEbzw1yEgR8SGieiF85YlQQ9nBmvyBZehXKSBLo7QkgJmGJb kUKBUlNH7wi66cJCn5TgjcsEiZTuNVaWm9jMBbweVqc2i6GDas0g3EL4tKIbAqov qD20LfexLJe3YzX4px5FlMRFpy6Wk700e27vPTkpLWRCmYn6B1yCUjVRiyUNIvtI eiNZVHR/HLw2Br1cIyFQJFIwPBfm0IG2xNTo9CPtjx5CI3JjihArNHVoC4oWek8i G9yLjZYFJ0UuCKtBEaQfSE+eEoQZ3wjd8ZSwB37XOShUC2o9ISFEaWpOZL60uZkb jBnkOciDfaU6Hg== -----END CERTIFICATE-----Generated at Fri Dec 12 00:20:49 2025 by rpki-client