This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json) Hash identifier: 2BzMgvkwdkIq4Wv/jFlhWDB9G1ytmK0Ex07Ks8w636o= Subject key identifier: 70:E5:89:F1:29:AB:F9:73:EF:9B:53:72:34:35:2A:73:40:53:76:56 Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Certificate serial: 019B3231B4D69BE4A7007DF13369478CD0AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft Manifest number: 0992 Signing time: Thu 18 Dec 2025 16:01:16 +0000 Manifest this update: Thu 18 Dec 2025 16:01:16 +0000 Manifest next update: Fri 19 Dec 2025 16:01:16 +0000 Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: o+yh0VtYZokTsnylqHX8gUJPkeMmopfBf5oU1a6EvWg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:b4:d6:9b:e4:a7:00:7d:f1:33:69:47:8c:d0:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Validity Not Before: Dec 18 16:01:16 2025 GMT Not After : Dec 19 16:01:16 2025 GMT Subject: CN=70e589f129abf973ef9b537234352a7340537656 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9c:92:ad:01:f0:b2:ef:aa:4a:2a:49:31:2b: 0f:79:35:5b:4c:2b:27:b0:55:a0:7c:42:3f:8e:4a: b3:92:46:10:1a:23:97:81:f2:b0:0f:29:74:f4:7e: 63:ef:15:34:d7:a3:e3:96:70:6e:79:61:d4:b1:71: 22:0f:d7:20:64:85:07:40:34:0c:ac:c2:d8:6d:87: b7:e3:db:4c:0f:de:57:27:e6:ec:b1:73:5e:fa:37: 26:58:81:bb:12:ad:df:a2:da:e3:0f:85:f8:65:ab: bd:f0:19:18:c0:8e:96:7d:5b:55:ee:8c:c3:d3:9a: 76:75:2e:f4:40:b4:ee:1a:64:0a:92:87:16:8f:77: 09:56:83:34:5d:ac:67:37:12:52:99:3c:24:b9:46: 9c:67:ba:74:1b:0e:8b:9e:9a:b9:25:1f:d5:bc:0c: f4:72:8e:47:a0:e0:d8:5c:ca:06:28:63:a1:83:8e: 4f:9a:40:9f:65:10:9b:06:07:9d:41:32:24:4c:a9: 60:e2:1f:14:eb:db:3a:01:57:2c:d9:45:d7:62:a1: f2:51:1b:ca:30:38:0e:a1:88:ec:84:17:d8:f5:35: 8e:7d:be:3b:e0:2d:e5:b9:ff:1b:05:b0:80:8d:3a: c3:df:ad:ea:b4:35:bb:e2:7a:19:fb:a7:e0:74:d2: fd:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:E5:89:F1:29:AB:F9:73:EF:9B:53:72:34:35:2A:73:40:53:76:56 X509v3 Authority Key Identifier: keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:d3:5e:30:e7:84:cf:d4:37:b0:08:fd:01:4b:37:c2:4b:96: 30:85:3c:a7:68:03:74:4e:a7:92:8d:28:2f:a3:40:22:dc:97: 32:f3:c5:15:8e:33:74:d5:c3:7b:35:81:19:34:6a:59:8f:d6: 12:b1:dd:8e:83:8a:66:b5:b2:c4:91:5c:42:4a:73:66:ab:1c: ac:21:e8:9d:7a:2a:df:4a:92:29:9c:d5:c4:50:b0:4b:fb:67: 4a:43:59:2a:14:cd:a3:04:67:a4:76:c6:f7:c9:d2:6f:19:9f: fe:85:6e:c7:44:f2:fb:4b:ca:62:1e:1e:24:33:14:05:b9:c0: b4:0e:af:73:90:d3:2d:d8:cd:31:fc:46:fc:87:6f:80:d3:90: 03:c5:70:ab:2b:78:f0:b0:7f:7e:f4:9c:66:10:c0:05:e8:fa: 49:fa:59:d3:d4:33:b9:10:27:17:49:2e:c0:f3:ff:e7:e2:b5: 38:d3:54:12:ab:62:ca:32:9d:4f:51:59:ad:be:e4:35:e6:8c: 9e:d1:47:d2:ff:23:c6:a1:d8:69:4b:cd:f2:33:7d:8a:6e:87: 41:5a:2c:a7:68:09:7c:a3:6c:e2:a2:32:55:1b:99:be:1c:39: 07:56:50:26:97:d0:66:07:55:8a:8b:7b:5d:07:21:e6:9f:3d: 5d:6d:5f:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMbTWm+SnAH3xM2lHjNCtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy Zjg3MDMwHhcNMjUxMjE4MTYwMTE2WhcNMjUxMjE5MTYwMTE2WjAzMTEwLwYDVQQD Eyg3MGU1ODlmMTI5YWJmOTczZWY5YjUzNzIzNDM1MmE3MzQwNTM3NjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpySrQHwsu+qSipJMSsPeTVbTCsn sFWgfEI/jkqzkkYQGiOXgfKwDyl09H5j7xU016PjlnBueWHUsXEiD9cgZIUHQDQM rMLYbYe349tMD95XJ+bssXNe+jcmWIG7Eq3fotrjD4X4Zau98BkYwI6WfVtV7ozD 05p2dS70QLTuGmQKkocWj3cJVoM0XaxnNxJSmTwkuUacZ7p0Gw6Lnpq5JR/VvAz0 co5HoODYXMoGKGOhg45PmkCfZRCbBgedQTIkTKlg4h8U69s6AVcs2UXXYqHyURvK MDgOoYjshBfY9TWOfb474C3luf8bBbCAjTrD363qtDW74noZ+6fgdNL91wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHDlifEpq/lz75tTcjQ1KnNAU3ZWMB8GA1UdIwQY MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm9NeMOeE z9Q3sAj9AUs3wkuWMIU8p2gDdE6nko0oL6NAItyXMvPFFY4zdNXDezWBGTRqWY/W ErHdjoOKZrWyxJFcQkpzZqscrCHonXoq30qSKZzVxFCwS/tnSkNZKhTNowRnpHbG 98nSbxmf/oVux0Ty+0vKYh4eJDMUBbnAtA6vc5DTLdjNMfxG/IdvgNOQA8Vwqyt4 8LB/fvScZhDABej6SfpZ09QzuRAnF0kuwPP/5+K1ONNUEqtiyjKdT1FZrb7kNeaM ntFH0v8jxqHYaUvN8jN9im6HQVosp2gJfKNs4qIyVRuZvhw5B1ZQJpfQZgdViot7 XQch5p89XW1fWA== -----END CERTIFICATE-----Generated at Thu Dec 18 19:10:30 2025 by rpki-client