This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json) Hash identifier: /kaWcRffSJ+6+9iEm3AAmFwSIrRWk3gTfeG8ttsricU= Subject key identifier: 6F:94:26:D4:9C:CF:70:2D:CF:59:45:9F:32:8B:39:26:E5:FD:34:E9 Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Certificate serial: 019AF27676DB4245C5A250FE25032A8B5E8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft Manifest number: 0971 Signing time: Sat 06 Dec 2025 07:00:41 +0000 Manifest this update: Sat 06 Dec 2025 07:00:41 +0000 Manifest next update: Sun 07 Dec 2025 07:00:41 +0000 Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: Z7RGm/WZPnObjSRrjzH8R4A13TaRrOug/98OBAQk6bs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:76:db:42:45:c5:a2:50:fe:25:03:2a:8b:5e:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Validity Not Before: Dec 6 07:00:41 2025 GMT Not After : Dec 7 07:00:41 2025 GMT Subject: CN=6f9426d49ccf702dcf59459f328b3926e5fd34e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:01:c6:7a:54:c3:e0:d0:51:4e:05:96:56:e1: fb:ac:47:c4:37:e3:cd:9d:9e:72:82:ba:61:2d:15: 4a:ca:99:35:cc:77:85:1e:97:0d:b3:e3:77:15:92: 87:0b:68:f2:bc:1a:da:f3:a5:e0:93:2c:79:4a:f3: 8d:ac:d5:21:dc:83:52:ff:ff:de:25:a6:6f:69:72: 7b:75:20:87:2a:99:a0:cb:b8:e8:03:b2:b0:5e:92: 0a:86:33:91:49:b7:28:77:36:53:9b:37:46:25:91: b0:b5:61:9b:8b:a9:37:4b:d0:3f:da:17:cc:d8:8d: 67:9c:07:2d:ca:07:78:d0:9b:5d:0d:f0:30:83:8f: 4d:45:80:f8:40:f4:ea:3c:0b:c6:30:19:83:5a:4a: 7d:4e:1d:5c:75:c4:e8:3c:d2:f3:49:60:ba:8b:ac: 75:1a:98:c9:eb:17:1c:8b:e1:1e:7c:c5:60:9f:94: b8:d8:8b:fc:aa:68:a1:d9:d2:86:71:af:fd:c2:b4: 0f:1a:75:53:af:32:45:2f:b4:3f:f7:34:fa:0f:2a: e6:b1:2b:54:aa:f7:a7:4e:18:b0:0e:75:93:b0:33: 28:bb:9c:e3:41:c1:59:f2:8c:e3:19:17:09:3a:43: 20:64:87:4e:48:f7:84:33:9f:07:74:2c:0d:da:d8: ba:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:94:26:D4:9C:CF:70:2D:CF:59:45:9F:32:8B:39:26:E5:FD:34:E9 X509v3 Authority Key Identifier: keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:04:fb:57:5f:ae:68:41:3f:bd:11:df:41:5b:39:53:1e:78: 13:07:0b:ad:94:50:02:86:62:44:e3:30:1d:42:49:2e:59:73: e5:0e:9e:80:09:8d:0b:17:53:bf:58:48:0e:84:d3:e6:df:18: 8e:f8:bb:41:d9:3c:7c:ad:0e:de:f6:99:66:ad:80:80:0f:6b: f5:65:2a:da:2e:86:9a:0b:c2:6a:f3:8b:c5:0e:7f:69:39:a6: 6a:dc:b2:fc:75:05:d9:e2:a8:72:aa:51:1c:9a:f5:bd:40:57: 23:d5:1d:54:7d:e6:6b:46:b8:de:1a:0d:38:e8:34:be:40:45: 7c:ed:8c:e7:f7:9f:50:2c:9f:d4:c1:7c:3b:d1:58:62:2f:53: 33:89:00:29:c8:4c:5d:70:e2:19:92:b5:70:69:d6:fd:99:22: 3b:6b:23:bf:b1:96:08:2f:79:3d:ff:0c:cf:15:95:52:49:35: 5a:45:a1:04:5c:78:b6:7b:6e:34:06:3c:0a:16:d2:e7:d1:5c: 87:fe:cb:6e:23:4a:0f:11:76:22:55:87:a1:b1:52:9d:c6:94: 38:22:f5:eb:e3:6a:76:ae:fd:85:15:ac:16:77:d1:60:1c:fb: 9f:80:13:36:9d:e0:68:a9:26:91:20:da:b8:92:d8:7f:b5:f6: ff:36:55:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydnbbQkXFolD+JQMqi16MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy Zjg3MDMwHhcNMjUxMjA2MDcwMDQxWhcNMjUxMjA3MDcwMDQxWjAzMTEwLwYDVQQD Eyg2Zjk0MjZkNDljY2Y3MDJkY2Y1OTQ1OWYzMjhiMzkyNmU1ZmQzNGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgHGelTD4NBRTgWWVuH7rEfEN+PN nZ5ygrphLRVKypk1zHeFHpcNs+N3FZKHC2jyvBra86Xgkyx5SvONrNUh3INS///e JaZvaXJ7dSCHKpmgy7joA7KwXpIKhjORSbcodzZTmzdGJZGwtWGbi6k3S9A/2hfM 2I1nnActygd40JtdDfAwg49NRYD4QPTqPAvGMBmDWkp9Th1cdcToPNLzSWC6i6x1 GpjJ6xcci+EefMVgn5S42Iv8qmih2dKGca/9wrQPGnVTrzJFL7Q/9zT6DyrmsStU qvenThiwDnWTsDMou5zjQcFZ8ozjGRcJOkMgZIdOSPeEM58HdCwN2ti6SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG+UJtScz3Atz1lFnzKLOSbl/TTpMB8GA1UdIwQY MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQgT7V1+u aEE/vRHfQVs5Ux54EwcLrZRQAoZiROMwHUJJLllz5Q6egAmNCxdTv1hIDoTT5t8Y jvi7Qdk8fK0O3vaZZq2AgA9r9WUq2i6GmgvCavOLxQ5/aTmmatyy/HUF2eKocqpR HJr1vUBXI9UdVH3ma0a43hoNOOg0vkBFfO2M5/efUCyf1MF8O9FYYi9TM4kAKchM XXDiGZK1cGnW/ZkiO2sjv7GWCC95Pf8MzxWVUkk1WkWhBFx4tntuNAY8ChbS59Fc h/7LbiNKDxF2IlWHobFSncaUOCL16+Nqdq79hRWsFnfRYBz7n4ATNp3gaKkmkSDa uJLYf7X2/zZVGw== -----END CERTIFICATE-----Generated at Sat Dec 6 14:23:47 2025 by rpki-client