This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft File: qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json) Hash identifier: 8L5OkqcWfKfPm3K5cjjfxxhoxg+AyJFQ5BXC6yxfXfk= Subject key identifier: 2A:2B:72:33:78:1D:28:6A:9A:23:A4:43:BE:39:2E:B9:B6:F9:F7:9A Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04 Certificate issuer: /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04 Certificate serial: 019AF12E318520D3942B56EB7D59DC001828 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft Manifest number: 07FD Signing time: Sat 06 Dec 2025 01:02:07 +0000 Manifest this update: Sat 06 Dec 2025 01:02:07 +0000 Manifest next update: Sun 07 Dec 2025 01:02:07 +0000 Files and hashes: 1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: uM8Bw5PUicfeBzIAb0wAzRPPYvFimrEMSfNnLeH94Dk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:31:85:20:d3:94:2b:56:eb:7d:59:dc:00:18:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04 Validity Not Before: Dec 6 01:02:07 2025 GMT Not After : Dec 7 01:02:07 2025 GMT Subject: CN=2a2b7233781d286a9a23a443be392eb9b6f9f79a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f8:5b:09:90:8e:79:e9:45:f9:9d:79:59:a9: d2:b4:e0:de:c1:3a:0e:1c:72:03:e5:5d:cf:c4:a9: ba:e4:bd:63:4a:ae:f2:cb:e5:a4:8b:e4:bf:3f:43: 68:e7:12:5a:0b:35:f4:39:ff:f2:0d:3e:6e:79:ec: 60:b5:f6:db:73:34:eb:83:a7:9c:c8:06:5c:58:ff: c2:aa:57:9e:d8:58:c5:3a:7b:89:5f:20:93:f1:55: f6:79:1c:fe:2c:3c:9f:90:79:9f:4c:c4:5a:20:df: db:35:2b:07:61:cf:ce:88:d3:6b:48:40:83:9a:1d: 41:61:ab:14:9f:bc:19:33:1b:34:1d:f4:8d:bf:1d: 10:f5:61:07:ea:4b:59:f0:e7:26:07:10:df:cd:84: 5e:83:61:19:7c:eb:b4:84:c8:ef:1e:55:27:22:c1: aa:25:d0:34:9f:57:8f:f0:b5:cf:99:7e:7f:c5:90: 24:af:da:8d:02:1a:bd:77:25:95:e2:23:2e:2f:20: af:30:d3:65:21:62:5c:b3:85:41:30:7f:e4:a9:ca: 7d:16:1a:c6:6a:f0:79:00:53:ec:c8:6c:f2:39:e0: c1:cc:c9:4b:9d:f9:66:c3:d6:4e:13:1f:ba:2c:6f: f1:66:40:ef:d3:03:41:02:72:9d:77:44:de:b3:7c: ea:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:2B:72:33:78:1D:28:6A:9A:23:A4:43:BE:39:2E:B9:B6:F9:F7:9A X509v3 Authority Key Identifier: keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:24:9e:65:cb:00:36:71:e5:19:28:29:e0:5e:7c:ac:de:5a: 7a:22:cb:3f:16:76:80:1c:4c:cd:16:12:74:15:68:1d:7e:6d: 88:83:a2:9e:95:53:8a:7d:ca:fd:39:42:88:0b:36:20:4a:cc: 13:0d:3c:ec:93:c1:8b:d0:eb:90:06:01:7f:56:a6:41:5f:55: 7b:2d:b6:a8:34:03:da:1a:22:1a:73:2b:02:76:15:a4:b4:9d: 52:ad:2d:fb:c9:f4:5e:6c:1b:62:5c:13:e1:cf:b6:54:a9:96: cc:a2:81:3c:88:a0:d3:71:bf:cb:fa:c5:b3:63:f6:ab:7f:ca: 66:a3:3c:4a:01:44:e0:1d:19:22:be:4e:fb:d5:9f:da:78:4a: af:53:c2:3d:5e:48:0a:f2:08:ef:03:d5:80:02:fe:9e:47:2e: c0:0a:4a:02:b6:04:92:fe:60:9a:eb:d5:d9:37:74:af:24:d1: 06:c0:ed:55:66:6f:b8:65:67:75:fc:e1:4e:f7:15:ed:ce:62: 70:7a:c1:5e:5b:eb:50:58:6b:c2:40:0f:bf:ef:19:68:36:a6: 0a:5b:4b:74:94:5a:e9:1a:7c:04:5d:48:60:69:35:58:53:07: ca:81:43:dd:37:fe:f2:63:33:1b:cf:cb:d8:fa:3f:42:0e:8e: 4d:9b:9d:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLjGFINOUK1brfVncABgoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy MjJmMDQwHhcNMjUxMjA2MDEwMjA3WhcNMjUxMjA3MDEwMjA3WjAzMTEwLwYDVQQD EygyYTJiNzIzMzc4MWQyODZhOWEyM2E0NDNiZTM5MmViOWI2ZjlmNzlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PhbCZCOeelF+Z15WanStODewToO HHID5V3PxKm65L1jSq7yy+Wki+S/P0No5xJaCzX0Of/yDT5ueexgtfbbczTrg6ec yAZcWP/Cqlee2FjFOnuJXyCT8VX2eRz+LDyfkHmfTMRaIN/bNSsHYc/OiNNrSECD mh1BYasUn7wZMxs0HfSNvx0Q9WEH6ktZ8OcmBxDfzYReg2EZfOu0hMjvHlUnIsGq JdA0n1eP8LXPmX5/xZAkr9qNAhq9dyWV4iMuLyCvMNNlIWJcs4VBMH/kqcp9FhrG avB5AFPsyGzyOeDBzMlLnflmw9ZOEx+6LG/xZkDv0wNBAnKdd0Tes3zqHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCorcjN4HShqmiOkQ745Lrm2+feaMB8GA1UdIwQY MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2 LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANySeZcsA NnHlGSgp4F58rN5aeiLLPxZ2gBxMzRYSdBVoHX5tiIOinpVTin3K/TlCiAs2IErM Ew087JPBi9DrkAYBf1amQV9Vey22qDQD2hoiGnMrAnYVpLSdUq0t+8n0XmwbYlwT 4c+2VKmWzKKBPIig03G/y/rFs2P2q3/KZqM8SgFE4B0ZIr5O+9Wf2nhKr1PCPV5I CvII7wPVgAL+nkcuwApKArYEkv5gmuvV2Td0ryTRBsDtVWZvuGVndfzhTvcV7c5i cHrBXlvrUFhrwkAPv+8ZaDamCltLdJRa6Rp8BF1IYGk1WFMHyoFD3Tf+8mMzG8/L 2Po/Qg6OTZudOA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:24:26 2025 by rpki-client