This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft File: qafBolN_0DVAh1mXh8qoQv7WC38.mft (raw, json) Hash identifier: 58qkSVxc/hDEP2wNWQ+A0H7caayN9zaByeoS9ykcNaE= Subject key identifier: EF:2A:C0:C2:18:52:DD:30:F2:42:5D:AE:63:00:D0:AA:A4:CC:A6:F2 Authority key identifier: A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F Certificate issuer: /CN=a9a7c1a2537fd0354087599787caa842fed60b7f Certificate serial: 019AF12E947F2454DB52BB490FD56D53A74A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft Manifest number: 0A00 Signing time: Sat 06 Dec 2025 01:02:32 +0000 Manifest this update: Sat 06 Dec 2025 01:02:32 +0000 Manifest next update: Sun 07 Dec 2025 01:02:32 +0000 Files and hashes: 1: qafBolN_0DVAh1mXh8qoQv7WC38.crl (hash: frOXnT2pJkqoc6+6Jc5EcflbmDc7udkCxvvyHVzwisI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:94:7f:24:54:db:52:bb:49:0f:d5:6d:53:a7:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a9a7c1a2537fd0354087599787caa842fed60b7f Validity Not Before: Dec 6 01:02:32 2025 GMT Not After : Dec 7 01:02:32 2025 GMT Subject: CN=ef2ac0c21852dd30f2425dae6300d0aaa4cca6f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bf:17:20:a0:02:74:8e:27:08:4b:ec:63:50: 84:52:18:9f:94:76:3a:07:57:c7:13:a6:b6:1e:09: f3:37:47:b9:33:08:e3:31:7e:54:fb:a7:83:97:4b: 7a:63:2e:bb:df:db:d7:0b:f6:2d:6a:0a:28:59:73: 2c:ca:d0:b5:ab:f4:f2:9a:0c:43:e3:c5:c4:19:91: a9:96:69:7a:4e:e2:92:9a:71:f8:c1:d6:42:b8:e8: 74:8c:5e:54:15:76:99:7f:22:81:aa:5f:d5:a0:86: 2f:0c:77:bf:0c:27:f3:55:92:ee:96:a9:06:cd:cf: ad:44:2f:6a:ed:be:b8:74:8a:d9:c0:e2:a7:9e:fa: b6:25:01:81:e7:16:59:e2:8d:41:04:b0:0d:e2:7f: 7c:a7:e7:35:d9:d2:95:22:a3:db:99:0c:c1:f1:36: 81:22:ad:5e:7a:cc:6a:60:54:1d:a5:e8:4e:a9:f8: 22:3a:a5:1d:af:86:7f:7f:60:44:7f:44:37:71:1b: ac:58:65:e2:1b:3c:fb:b8:16:e3:5a:42:d3:5e:da: 7e:0b:1e:fa:b4:09:00:ed:33:2f:4a:de:48:18:d1: e3:cc:fc:cb:d7:ab:90:05:90:de:ba:23:20:3b:71: a0:e8:1f:69:df:5e:ff:3d:3b:5d:3f:57:0e:84:41: 50:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:2A:C0:C2:18:52:DD:30:F2:42:5D:AE:63:00:D0:AA:A4:CC:A6:F2 X509v3 Authority Key Identifier: keyid:A9:A7:C1:A2:53:7F:D0:35:40:87:59:97:87:CA:A8:42:FE:D6:0B:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qafBolN_0DVAh1mXh8qoQv7WC38.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f08304-3f78-470c-b6e1-48f1e5109047/1/qafBolN_0DVAh1mXh8qoQv7WC38.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:15:f3:e3:a9:8e:79:ee:e5:99:4a:95:b6:04:90:33:78:6c: a6:ae:0d:6f:4b:9c:36:7f:83:15:1d:42:70:0d:82:5f:46:7a: 0b:3f:77:5e:b1:02:70:59:81:83:f3:5e:bf:d5:35:09:2c:81: 23:f6:fa:27:68:b9:e1:a1:0b:3b:99:5e:3f:4d:9a:6b:d3:be: 9c:8c:6c:b3:01:ab:54:9d:24:69:3b:44:34:9f:48:ba:15:94: f9:c9:45:c9:51:b7:b9:26:bb:07:4a:73:68:5f:a8:a4:a7:8a: e2:18:89:f0:39:4f:b7:76:81:02:87:aa:7c:5f:ce:29:79:2d: 8e:25:89:69:21:75:af:9a:19:55:12:54:32:5b:26:fb:53:2e: 35:a3:1e:4d:97:61:cf:d8:1b:ac:e0:1c:5b:e3:b7:b6:ce:80: c2:27:76:2d:67:16:49:1c:7a:99:e3:ac:15:bc:55:d1:5e:de: 22:dc:74:c8:22:15:39:75:00:5a:6d:8d:a3:7c:e8:43:d9:38: ce:05:b5:3d:31:89:87:16:18:f4:a9:22:95:60:25:fb:9f:cc: 2f:da:93:74:7f:6b:e6:38:18:80:79:71:d6:ee:f9:61:aa:5f: 87:c4:83:ba:97:e3:b7:71:99:e5:3d:50:99:19:94:7d:8b:de: 9a:c3:72:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLpR/JFTbUrtJD9VtU6dKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5YTdjMWEyNTM3ZmQwMzU0MDg3NTk5Nzg3Y2FhODQyZmVk NjBiN2YwHhcNMjUxMjA2MDEwMjMyWhcNMjUxMjA3MDEwMjMyWjAzMTEwLwYDVQQD EyhlZjJhYzBjMjE4NTJkZDMwZjI0MjVkYWU2MzAwZDBhYWE0Y2NhNmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs78XIKACdI4nCEvsY1CEUhiflHY6 B1fHE6a2HgnzN0e5MwjjMX5U+6eDl0t6Yy6739vXC/YtagooWXMsytC1q/TymgxD 48XEGZGplml6TuKSmnH4wdZCuOh0jF5UFXaZfyKBql/VoIYvDHe/DCfzVZLulqkG zc+tRC9q7b64dIrZwOKnnvq2JQGB5xZZ4o1BBLAN4n98p+c12dKVIqPbmQzB8TaB Iq1eesxqYFQdpehOqfgiOqUdr4Z/f2BEf0Q3cRusWGXiGzz7uBbjWkLTXtp+Cx76 tAkA7TMvSt5IGNHjzPzL16uQBZDeuiMgO3Gg6B9p317/PTtdP1cOhEFQJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO8qwMIYUt0w8kJdrmMA0KqkzKbyMB8GA1UdIwQY MBaAFKmnwaJTf9A1QIdZl4fKqEL+1gt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEt NDhmMWU1MTA5MDQ3LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9mMDgzMDQtM2Y3OC00NzBjLWI2ZTEtNDhmMWU1MTA5MDQ3 LzEvcWFmQm9sTl8wRFZBaDFtWGg4cW9RdjdXQzM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHRXz46mO ee7lmUqVtgSQM3hspq4Nb0ucNn+DFR1CcA2CX0Z6Cz93XrECcFmBg/Nev9U1CSyB I/b6J2i54aELO5leP02aa9O+nIxsswGrVJ0kaTtENJ9IuhWU+clFyVG3uSa7B0pz aF+opKeK4hiJ8DlPt3aBAoeqfF/OKXktjiWJaSF1r5oZVRJUMlsm+1MuNaMeTZdh z9gbrOAcW+O3ts6Awid2LWcWSRx6meOsFbxV0V7eItx0yCIVOXUAWm2No3zoQ9k4 zgW1PTGJhxYY9KkilWAl+5/ML9qTdH9r5jgYgHlx1u75Yapfh8SDupfjt3GZ5T1Q mRmUfYvemsNyJA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:58:20 2025 by rpki-client