This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft File: MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json) Hash identifier: pJRelNa+iYnjwNrs6lNaByB8DVuqD4Zd6xLR5sn7yz0= Subject key identifier: A7:51:FC:84:9F:77:40:D4:17:3C:97:D6:F9:7C:EA:E8:D1:D0:94:5F Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48 Certificate issuer: /CN=30df902a8169285a1e09c9703c63a0f3d4adee48 Certificate serial: 019AF38933C44E166996F1F21E528AA1864C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft Manifest number: 07AE Signing time: Sat 06 Dec 2025 12:00:46 +0000 Manifest this update: Sat 06 Dec 2025 12:00:46 +0000 Manifest next update: Sun 07 Dec 2025 12:00:46 +0000 Files and hashes: 1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: t+P8OYRYOYAXcu2C6pEY8SGCZaMaHTcVpqUdGN5UQu4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:33:c4:4e:16:69:96:f1:f2:1e:52:8a:a1:86:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48 Validity Not Before: Dec 6 12:00:46 2025 GMT Not After : Dec 7 12:00:46 2025 GMT Subject: CN=a751fc849f7740d4173c97d6f97ceae8d1d0945f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:5c:60:07:ab:d8:83:72:05:4d:46:fa:9a:8a: a5:d4:cc:e4:f3:78:a0:94:b3:f5:e2:d6:a0:dc:11: 1e:62:41:6b:bb:70:6a:0f:9e:e5:5d:a5:7b:65:03: ce:df:1e:5e:42:98:07:4b:1c:dc:35:87:ba:e8:d7: f9:ab:55:67:21:5b:37:35:cd:c2:a5:01:1a:4f:01: 04:6b:ef:07:c1:a8:07:af:fd:8d:44:e9:f3:68:ca: b2:14:ef:ed:12:c9:2f:dc:1a:64:76:27:8f:f2:02: 0d:cf:ad:ff:6f:a8:c1:79:fd:75:7c:5d:61:e6:17: 2b:81:c9:27:ba:68:f0:07:7b:6e:99:87:17:3f:60: 43:d6:83:06:38:2c:2c:94:3c:96:04:8a:72:5f:ee: 6c:eb:5b:ff:8c:73:ad:0c:fd:e3:7b:12:86:2b:25: 6d:70:e8:55:85:e8:af:9f:3c:9b:de:6c:e0:c8:15: d3:00:70:f2:f6:e2:8d:b8:20:79:09:2f:b9:36:3c: ff:81:e0:f3:b6:a3:8f:e3:90:79:5a:1d:d7:02:e2: 00:0c:b7:80:ae:4c:c8:8e:6c:e1:3f:4e:58:e2:70: 17:44:27:d8:8d:60:29:30:e6:67:d0:3d:c0:ec:36: e4:b6:65:92:6b:f8:36:7c:d0:17:3c:55:b5:f4:45: e4:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:51:FC:84:9F:77:40:D4:17:3C:97:D6:F9:7C:EA:E8:D1:D0:94:5F X509v3 Authority Key Identifier: keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:d7:9a:fb:f8:34:45:c0:96:10:a8:13:a1:aa:bc:c4:80:77: 25:cf:af:37:b9:dc:14:dc:38:ca:d3:70:23:16:67:cb:6b:48: 0b:50:18:30:4d:a7:cf:f6:8d:43:b8:2a:04:95:f4:a8:2b:46: 89:9d:28:b2:fb:12:17:a7:45:f6:32:01:f3:0c:8c:3f:f7:bb: 7a:13:d0:ed:a6:9b:e1:d2:8b:d1:60:e1:88:af:7c:49:5c:d7: 59:a4:3a:6a:25:0d:18:fb:79:bb:71:dd:2c:8f:b1:72:f8:f0: a2:eb:1a:70:81:8e:8e:e8:4d:d8:ec:83:48:7b:c5:8a:a6:77: a9:58:4c:f6:9a:d9:ba:62:f0:88:76:58:b4:3f:22:cd:34:24: 79:de:59:71:86:38:84:c1:b7:4a:3f:95:3b:a4:83:bb:54:6e: 9b:5d:4e:53:78:16:63:c2:85:fa:33:95:7f:c1:bf:22:27:ce: 78:c6:f7:87:16:ca:d9:3e:62:d4:a3:75:49:27:63:d9:40:a9: 0f:16:c3:f0:0d:d1:3a:aa:04:f6:ae:34:f4:cb:f0:52:ed:50: 82:00:7e:ec:e2:b6:b0:23:81:d4:fd:cf:9c:75:e2:d2:ef:e2: 2d:32:23:6a:92:93:c8:1c:3e:af:5d:75:e3:2b:72:0c:9e:34: b7:3d:13:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziTPEThZplvHyHlKKoYZMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh ZGVlNDgwHhcNMjUxMjA2MTIwMDQ2WhcNMjUxMjA3MTIwMDQ2WjAzMTEwLwYDVQQD EyhhNzUxZmM4NDlmNzc0MGQ0MTczYzk3ZDZmOTdjZWFlOGQxZDA5NDVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FxgB6vYg3IFTUb6moql1Mzk83ig lLP14tag3BEeYkFru3BqD57lXaV7ZQPO3x5eQpgHSxzcNYe66Nf5q1VnIVs3Nc3C pQEaTwEEa+8HwagHr/2NROnzaMqyFO/tEskv3BpkdieP8gINz63/b6jBef11fF1h 5hcrgcknumjwB3tumYcXP2BD1oMGOCwslDyWBIpyX+5s61v/jHOtDP3jexKGKyVt cOhVheivnzyb3mzgyBXTAHDy9uKNuCB5CS+5Njz/geDztqOP45B5Wh3XAuIADLeA rkzIjmzhP05Y4nAXRCfYjWApMOZn0D3A7DbktmWSa/g2fNAXPFW19EXk5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKdR/ISfd0DUFzyX1vl86ujR0JRfMB8GA1UdIwQY MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN9ea+/g0 RcCWEKgToaq8xIB3Jc+vN7ncFNw4ytNwIxZny2tIC1AYME2nz/aNQ7gqBJX0qCtG iZ0osvsSF6dF9jIB8wyMP/e7ehPQ7aab4dKL0WDhiK98SVzXWaQ6aiUNGPt5u3Hd LI+xcvjwousacIGOjuhN2OyDSHvFiqZ3qVhM9prZumLwiHZYtD8izTQked5ZcYY4 hMG3Sj+VO6SDu1Rum11OU3gWY8KF+jOVf8G/IifOeMb3hxbK2T5i1KN1SSdj2UCp DxbD8A3ROqoE9q409MvwUu1QggB+7OK2sCOB1P3PnHXi0u/iLTIjapKTyBw+r111 4ytyDJ40tz0TMg== -----END CERTIFICATE-----Generated at Sat Dec 6 21:04:52 2025 by rpki-client