This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json) Hash identifier: s95l+PACf6tckEBBWz4Tkju5+f1N6VOPubNRqQBL554= Subject key identifier: 7B:B7:4A:C4:C8:E6:4E:66:4A:AC:6A:42:4A:DD:0F:05:76:D4:0C:B2 Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Certificate serial: 019B5ABF4002E41E5EF67C90BC5A465B4AD5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft Manifest number: 09A7 Signing time: Fri 26 Dec 2025 13:00:41 +0000 Manifest this update: Fri 26 Dec 2025 13:00:41 +0000 Manifest next update: Sat 27 Dec 2025 13:00:41 +0000 Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: cmldZuleL7YbjnfEGc55f1h5CSbSuVG0lKoNCvapEyE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:40:02:e4:1e:5e:f6:7c:90:bc:5a:46:5b:4a:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Validity Not Before: Dec 26 13:00:41 2025 GMT Not After : Dec 27 13:00:41 2025 GMT Subject: CN=7bb74ac4c8e64e664aac6a424add0f0576d40cb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e3:5d:24:91:15:ee:97:0e:58:eb:17:8d:81: b4:fa:47:b0:3a:52:4c:15:80:89:b9:d5:cd:ac:97: bc:a2:8d:95:a2:09:c0:5f:c3:e6:b6:5b:c4:e8:da: 69:6e:d0:01:ea:5f:90:c9:ee:64:ef:c4:0e:31:da: 1d:fb:a5:c1:15:db:f4:d1:2b:f9:5c:35:a0:4a:0b: 65:9f:7d:ba:29:9c:89:e7:9a:2c:43:7b:e1:0f:1c: 33:4d:2f:b6:09:a9:92:73:c9:ee:c3:66:53:5d:0c: ac:c5:70:07:04:f9:13:22:60:ba:46:fe:29:ce:8a: 39:28:ff:35:30:47:45:77:49:32:11:d5:4a:94:bd: 26:32:24:cb:a8:ce:36:cb:ce:90:f1:51:d3:20:f1: 4b:6c:9b:38:ba:e3:10:1d:2d:5d:c7:2b:e1:61:55: ce:26:43:f8:3d:e3:30:fd:75:12:6c:0f:27:fe:19: a1:60:e8:5a:8b:7c:c7:16:a1:b2:cd:26:6f:d0:57: a1:66:3a:a6:b1:f6:06:ad:c2:f8:72:95:77:23:53: 19:c5:18:72:24:45:8a:4b:25:f6:36:4c:8f:a4:ee: 14:1e:94:d3:c0:59:78:c3:3a:1f:bb:29:9b:e5:e1: 09:28:09:27:97:e7:d6:9c:9a:b2:36:98:94:ab:99: a1:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:B7:4A:C4:C8:E6:4E:66:4A:AC:6A:42:4A:DD:0F:05:76:D4:0C:B2 X509v3 Authority Key Identifier: keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:cb:2c:a8:8a:73:d9:80:02:fd:89:d5:10:aa:1c:f0:f9:60: 36:a9:29:3e:78:7e:cc:3e:f8:1f:47:8c:10:80:18:39:7c:7c: 26:3c:c2:05:b1:5d:ea:77:1d:fe:1a:8f:32:ac:c0:22:da:99: ff:89:fd:77:02:d5:7a:5a:87:10:5c:eb:50:f3:fd:83:56:50: 2b:cd:01:8f:71:5f:0f:68:19:6e:84:2f:1e:d5:71:6b:73:8f: 10:ff:e8:4a:ef:01:0c:30:c1:c7:af:27:fc:05:0d:2e:e2:93: 2e:c1:ae:46:fc:cb:69:f1:3a:b1:e5:53:3a:83:3e:f6:78:f1: ec:cb:84:46:ac:df:c7:4f:8a:ca:47:80:1d:64:f0:dc:bb:8f: bb:9f:d0:59:bc:aa:6c:ec:9e:ad:d4:ff:e6:77:50:4a:fc:c8: e3:c2:66:54:dd:c7:72:ef:40:aa:8c:54:2f:19:56:e9:a8:3f: 0a:94:78:fc:6b:af:b7:42:b6:93:53:1f:c9:72:f3:18:3c:ec: 0f:34:5b:13:f6:0d:f2:1a:c3:11:61:93:9b:ac:4f:3c:e3:a8: 52:68:03:de:40:97:70:24:58:75:0a:96:d1:d7:c2:d1:29:d1: 88:02:ae:bb:e6:e5:d9:a7:83:48:cb:1a:fd:60:05:fe:13:1e: 36:be:0f:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav0AC5B5e9nyQvFpGW0rVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy Zjg3MDMwHhcNMjUxMjI2MTMwMDQxWhcNMjUxMjI3MTMwMDQxWjAzMTEwLwYDVQQD Eyg3YmI3NGFjNGM4ZTY0ZTY2NGFhYzZhNDI0YWRkMGYwNTc2ZDQwY2IyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuNdJJEV7pcOWOsXjYG0+kewOlJM FYCJudXNrJe8oo2VognAX8PmtlvE6NppbtAB6l+Qye5k78QOMdod+6XBFdv00Sv5 XDWgSgtln326KZyJ55osQ3vhDxwzTS+2CamSc8nuw2ZTXQysxXAHBPkTImC6Rv4p zoo5KP81MEdFd0kyEdVKlL0mMiTLqM42y86Q8VHTIPFLbJs4uuMQHS1dxyvhYVXO JkP4PeMw/XUSbA8n/hmhYOhai3zHFqGyzSZv0FehZjqmsfYGrcL4cpV3I1MZxRhy JEWKSyX2NkyPpO4UHpTTwFl4wzofuymb5eEJKAknl+fWnJqyNpiUq5mhkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHu3SsTI5k5mSqxqQkrdDwV21AyyMB8GA1UdIwQY MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcMssqIpz 2YAC/YnVEKoc8PlgNqkpPnh+zD74H0eMEIAYOXx8JjzCBbFd6ncd/hqPMqzAItqZ /4n9dwLVelqHEFzrUPP9g1ZQK80Bj3FfD2gZboQvHtVxa3OPEP/oSu8BDDDBx68n /AUNLuKTLsGuRvzLafE6seVTOoM+9njx7MuERqzfx0+KykeAHWTw3LuPu5/QWbyq bOyerdT/5ndQSvzI48JmVN3Hcu9AqoxULxlW6ag/CpR4/Guvt0K2k1MfyXLzGDzs DzRbE/YN8hrDEWGTm6xPPOOoUmgD3kCXcCRYdQqW0dfC0SnRiAKuu+bl2aeDSMsa /WAF/hMeNr4PBQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:32 2025 by rpki-client