This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft File: qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft (raw, json) Hash identifier: OKg5zPnO83fFyXECjkDfu6i6t+83ZFVPOBjaYxB9qbA= Subject key identifier: 02:04:70:13:45:97:24:15:A7:21:EE:83:6A:FF:84:F1:AA:B0:90:2B Authority key identifier: AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04 Certificate issuer: /CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04 Certificate serial: 019B4A038B3893B7916A44A4F9174DFE4408 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft Manifest number: 082B Signing time: Tue 23 Dec 2025 07:01:44 +0000 Manifest this update: Tue 23 Dec 2025 07:01:44 +0000 Manifest next update: Wed 24 Dec 2025 07:01:44 +0000 Files and hashes: 1: qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl (hash: AFOmjq3hK8Ncj1o4M80KP1eG9DD7N+CY5JIyqAHjDDs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:03:8b:38:93:b7:91:6a:44:a4:f9:17:4d:fe:44:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa7c6435a850f0c5e99a9ce051f34bdb53222f04 Validity Not Before: Dec 23 07:01:44 2025 GMT Not After : Dec 24 07:01:44 2025 GMT Subject: CN=0204701345972415a721ee836aff84f1aab0902b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:29:a9:0b:55:ae:01:7d:2a:b3:c4:06:e4:d6: ba:2d:d4:27:9c:f4:e2:18:13:7b:f3:8c:f4:81:65: 38:6a:3e:b4:2f:56:29:d7:99:2b:b1:28:42:16:a3: 42:46:51:e2:7e:c7:c6:50:3b:32:ec:10:1e:47:2c: 12:10:bc:e3:ff:d8:01:52:4d:a6:5b:69:06:f9:2b: e7:4e:57:69:93:0d:d8:12:41:1f:fa:3a:8f:7d:0c: 57:e4:c6:75:ae:9e:d5:9f:73:3f:cf:2d:fd:42:61: 4f:33:c2:da:d5:f3:4a:aa:e2:e5:69:cd:ae:93:9c: be:5d:fe:f7:74:ca:f5:72:18:fb:86:0d:f0:b4:98: 4c:8b:84:27:0d:99:27:4d:36:b0:0f:5d:02:42:b5: 97:cf:10:94:5c:b6:c0:22:eb:fc:83:b1:01:8c:cc: 2d:d7:df:64:03:64:55:04:02:f8:75:21:b5:bc:b3: 46:b8:de:6a:5c:ee:b9:e1:25:11:06:17:35:1e:e2: 17:b2:45:c4:b7:13:60:02:a0:bb:c1:f6:87:c7:dd: f8:97:a9:72:1b:6f:89:c6:47:aa:74:e6:07:82:77: 78:4c:b2:7f:e6:49:63:d0:73:31:a7:ab:77:f3:9b: 27:a9:d8:e9:c5:18:9c:b7:93:3f:94:a2:01:80:1e: 06:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:04:70:13:45:97:24:15:A7:21:EE:83:6A:FF:84:F1:AA:B0:90:2B X509v3 Authority Key Identifier: keyid:AA:7C:64:35:A8:50:F0:C5:E9:9A:9C:E0:51:F3:4B:DB:53:22:2F:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnxkNahQ8MXpmpzgUfNL21MiLwQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d9093-fb6d-47f6-8acd-c780ed612366/1/qnxkNahQ8MXpmpzgUfNL21MiLwQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:19:2a:54:e3:be:21:6e:ed:53:ce:7d:48:b9:4f:22:04:ed: 2a:b8:29:f9:70:f6:37:f6:5e:36:1f:0b:76:db:72:c5:2b:b7: be:ab:21:33:85:50:1a:a9:18:6c:71:78:75:25:4a:75:fb:9c: 2b:ba:b4:e9:9d:b5:e1:4c:80:bc:79:49:5a:59:17:cf:26:a4: 5d:a6:61:39:f4:7e:04:29:51:c5:b6:cd:56:a6:82:9b:5c:ef: 4b:44:2e:c9:7f:92:12:07:71:7b:d4:d0:93:c5:4f:64:f9:84: 9b:6b:91:a8:01:78:8b:1d:13:09:3b:af:17:cf:d8:8b:0a:37: 0d:82:b3:16:73:41:9f:94:58:42:b1:c0:d0:4d:a7:15:38:82: fe:2e:e9:37:8d:b7:98:f3:04:ca:8f:76:f9:9a:6d:a0:d4:73: 84:7f:37:5e:2d:7b:3c:6e:af:29:e0:e0:0c:30:e7:b0:38:01: 10:e0:61:8c:d0:bd:aa:6b:d9:29:f3:3f:dd:e4:1c:d8:b0:31: 4a:c9:97:8d:2c:09:8b:e8:62:84:fb:2d:ff:e8:e1:c2:4f:fb: 2f:af:d8:1c:95:9c:96:ad:b9:68:88:a8:b0:05:a8:ff:6d:41: 85:9d:54:32:13:74:86:c3:ec:99:2b:a5:c1:8f:2f:87:7a:c4: 75:62:6c:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKA4s4k7eRakSk+RdN/kQIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhN2M2NDM1YTg1MGYwYzVlOTlhOWNlMDUxZjM0YmRiNTMy MjJmMDQwHhcNMjUxMjIzMDcwMTQ0WhcNMjUxMjI0MDcwMTQ0WjAzMTEwLwYDVQQD EygwMjA0NzAxMzQ1OTcyNDE1YTcyMWVlODM2YWZmODRmMWFhYjA5MDJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SmpC1WuAX0qs8QG5Na6LdQnnPTi GBN784z0gWU4aj60L1Yp15krsShCFqNCRlHifsfGUDsy7BAeRywSELzj/9gBUk2m W2kG+SvnTldpkw3YEkEf+jqPfQxX5MZ1rp7Vn3M/zy39QmFPM8La1fNKquLlac2u k5y+Xf73dMr1chj7hg3wtJhMi4QnDZknTTawD10CQrWXzxCUXLbAIuv8g7EBjMwt 199kA2RVBAL4dSG1vLNGuN5qXO654SURBhc1HuIXskXEtxNgAqC7wfaHx934l6ly G2+JxkeqdOYHgnd4TLJ/5klj0HMxp6t385snqdjpxRict5M/lKIBgB4GnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAIEcBNFlyQVpyHug2r/hPGqsJArMB8GA1UdIwQY MBaAFKp8ZDWoUPDF6Zqc4FHzS9tTIi8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2Qt Yzc4MGVkNjEyMzY2LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC80ZDkwOTMtZmI2ZC00N2Y2LThhY2QtYzc4MGVkNjEyMzY2 LzEvcW54a05haFE4TVhwbXB6Z1VmTkwyMU1pTHdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRkqVOO+ IW7tU859SLlPIgTtKrgp+XD2N/ZeNh8LdttyxSu3vqshM4VQGqkYbHF4dSVKdfuc K7q06Z214UyAvHlJWlkXzyakXaZhOfR+BClRxbbNVqaCm1zvS0QuyX+SEgdxe9TQ k8VPZPmEm2uRqAF4ix0TCTuvF8/Yiwo3DYKzFnNBn5RYQrHA0E2nFTiC/i7pN423 mPMEyo92+ZptoNRzhH83Xi17PG6vKeDgDDDnsDgBEOBhjNC9qmvZKfM/3eQc2LAx SsmXjSwJi+hihPst/+jhwk/7L6/YHJWclq25aIiosAWo/21BhZ1UMhN0hsPsmSul wY8vh3rEdWJszg== -----END CERTIFICATE-----Generated at Tue Dec 23 12:59:11 2025 by rpki-client