This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft File: MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json) Hash identifier: KvXKCD+gz5Qmuejrt8xokqLULF6N33OsVYE+eJx3EYA= Subject key identifier: A3:15:EF:2C:77:67:2A:07:8C:E5:E9:D3:34:99:A5:03:89:28:80:9A Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48 Certificate issuer: /CN=30df902a8169285a1e09c9703c63a0f3d4adee48 Certificate serial: 019B59E3CABE68E01F350E4D1E3EE7C78121 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft Manifest number: 07E3 Signing time: Fri 26 Dec 2025 09:00:59 +0000 Manifest this update: Fri 26 Dec 2025 09:00:59 +0000 Manifest next update: Sat 27 Dec 2025 09:00:59 +0000 Files and hashes: 1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: 7fbGMQQFlC9aosC0TT6xzyevDccHJ65bw6jvQYAm7Ec=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:ca:be:68:e0:1f:35:0e:4d:1e:3e:e7:c7:81:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48 Validity Not Before: Dec 26 09:00:59 2025 GMT Not After : Dec 27 09:00:59 2025 GMT Subject: CN=a315ef2c77672a078ce5e9d33499a5038928809a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:c4:a0:59:d1:71:59:97:eb:66:ca:c4:d9:52: 5b:1c:bb:1d:c9:82:ff:4b:a6:56:26:38:c8:c4:9d: b3:18:b1:40:3e:92:fd:6d:18:f0:75:ab:fc:02:3a: 18:8d:d7:49:73:cb:5b:39:88:ea:d7:e6:62:da:eb: 3f:d3:51:37:a1:f1:83:a5:f9:92:9e:e1:d6:ef:10: aa:e4:7a:31:dc:e9:41:42:bc:f7:5d:98:df:e1:ab: d7:ef:3c:19:c8:8e:db:ba:4c:a6:80:68:07:d0:42: c4:db:33:32:93:ab:d8:15:d6:c7:30:04:ba:27:90: 93:79:95:ae:7a:e3:30:93:a4:4f:0c:b2:9c:40:a1: a5:3a:4d:15:54:a1:5b:58:85:d5:b1:61:de:5c:f2: 9c:c6:f0:61:bd:1b:42:db:f3:7c:09:90:c8:f2:41: bb:a5:88:ea:06:a7:d0:6e:79:ce:b8:de:e8:2f:73: 4e:60:45:ff:2a:93:fa:c2:0d:32:8a:9c:cb:ba:a7: bc:8c:9f:a3:06:54:31:15:bb:df:0e:79:92:42:6b: 2c:96:74:4c:e6:4f:9d:d1:47:8e:b3:07:26:d1:e3: bf:05:fd:7f:21:88:b3:b9:81:ad:d4:cd:d7:fe:48: 7e:dc:0c:00:24:b4:c3:cb:01:1e:af:ca:66:11:7c: 56:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:15:EF:2C:77:67:2A:07:8C:E5:E9:D3:34:99:A5:03:89:28:80:9A X509v3 Authority Key Identifier: keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:36:1e:50:3b:a3:14:29:54:20:02:6a:d6:59:3e:df:15:27: 34:56:cc:c5:d4:ca:9b:a0:3d:c0:50:e6:c9:f9:ac:1c:9f:9f: d8:68:6d:f7:cb:96:a7:4a:08:88:d2:52:44:a9:a8:5d:45:42: 5d:e2:f2:2d:ec:6b:7c:17:5a:7e:9f:37:50:fa:04:4d:83:5d: 9c:f6:05:97:f6:2c:42:fb:4d:92:14:90:f6:4b:6b:e8:42:1f: a0:92:ef:aa:26:24:2f:46:e3:21:77:c9:36:17:40:09:c2:d4: 2c:ec:ad:9f:13:03:8d:74:66:74:aa:ce:71:ff:7b:4d:ff:bc: 70:48:28:6c:a0:70:d4:d9:03:23:ea:08:67:16:95:0e:39:43: 6b:32:20:72:d7:f9:37:0c:fa:bb:ea:56:90:fa:6b:72:ce:9b: d3:61:27:85:42:91:99:ac:35:62:38:89:e5:80:ff:7c:bf:7b: 57:57:65:61:6b:0a:3d:65:5d:fd:b3:e3:ac:cb:05:e8:d1:f9: 61:f4:26:66:3d:65:00:29:ac:c4:9d:3d:9c:ab:43:76:fe:62: 62:ed:2c:31:6d:66:03:c3:82:ba:1a:50:a9:03:7d:31:44:13: 77:9e:84:8a:fd:8d:93:d0:9d:a8:09:bc:12:38:3a:63:4f:e1: e5:a3:47:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ48q+aOAfNQ5NHj7nx4EhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh ZGVlNDgwHhcNMjUxMjI2MDkwMDU5WhcNMjUxMjI3MDkwMDU5WjAzMTEwLwYDVQQD EyhhMzE1ZWYyYzc3NjcyYTA3OGNlNWU5ZDMzNDk5YTUwMzg5Mjg4MDlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8SgWdFxWZfrZsrE2VJbHLsdyYL/ S6ZWJjjIxJ2zGLFAPpL9bRjwdav8AjoYjddJc8tbOYjq1+Zi2us/01E3ofGDpfmS nuHW7xCq5Hox3OlBQrz3XZjf4avX7zwZyI7bukymgGgH0ELE2zMyk6vYFdbHMAS6 J5CTeZWueuMwk6RPDLKcQKGlOk0VVKFbWIXVsWHeXPKcxvBhvRtC2/N8CZDI8kG7 pYjqBqfQbnnOuN7oL3NOYEX/KpP6wg0yipzLuqe8jJ+jBlQxFbvfDnmSQmsslnRM 5k+d0UeOswcm0eO/Bf1/IYizuYGt1M3X/kh+3AwAJLTDywEer8pmEXxWkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKMV7yx3ZyoHjOXp0zSZpQOJKICaMB8GA1UdIwQY MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfzYeUDuj FClUIAJq1lk+3xUnNFbMxdTKm6A9wFDmyfmsHJ+f2Ght98uWp0oIiNJSRKmoXUVC XeLyLexrfBdafp83UPoETYNdnPYFl/YsQvtNkhSQ9ktr6EIfoJLvqiYkL0bjIXfJ NhdACcLULOytnxMDjXRmdKrOcf97Tf+8cEgobKBw1NkDI+oIZxaVDjlDazIgctf5 Nwz6u+pWkPprcs6b02EnhUKRmaw1YjiJ5YD/fL97V1dlYWsKPWVd/bPjrMsF6NH5 YfQmZj1lACmsxJ09nKtDdv5iYu0sMW1mA8OCuhpQqQN9MUQTd56Eiv2Nk9CdqAm8 Ejg6Y0/h5aNHgA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:55:00 2025 by rpki-client