This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft File: QL_eNYm0RMN59zNggxsd2OovhwM.mft (raw, json) Hash identifier: z/pVfiiUWzcJyRImF+9+GvGzhxUOFrLekDjckok80wQ= Subject key identifier: A9:7B:28:A9:59:35:48:72:59:5F:F6:6C:DF:74:17:E7:A6:F2:0C:3F Authority key identifier: 40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 Certificate issuer: /CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Certificate serial: 019B77B783F702A25221257BE69BE4A7E16A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft Manifest number: 09B6 Signing time: Thu 01 Jan 2026 04:01:14 +0000 Manifest this update: Thu 01 Jan 2026 04:01:14 +0000 Manifest next update: Fri 02 Jan 2026 04:01:14 +0000 Files and hashes: 1: QL_eNYm0RMN59zNggxsd2OovhwM.crl (hash: 85SDC53Vj1l6zySXoKKfqRIW4vRH7Zcoo8Ayh5WL6zc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 04:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:b7:83:f7:02:a2:52:21:25:7b:e6:9b:e4:a7:e1:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40bfde3589b444c379f73360831b1dd8ea2f8703 Validity Not Before: Jan 1 04:01:14 2026 GMT Not After : Jan 2 04:01:14 2026 GMT Subject: CN=a97b28a959354872595ff66cdf7417e7a6f20c3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d5:1d:4f:e5:20:2d:c3:5f:e1:50:30:f5:28: ea:9c:a6:cc:61:92:ca:28:97:da:45:bd:22:9c:18: e9:b7:37:9e:76:e2:71:5e:ed:d3:65:63:e9:1b:bd: 08:c8:b8:9b:82:2b:4d:7c:ce:67:58:d3:01:f9:10: 48:94:84:d3:6e:bd:66:42:bb:94:22:36:9a:d8:c3: 6c:6e:1f:8a:f6:a3:f9:0c:b2:93:72:72:0f:c2:28: 50:b5:af:d7:50:a7:95:a8:c5:55:02:17:d7:9a:09: 3c:4c:e1:fa:61:96:ec:41:88:49:b5:37:7b:04:b9: 5b:96:3b:07:0f:10:e0:a7:ab:7e:ee:90:b6:4d:cd: d8:30:66:30:cc:43:b1:23:ef:32:e1:13:2a:02:61: 20:5b:84:6d:ab:05:f4:32:5c:68:f1:1f:be:96:d3: e5:12:8a:9d:e7:4f:93:50:7d:5d:ff:28:9c:26:0e: c8:e1:2d:77:09:1e:1e:a6:58:78:dd:91:1b:11:e8: b7:af:37:1d:95:bd:83:97:ae:98:ae:0d:20:5d:33: 94:37:f6:cc:04:bf:10:6d:a2:0e:5f:27:b7:41:69: ae:d4:f8:28:36:cd:ea:b1:95:d6:cc:47:a6:d1:e4: 73:62:27:5b:93:e2:51:ed:56:59:4d:b8:37:77:15: 1d:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:7B:28:A9:59:35:48:72:59:5F:F6:6C:DF:74:17:E7:A6:F2:0C:3F X509v3 Authority Key Identifier: keyid:40:BF:DE:35:89:B4:44:C3:79:F7:33:60:83:1B:1D:D8:EA:2F:87:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QL_eNYm0RMN59zNggxsd2OovhwM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ba011-dbef-4577-9e00-588019a6b5cb/1/QL_eNYm0RMN59zNggxsd2OovhwM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:66:dd:fe:69:c5:86:4c:88:d7:ba:aa:77:65:58:20:f5:fd: c7:15:ea:88:ac:0a:a7:a1:a4:ea:20:04:8e:fd:e6:16:51:c6: 60:75:6b:11:42:85:e2:3e:96:32:c3:73:bd:e5:a0:c8:02:ec: 37:33:a7:25:5a:7b:c6:fb:6e:71:c2:79:82:cf:03:f1:6a:69: 96:ac:91:1b:3f:e7:76:f4:f8:2d:b0:a0:d0:d9:89:5d:33:02: 2f:4f:8d:60:2a:e7:63:66:59:8a:57:e3:28:98:65:cc:32:ca: 04:d2:27:fa:9d:a3:95:b1:a0:10:84:4e:f6:38:1c:89:b0:cd: 25:e0:4b:9b:7d:23:ae:c4:ea:de:09:b3:cf:79:74:7c:d3:67: 1d:3f:a7:9f:03:7d:44:bb:9f:39:5f:af:a4:84:5d:49:46:44: c2:6e:fb:cb:1e:0e:53:e0:47:15:c6:de:c3:85:9e:b0:96:8a: 89:d8:75:69:38:3e:e5:9c:fc:96:5c:d3:da:ad:9c:d7:d9:f6: cf:41:43:e2:4b:ee:43:73:85:89:f3:b4:97:ac:bb:95:18:f0: f2:c1:0f:72:fc:2d:3c:da:27:8a:f7:c2:68:de:4b:2a:8f:4d: be:e3:e8:b9:c8:2c:6d:3d:f6:fd:06:fe:9f:d4:7f:c2:1b:84: 69:a5:b3:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt3t4P3AqJSISV75pvkp+FqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYmZkZTM1ODliNDQ0YzM3OWY3MzM2MDgzMWIxZGQ4ZWEy Zjg3MDMwHhcNMjYwMTAxMDQwMTE0WhcNMjYwMTAyMDQwMTE0WjAzMTEwLwYDVQQD EyhhOTdiMjhhOTU5MzU0ODcyNTk1ZmY2NmNkZjc0MTdlN2E2ZjIwYzNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dUdT+UgLcNf4VAw9SjqnKbMYZLK KJfaRb0inBjptzeeduJxXu3TZWPpG70IyLibgitNfM5nWNMB+RBIlITTbr1mQruU Ijaa2MNsbh+K9qP5DLKTcnIPwihQta/XUKeVqMVVAhfXmgk8TOH6YZbsQYhJtTd7 BLlbljsHDxDgp6t+7pC2Tc3YMGYwzEOxI+8y4RMqAmEgW4RtqwX0Mlxo8R++ltPl Eoqd50+TUH1d/yicJg7I4S13CR4eplh43ZEbEei3rzcdlb2Dl66Yrg0gXTOUN/bM BL8QbaIOXye3QWmu1PgoNs3qsZXWzEem0eRzYidbk+JR7VZZTbg3dxUd4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKl7KKlZNUhyWV/2bN90F+em8gw/MB8GA1UdIwQY MBaAFEC/3jWJtETDefczYIMbHdjqL4cDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAt NTg4MDE5YTZiNWNiLzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8zYmEwMTEtZGJlZi00NTc3LTllMDAtNTg4MDE5YTZiNWNi LzEvUUxfZU5ZbTBSTU41OXpOZ2d4c2QyT292aHdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJWbd/mnF hkyI17qqd2VYIPX9xxXqiKwKp6Gk6iAEjv3mFlHGYHVrEUKF4j6WMsNzveWgyALs NzOnJVp7xvtuccJ5gs8D8WpplqyRGz/ndvT4LbCg0NmJXTMCL0+NYCrnY2ZZilfj KJhlzDLKBNIn+p2jlbGgEIRO9jgcibDNJeBLm30jrsTq3gmzz3l0fNNnHT+nnwN9 RLufOV+vpIRdSUZEwm77yx4OU+BHFcbew4WesJaKidh1aTg+5Zz8llzT2q2c19n2 z0FD4kvuQ3OFifO0l6y7lRjw8sEPcvwtPNonivfCaN5LKo9NvuPoucgsbT32/Qb+ n9R/whuEaaWziw== -----END CERTIFICATE-----Generated at Thu Jan 1 14:11:42 2026 by rpki-client