This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft File: PqU6yajcRG-34BE7aLOOlwwZ98w.mft (raw, json) Hash identifier: SWtdb9GiTjITAitRFvBlER6J8XyYuLWnbFp4O5kFy1A= Subject key identifier: 10:B2:0E:24:A9:70:EB:39:2D:0C:77:FC:AF:77:00:E0:79:35:FB:D2 Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc Certificate serial: 019B5A519A07F2D06CAB4148FAAF4C8E2D8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft Manifest number: 1725 Signing time: Fri 26 Dec 2025 11:00:55 +0000 Manifest this update: Fri 26 Dec 2025 11:00:55 +0000 Manifest next update: Sat 27 Dec 2025 11:00:55 +0000 Files and hashes: 1: PqU6yajcRG-34BE7aLOOlwwZ98w.crl (hash: 49niinta/ftmQfMBTYbZmanQT9Vvli7FOiDtU8HgAtI=) 2: ZFcvFlhDWryyoXWXMpIDlrIOANM.roa (hash: vf4LDljSHDeogKMO6SAS7Y9xTDtYGGINc31+p97CZuM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:9a:07:f2:d0:6c:ab:41:48:fa:af:4c:8e:2d:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc Validity Not Before: Dec 26 11:00:55 2025 GMT Not After : Dec 27 11:00:55 2025 GMT Subject: CN=10b20e24a970eb392d0c77fcaf7700e07935fbd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:8c:6b:96:b9:71:75:3f:2b:92:ce:a0:0f:8e: ca:fd:56:e9:8b:91:2d:65:02:3f:79:23:31:73:b0: 4d:ac:37:17:d5:c5:0e:e1:c8:a1:a0:48:9e:63:b2: 5a:64:26:df:22:b1:c4:13:88:ac:9a:56:d4:b1:01: a8:4b:b5:05:3d:58:7c:b6:89:7b:f5:91:9b:35:4a: 17:de:62:2d:ce:bb:ac:38:e1:8a:50:a8:5c:69:7c: 5c:96:ad:b9:36:4b:c3:ee:2e:0a:f9:49:47:ec:b3: 09:0f:69:d1:35:e1:0c:78:e0:73:f3:64:4e:5e:5e: f1:ec:f5:51:3d:59:7d:dd:27:1b:c4:40:57:04:12: 63:ce:b6:21:90:83:7c:fd:bd:9f:22:ef:5f:9d:12: ed:e0:03:0a:35:a5:e6:65:c9:1e:7f:68:df:65:e0: 6e:37:c5:57:5b:44:7f:1f:c6:ce:a4:6f:40:8c:e0: e5:f2:5e:0d:7b:3c:04:6d:9e:d8:b6:c5:b7:29:1b: 33:49:3a:b9:b6:d5:a4:66:74:c5:3f:8e:83:89:f6: 10:1b:17:35:dd:57:82:59:18:f3:05:bd:fd:d8:b7: 20:20:29:17:98:01:22:34:5e:67:c0:6a:67:8b:47: 8c:2f:9e:18:e7:84:09:f4:cc:30:ad:fe:86:87:66: be:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:B2:0E:24:A9:70:EB:39:2D:0C:77:FC:AF:77:00:E0:79:35:FB:D2 X509v3 Authority Key Identifier: keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:31:12:a9:d9:a3:e1:89:80:a4:36:64:da:df:e6:25:84:2e: b4:2a:78:85:6c:57:93:3c:32:dc:3e:73:16:b2:83:c5:a7:da: 1f:87:5e:ef:e2:df:bc:4c:85:1e:0c:82:68:8f:39:33:26:3d: 1c:83:ba:3e:3b:20:1e:7b:58:80:b4:a4:db:cb:9e:0a:e2:40: c0:e8:0d:56:10:01:b6:34:e0:84:70:d9:f6:4d:27:bb:00:60: c7:e4:fc:89:32:b6:62:3e:c8:6c:c7:c3:d0:0a:91:a7:20:9e: da:e1:b2:30:3f:ce:0e:9a:a7:3e:3d:14:8b:1b:3a:87:2a:df: 77:52:19:c2:e2:ad:c6:c2:8b:a1:a4:9b:95:b7:d3:1a:1e:76: 3f:22:da:b5:92:12:3e:51:c0:66:d3:d4:2e:cd:a7:79:87:ef: b7:de:63:cd:2f:6b:ce:60:1d:48:67:ed:51:86:5d:49:f2:6f: c5:e3:df:ea:b8:13:5c:0a:92:9d:eb:b4:5a:45:d9:61:2a:51: 30:64:b6:01:c7:d8:e1:24:c3:91:c0:ad:87:e1:7e:d1:d3:de: 6d:5b:7f:cf:9a:3d:d1:9e:1c:7e:92:01:4c:24:9b:f6:cd:da: 41:a5:d6:1c:30:2f:99:bb:71:53:69:20:f9:4a:ac:87:b4:1a: be:67:a6:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUZoH8tBsq0FI+q9Mji2PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx OWY3Y2MwHhcNMjUxMjI2MTEwMDU1WhcNMjUxMjI3MTEwMDU1WjAzMTEwLwYDVQQD EygxMGIyMGUyNGE5NzBlYjM5MmQwYzc3ZmNhZjc3MDBlMDc5MzVmYmQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4xrlrlxdT8rks6gD47K/Vbpi5Et ZQI/eSMxc7BNrDcX1cUO4cihoEieY7JaZCbfIrHEE4ismlbUsQGoS7UFPVh8tol7 9ZGbNUoX3mItzrusOOGKUKhcaXxclq25NkvD7i4K+UlH7LMJD2nRNeEMeOBz82RO Xl7x7PVRPVl93ScbxEBXBBJjzrYhkIN8/b2fIu9fnRLt4AMKNaXmZckef2jfZeBu N8VXW0R/H8bOpG9AjODl8l4NezwEbZ7YtsW3KRszSTq5ttWkZnTFP46DifYQGxc1 3VeCWRjzBb392LcgICkXmAEiNF5nwGpni0eML54Y54QJ9Mwwrf6Gh2a+PQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBCyDiSpcOs5LQx3/K93AOB5NfvSMB8GA1UdIwQY MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct MzUxYzIxMTkyYzY1LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1 LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvDESqdmj 4YmApDZk2t/mJYQutCp4hWxXkzwy3D5zFrKDxafaH4de7+LfvEyFHgyCaI85MyY9 HIO6PjsgHntYgLSk28ueCuJAwOgNVhABtjTghHDZ9k0nuwBgx+T8iTK2Yj7IbMfD 0AqRpyCe2uGyMD/ODpqnPj0Uixs6hyrfd1IZwuKtxsKLoaSblbfTGh52PyLatZIS PlHAZtPULs2neYfvt95jzS9rzmAdSGftUYZdSfJvxePf6rgTXAqSneu0WkXZYSpR MGS2AcfY4STDkcCth+F+0dPebVt/z5o90Z4cfpIBTCSb9s3aQaXWHDAvmbtxU2kg +Uqsh7Qavmemhg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:22 2025 by rpki-client