This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.mft File: pQE9aytVPeF23W7IHOe5AyU5y7o.mft (raw, json) Hash identifier: 13Pag02S4bfFrMoDxJAdF1lvOt43OSFo5a0iEm9iPTU= Subject key identifier: 2D:D3:71:A3:0F:3E:2A:AD:5B:B0:BE:AE:C1:54:2C:1A:5C:A5:EE:6E Authority key identifier: A5:01:3D:6B:2B:55:3D:E1:76:DD:6E:C8:1C:E7:B9:03:25:39:CB:BA Certificate issuer: /CN=a5013d6b2b553de176dd6ec81ce7b9032539cbba Certificate serial: 019B5A887C9AA92B2F4B262A98A21E06DE13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQE9aytVPeF23W7IHOe5AyU5y7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.mft Manifest number: 0111 Signing time: Fri 26 Dec 2025 12:00:52 +0000 Manifest this update: Fri 26 Dec 2025 12:00:52 +0000 Manifest next update: Sat 27 Dec 2025 12:00:52 +0000 Files and hashes: 1: DlI7IjfwL0SAh4dXLxQbkIVO2pw.roa (hash: RanqyjCq2uxoaIpK5XkfL6r6d2TC2HkVHoF8vRXcg9U=) 2: pQE9aytVPeF23W7IHOe5AyU5y7o.crl (hash: qZTzP++t/T1L+vXSi2HKuHr3Gr619I2W/SXL9LCLWzQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.mft rsync://rpki.ripe.net/repository/DEFAULT/pQE9aytVPeF23W7IHOe5AyU5y7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:7c:9a:a9:2b:2f:4b:26:2a:98:a2:1e:06:de:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5013d6b2b553de176dd6ec81ce7b9032539cbba Validity Not Before: Dec 26 12:00:52 2025 GMT Not After : Dec 27 12:00:52 2025 GMT Subject: CN=2dd371a30f3e2aad5bb0beaec1542c1a5ca5ee6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ed:94:91:52:50:88:a6:b8:61:6b:2c:6d:c1: c2:3d:9e:f0:f5:77:3f:e2:fc:cb:ad:af:17:d7:81: d7:e2:fd:aa:c5:95:71:c4:4b:79:36:08:a8:0b:ff: fb:9c:f3:77:5a:4d:32:9b:b6:1b:54:de:b5:c3:1b: 7e:e0:e7:83:1c:20:79:1d:2f:f1:bf:43:56:a8:21: cb:38:22:23:04:8e:55:3b:ee:f8:85:b1:d8:f9:bc: 93:c1:55:c2:cd:9a:05:7b:d7:13:96:be:1f:9c:62: d4:84:47:d2:24:86:b6:e1:d1:cc:b5:4a:cf:64:3d: cf:7d:f1:0f:63:4d:10:d2:40:63:98:e6:13:cd:4d: 02:46:d4:59:fa:2f:0a:dc:29:ba:4d:e4:9f:ad:e7: 94:0b:10:0f:0d:ee:d4:ce:62:89:b0:3e:5b:d5:35: d3:c8:f0:e3:e1:c1:78:ca:d8:ec:d9:6c:8e:f1:1c: c8:36:a9:cc:dd:ba:79:9f:6b:b0:cb:62:6f:f2:aa: 57:6d:c0:5f:cf:49:fb:6a:7a:af:fb:f5:ad:a0:2c: 77:8c:f6:a7:a6:b3:87:a9:88:6e:c9:aa:50:ca:f0: b4:8e:6a:1d:dd:5e:84:77:4d:bd:43:e1:79:b5:33: 59:95:eb:ae:b5:a1:de:e5:cb:f0:1d:06:30:66:58: bb:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:D3:71:A3:0F:3E:2A:AD:5B:B0:BE:AE:C1:54:2C:1A:5C:A5:EE:6E X509v3 Authority Key Identifier: keyid:A5:01:3D:6B:2B:55:3D:E1:76:DD:6E:C8:1C:E7:B9:03:25:39:CB:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQE9aytVPeF23W7IHOe5AyU5y7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:ae:67:9f:8a:fe:7a:ed:29:eb:9b:eb:8c:9d:db:d7:6a:ef: f6:36:92:34:32:69:4b:5a:3b:c2:b9:77:b5:2c:5b:52:31:24: df:c4:5f:6e:8b:fa:f4:f1:d8:83:3d:b7:52:bc:a0:b6:b8:f6: 73:84:25:07:75:3d:64:42:bc:51:7a:7a:8e:47:9d:37:b9:69: 57:e1:d3:15:92:59:5f:54:04:d5:14:44:9d:aa:8d:a3:ee:9a: 95:59:3f:ae:1a:ca:8b:54:cc:fe:95:2f:3e:92:94:d9:91:57: 6d:f2:63:0c:38:2f:65:51:fc:07:2a:ab:8b:98:0e:0a:92:ab: 15:86:7f:35:cd:8b:62:c9:9d:79:44:6c:d6:46:e4:09:85:d4: bb:e2:82:fe:ad:38:dd:a5:6c:ba:0c:03:3d:e2:07:70:e8:3b: 70:a6:ab:ad:0f:30:b6:d8:83:7a:f1:d4:61:7e:15:2c:b0:3c: 6a:8a:be:09:ad:76:a6:f1:c6:48:b3:b6:57:34:c6:cd:c9:1e: c6:de:c3:2d:51:e4:b4:76:86:ea:ac:12:b3:f6:dc:cf:06:c3: 98:2d:da:f2:82:da:bd:eb:a2:9c:e3:11:e0:2b:d6:db:0d:40: 63:b3:0d:29:b7:be:5f:80:b6:9d:3d:5a:3f:64:38:64:4e:6a: 8f:98:ff:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiHyaqSsvSyYqmKIeBt4TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MDEzZDZiMmI1NTNkZTE3NmRkNmVjODFjZTdiOTAzMjUz OWNiYmEwHhcNMjUxMjI2MTIwMDUyWhcNMjUxMjI3MTIwMDUyWjAzMTEwLwYDVQQD EygyZGQzNzFhMzBmM2UyYWFkNWJiMGJlYWVjMTU0MmMxYTVjYTVlZTZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu2UkVJQiKa4YWssbcHCPZ7w9Xc/ 4vzLra8X14HX4v2qxZVxxEt5NgioC//7nPN3Wk0ym7YbVN61wxt+4OeDHCB5HS/x v0NWqCHLOCIjBI5VO+74hbHY+byTwVXCzZoFe9cTlr4fnGLUhEfSJIa24dHMtUrP ZD3PffEPY00Q0kBjmOYTzU0CRtRZ+i8K3Cm6TeSfreeUCxAPDe7UzmKJsD5b1TXT yPDj4cF4ytjs2WyO8RzINqnM3bp5n2uwy2Jv8qpXbcBfz0n7anqv+/WtoCx3jPan prOHqYhuyapQyvC0jmod3V6Ed029Q+F5tTNZleuutaHe5cvwHQYwZli7owIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC3TcaMPPiqtW7C+rsFULBpcpe5uMB8GA1UdIwQY MBaAFKUBPWsrVT3hdt1uyBznuQMlOcu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFFFOWF5dFZQZUYyM1c3SUhPZTVBeVU1eTdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ZDRhZTEtMTZlOC00ZmM0LWE4MWEt MTNmZDJjY2Y4NzkwLzEvcFFFOWF5dFZQZUYyM1c3SUhPZTVBeVU1eTdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC81ZDRhZTEtMTZlOC00ZmM0LWE4MWEtMTNmZDJjY2Y4Nzkw LzEvcFFFOWF5dFZQZUYyM1c3SUhPZTVBeVU1eTdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAja5nn4r+ eu0p65vrjJ3b12rv9jaSNDJpS1o7wrl3tSxbUjEk38Rfbov69PHYgz23Urygtrj2 c4QlB3U9ZEK8UXp6jkedN7lpV+HTFZJZX1QE1RREnaqNo+6alVk/rhrKi1TM/pUv PpKU2ZFXbfJjDDgvZVH8Byqri5gOCpKrFYZ/Nc2LYsmdeURs1kbkCYXUu+KC/q04 3aVsugwDPeIHcOg7cKarrQ8wttiDevHUYX4VLLA8aoq+Ca12pvHGSLO2VzTGzcke xt7DLVHktHaG6qwSs/bczwbDmC3a8oLaveuinOMR4CvW2w1AY7MNKbe+X4C2nT1a P2Q4ZE5qj5j/yA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:03 2025 by rpki-client