This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft File: PxckOVmdfaUleXiZvyE7jmNVSRQ.mft (raw, json) Hash identifier: E2TE0PDZmD//EsCRWUpneYRNDpUhkolqmXIvFzHtC+o= Subject key identifier: 8A:18:DD:B1:B4:3B:3C:9D:48:5C:56:F4:3F:E3:00:6F:C2:81:8D:19 Authority key identifier: 3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14 Certificate issuer: /CN=3f172439599d7da525797899bf213b8e63554914 Certificate serial: 019B0FA57580CBF08677F52AD15C312C14F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft Manifest number: 1702 Signing time: Thu 11 Dec 2025 23:01:00 +0000 Manifest this update: Thu 11 Dec 2025 23:01:00 +0000 Manifest next update: Fri 12 Dec 2025 23:01:00 +0000 Files and hashes: 1: ET0yOb6N2KPn9sEOeciwveLzfFQ.roa (hash: 5UaUVXzPjnKQ9N0meCwxNszuKgkyrbDITbh3/+eJ6rg=) 2: PxckOVmdfaUleXiZvyE7jmNVSRQ.crl (hash: IcBGOb7sXg1x9ThOhE2U7GU6yOR1GzSrgKVHRmj4wjQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:a5:75:80:cb:f0:86:77:f5:2a:d1:5c:31:2c:14:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f172439599d7da525797899bf213b8e63554914 Validity Not Before: Dec 11 23:01:00 2025 GMT Not After : Dec 12 23:01:00 2025 GMT Subject: CN=8a18ddb1b43b3c9d485c56f43fe3006fc2818d19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:d3:4a:35:de:9d:36:d9:38:74:1e:8e:64:07: 80:2a:45:1e:ff:90:a5:f9:b9:76:3c:0d:0c:35:ac: 2c:44:7c:f5:92:53:97:b0:d8:68:c0:f9:fb:5a:7b: 6b:24:a4:13:23:67:50:f5:10:e6:da:70:bd:00:a1: 1e:e9:e0:ff:62:35:a7:57:46:f6:7c:98:7b:95:b0: 51:c7:ec:00:99:22:2c:2f:5b:05:60:e7:c1:51:9c: 5f:fd:e3:39:ba:14:79:86:e1:90:0e:7c:90:26:b6: bb:11:9d:be:c2:6d:78:a6:ea:ca:ac:f5:ea:8e:c1: 23:cd:82:24:4a:6b:79:86:6a:7d:4f:b4:a9:db:45: 93:c8:c9:04:59:35:f6:6c:fc:4d:88:19:03:1a:46: d3:e0:93:05:c5:62:8b:1e:f7:e7:2c:6a:44:99:49: 76:44:ee:69:11:cd:14:f1:fa:1b:9d:1e:42:56:87: 8e:e0:a7:a8:32:43:29:46:e3:c9:47:c2:86:1c:ae: ca:f0:c4:d1:35:31:0a:de:ce:34:f5:85:98:21:02: 46:0e:ec:b2:be:83:ec:40:91:49:55:b4:84:74:78: 3b:53:b9:1c:6d:12:b5:1a:4c:24:b4:8c:b4:43:5e: 9d:28:c1:f7:24:98:4c:f8:1f:92:e0:18:b6:b8:c8: 10:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:18:DD:B1:B4:3B:3C:9D:48:5C:56:F4:3F:E3:00:6F:C2:81:8D:19 X509v3 Authority Key Identifier: keyid:3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:38:7d:59:47:f8:c6:39:f5:8a:b2:f8:fd:80:a9:73:f9:f7: ec:95:5a:e5:b2:c4:db:35:4f:25:78:7b:68:a4:8b:72:e8:8b: 5a:13:53:3c:e6:f6:6e:6c:b6:83:8b:53:a7:6c:27:ac:67:5f: e9:29:d7:05:43:12:b8:4a:c5:f4:f0:cb:94:7a:81:63:3e:e4: 50:be:52:59:fc:bd:f5:ea:e8:fe:ab:89:f2:41:90:50:c4:33: fb:5b:a9:8a:9b:96:fa:44:4c:42:2f:b4:df:6b:3b:42:7a:64: 40:35:cf:55:3f:36:76:6d:3d:17:67:91:96:4b:12:b9:22:5b: f7:5f:a5:1f:e0:4f:54:1e:ef:5b:24:b1:38:01:b4:81:bc:f4: 5b:a5:1a:45:2b:3d:06:5e:e9:7e:8d:b4:e4:d1:c6:c8:8a:27: 3a:59:39:db:55:a1:11:a7:cb:ff:6f:42:60:7d:03:40:14:82: 08:f8:f9:82:c7:26:df:f9:7a:cf:45:af:69:2e:4d:4b:e6:1a: e5:c6:13:19:49:0c:ce:7c:95:cc:45:a8:dd:4c:36:ea:e6:59: 43:eb:ae:57:5c:b4:3c:e6:f2:eb:d1:bb:73:7f:2a:d5:c3:29: 2e:35:17:87:b5:d4:c6:73:27:6c:71:e6:b7:53:8d:8b:1f:44: 14:68:49:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPpXWAy/CGd/Uq0VwxLBT1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmMTcyNDM5NTk5ZDdkYTUyNTc5Nzg5OWJmMjEzYjhlNjM1 NTQ5MTQwHhcNMjUxMjExMjMwMTAwWhcNMjUxMjEyMjMwMTAwWjAzMTEwLwYDVQQD Eyg4YTE4ZGRiMWI0M2IzYzlkNDg1YzU2ZjQzZmUzMDA2ZmMyODE4ZDE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtNKNd6dNtk4dB6OZAeAKkUe/5Cl +bl2PA0MNawsRHz1klOXsNhowPn7WntrJKQTI2dQ9RDm2nC9AKEe6eD/YjWnV0b2 fJh7lbBRx+wAmSIsL1sFYOfBUZxf/eM5uhR5huGQDnyQJra7EZ2+wm14purKrPXq jsEjzYIkSmt5hmp9T7Sp20WTyMkEWTX2bPxNiBkDGkbT4JMFxWKLHvfnLGpEmUl2 RO5pEc0U8fobnR5CVoeO4KeoMkMpRuPJR8KGHK7K8MTRNTEK3s409YWYIQJGDuyy voPsQJFJVbSEdHg7U7kcbRK1GkwktIy0Q16dKMH3JJhM+B+S4Bi2uMgQxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIoY3bG0OzydSFxW9D/jAG/CgY0ZMB8GA1UdIwQY MBaAFD8XJDlZnX2lJXl4mb8hO45jVUkUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEt ODg3MzMxZWZiNzE1LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEtODg3MzMxZWZiNzE1 LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARjh9WUf4 xjn1irL4/YCpc/n37JVa5bLE2zVPJXh7aKSLcuiLWhNTPOb2bmy2g4tTp2wnrGdf 6SnXBUMSuErF9PDLlHqBYz7kUL5SWfy99ero/quJ8kGQUMQz+1upipuW+kRMQi+0 32s7QnpkQDXPVT82dm09F2eRlksSuSJb91+lH+BPVB7vWySxOAG0gbz0W6UaRSs9 Bl7pfo205NHGyIonOlk521WhEafL/29CYH0DQBSCCPj5gscm3/l6z0WvaS5NS+Ya 5cYTGUkMznyVzEWo3Uw26uZZQ+uuV1y0POby69G7c38q1cMpLjUXh7XUxnMnbHHm t1ONix9EFGhJnQ== -----END CERTIFICATE-----Generated at Fri Dec 12 03:44:05 2025 by rpki-client