This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft File: pxrCOk0-z8vKRROJaxeuToloKng.mft (raw, json) Hash identifier: W0G43ZusjCVKgs3tX7peP9pVNWVOWYMcHl4Zr4aw3hA= Subject key identifier: 4A:AD:17:95:7B:3F:A7:1D:B0:2F:AA:E2:EB:DF:D2:97:EF:84:EA:F8 Authority key identifier: A7:1A:C2:3A:4D:3E:CF:CB:CA:45:13:89:6B:17:AE:4E:89:68:2A:78 Certificate issuer: /CN=a71ac23a4d3ecfcbca4513896b17ae4e89682a78 Certificate serial: 019B590846FF86159D8B3C0F450770F83814 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft Manifest number: 0168 Signing time: Fri 26 Dec 2025 05:01:13 +0000 Manifest this update: Fri 26 Dec 2025 05:01:13 +0000 Manifest next update: Sat 27 Dec 2025 05:01:13 +0000 Files and hashes: 1: MQtI7yBtmsDk4DKqPSGfWKdKyAo.roa (hash: +iNt+U/ElAwJwno5xdY5orBbnGETU96olMUGY0otCFs=) 2: pxrCOk0-z8vKRROJaxeuToloKng.crl (hash: QoD7m/G5MCaSArZggebL7+6ZhkI+INcn26ET1F0CQZk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.crl rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:46:ff:86:15:9d:8b:3c:0f:45:07:70:f8:38:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a71ac23a4d3ecfcbca4513896b17ae4e89682a78 Validity Not Before: Dec 26 05:01:13 2025 GMT Not After : Dec 27 05:01:13 2025 GMT Subject: CN=4aad17957b3fa71db02faae2ebdfd297ef84eaf8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d5:33:f3:79:ec:5b:45:8e:a9:66:8c:16:e3: fd:82:14:69:f9:91:24:72:d0:40:d7:ac:16:55:4a: a2:5b:51:49:69:82:12:83:4b:a9:a6:63:19:de:93: 44:5c:1c:99:f6:01:94:c4:9b:1d:88:33:88:ba:b7: ca:2d:8d:52:1a:73:04:72:8d:aa:03:a9:ce:5d:1a: 41:51:3d:9f:6d:8d:bc:ec:6e:2a:0d:42:e6:c7:db: 77:b5:c3:9f:ac:15:f1:72:39:8e:ce:1b:b6:01:4f: f7:1f:61:df:0a:fa:f8:ec:ed:5e:d1:9a:89:64:32: f1:4b:b2:24:1b:65:2d:79:41:ff:ac:77:3e:cc:be: 49:fb:64:19:c4:8b:af:9b:62:9d:9e:43:26:61:c0: fd:64:6c:53:34:b6:70:31:f2:28:d8:e5:98:9a:ef: 33:89:67:7f:ad:7d:e2:7b:d4:d7:3e:82:3f:77:43: c3:43:04:84:75:3f:4f:4d:75:1d:cb:87:6e:f5:d9: d3:7f:c9:cc:a2:41:b9:c7:99:51:87:af:cc:84:73: 3a:9e:b9:a3:c6:a9:b6:9c:fd:ac:a4:1f:19:c0:9a: 73:62:1a:63:ed:85:e8:3f:a4:6d:9c:e3:b7:dc:2e: d1:22:bd:ca:b6:ca:d4:07:28:bd:67:24:ef:8c:0d: 09:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:AD:17:95:7B:3F:A7:1D:B0:2F:AA:E2:EB:DF:D2:97:EF:84:EA:F8 X509v3 Authority Key Identifier: keyid:A7:1A:C2:3A:4D:3E:CF:CB:CA:45:13:89:6B:17:AE:4E:89:68:2A:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxrCOk0-z8vKRROJaxeuToloKng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/831cec-d965-400a-9899-fdbc5c6ae5aa/1/pxrCOk0-z8vKRROJaxeuToloKng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:d9:bf:6f:b2:ff:f7:96:7b:10:30:39:55:62:05:c5:5d:b4: ea:0b:22:02:3e:1c:16:6b:d3:ca:f9:58:61:ff:4f:bf:39:bc: d8:32:2a:4f:9b:8e:d1:41:ca:e7:ae:a7:94:7d:32:48:e1:79: 3c:fc:87:e8:88:fe:62:f5:1c:f9:ee:2d:01:e3:53:f5:e5:d4: 1d:49:d7:f9:bd:c9:3c:3d:ac:a1:fb:ee:d6:22:44:fa:46:3f: 50:e6:d1:bb:39:91:37:b4:cc:ae:9a:7b:c7:ae:84:80:cc:ab: fe:e2:60:91:6a:86:5c:72:b7:e9:67:b0:43:f2:bd:fe:fa:e7: a0:71:b8:c4:ff:6f:04:f8:27:1d:f3:41:6c:8e:20:84:3a:d4: 9f:30:6b:09:71:4f:e8:6e:2f:75:6f:43:d8:e7:49:41:0f:c8: 60:4d:82:95:b6:e7:db:45:3e:d6:c6:47:e4:72:cf:fc:04:e5: ee:a5:4f:fb:bf:9a:57:83:25:42:50:51:7f:43:5f:67:b9:70: ac:f4:e4:f9:49:27:df:bd:39:5c:1f:c1:ca:de:cb:e0:aa:04: 25:28:ff:6c:82:6d:d7:39:03:64:97:8d:b9:88:78:93:e5:3f: ae:fb:be:67:22:cc:dc:7a:74:52:5a:b0:8e:43:ea:48:65:9e: 08:2b:89:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCEb/hhWdizwPRQdw+DgUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MWFjMjNhNGQzZWNmY2JjYTQ1MTM4OTZiMTdhZTRlODk2 ODJhNzgwHhcNMjUxMjI2MDUwMTEzWhcNMjUxMjI3MDUwMTEzWjAzMTEwLwYDVQQD Eyg0YWFkMTc5NTdiM2ZhNzFkYjAyZmFhZTJlYmRmZDI5N2VmODRlYWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdUz83nsW0WOqWaMFuP9ghRp+ZEk ctBA16wWVUqiW1FJaYISg0uppmMZ3pNEXByZ9gGUxJsdiDOIurfKLY1SGnMEco2q A6nOXRpBUT2fbY287G4qDULmx9t3tcOfrBXxcjmOzhu2AU/3H2HfCvr47O1e0ZqJ ZDLxS7IkG2UteUH/rHc+zL5J+2QZxIuvm2KdnkMmYcD9ZGxTNLZwMfIo2OWYmu8z iWd/rX3ie9TXPoI/d0PDQwSEdT9PTXUdy4du9dnTf8nMokG5x5lRh6/MhHM6nrmj xqm2nP2spB8ZwJpzYhpj7YXoP6RtnOO33C7RIr3KtsrUByi9ZyTvjA0J+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEqtF5V7P6cdsC+q4uvf0pfvhOr4MB8GA1UdIwQY MBaAFKcawjpNPs/LykUTiWsXrk6JaCp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MzFjZWMtZDk2NS00MDBhLTk4OTkt ZmRiYzVjNmFlNWFhLzEvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy84MzFjZWMtZDk2NS00MDBhLTk4OTktZmRiYzVjNmFlNWFh LzEvcHhyQ09rMC16OHZLUlJPSmF4ZXVUb2xvS25nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdm/b7L/ 95Z7EDA5VWIFxV206gsiAj4cFmvTyvlYYf9Pvzm82DIqT5uO0UHK566nlH0ySOF5 PPyH6Ij+YvUc+e4tAeNT9eXUHUnX+b3JPD2sofvu1iJE+kY/UObRuzmRN7TMrpp7 x66EgMyr/uJgkWqGXHK36WewQ/K9/vrnoHG4xP9vBPgnHfNBbI4ghDrUnzBrCXFP 6G4vdW9D2OdJQQ/IYE2Clbbn20U+1sZH5HLP/ATl7qVP+7+aV4MlQlBRf0NfZ7lw rPTk+Ukn3705XB/Byt7L4KoEJSj/bIJt1zkDZJeNuYh4k+U/rvu+ZyLM3Hp0Ulqw jkPqSGWeCCuJ+w== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:20 2025 by rpki-client