This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft File: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json) Hash identifier: YaHoEk1ntgR8YqUAR76lexyW1XS1g9tzUpDMqYN2gcc= Subject key identifier: CF:4B:F3:65:5B:A2:B1:B9:D6:26:09:C8:BC:7D:B4:3B:A0:55:68:75 Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34 Certificate issuer: /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834 Certificate serial: 019B481502A688E0290470AFDDF51A7B7214 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft Manifest number: 175E Signing time: Mon 22 Dec 2025 22:01:34 +0000 Manifest this update: Mon 22 Dec 2025 22:01:34 +0000 Manifest next update: Tue 23 Dec 2025 22:01:34 +0000 Files and hashes: 1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: k35YSr1zKxkGlxCmGIoGY1Wj2fsKu3VAQOYs8XvOClg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:02:a6:88:e0:29:04:70:af:dd:f5:1a:7b:72:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834 Validity Not Before: Dec 22 22:01:34 2025 GMT Not After : Dec 23 22:01:34 2025 GMT Subject: CN=cf4bf3655ba2b1b9d62609c8bc7db43ba0556875 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:63:f5:86:6e:90:80:cc:86:89:8e:77:44:cb: d2:64:34:fe:ca:a9:ca:3f:e5:63:1c:1b:70:18:ab: 0a:37:8f:d7:73:80:a5:33:54:56:2d:f0:37:99:87: e2:6d:ed:00:f0:47:ce:04:c9:70:68:8a:93:a0:f9: 1b:c6:f3:6d:98:32:06:f8:55:42:48:24:d8:08:53: e8:f0:e1:f2:d1:31:5f:2e:ee:b2:ad:f8:d2:2b:82: 2e:4e:d5:69:16:9b:c4:9b:01:1a:4d:1f:13:50:0c: e2:95:c7:fb:7d:24:e0:52:28:d2:d1:44:f1:5f:4b: 26:c7:1b:44:34:35:7b:f9:9d:dc:77:ac:f9:f5:39: 46:32:8b:f0:ce:aa:07:b9:e9:bf:92:43:77:5f:49: ee:f1:15:76:63:97:fb:8c:e6:06:13:35:84:ab:8f: 40:bc:25:31:5c:eb:68:87:75:a2:db:d0:45:50:f6: 31:07:72:f4:f7:fd:ea:04:4a:ea:76:c3:0f:76:6f: 3f:ad:f9:91:36:a5:64:c8:c7:6a:c1:e8:ef:c5:39: e6:42:99:7c:d8:19:7a:04:b7:2a:86:f9:48:97:e0: 74:60:8e:e2:8a:a9:e9:b5:9c:80:1e:97:e2:80:49: 84:37:da:38:7e:f4:4b:57:71:0f:96:30:c0:d9:63: 99:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:4B:F3:65:5B:A2:B1:B9:D6:26:09:C8:BC:7D:B4:3B:A0:55:68:75 X509v3 Authority Key Identifier: keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:0e:f2:6a:ed:6b:60:b5:22:2f:5d:bc:92:64:eb:89:38:d8: b9:a7:1d:60:9d:1f:13:44:a5:a9:d4:8c:b3:d6:3c:0d:15:29: 88:3b:1c:42:a4:54:8a:c3:44:e3:bb:fb:e4:9b:9b:92:43:ec: 60:92:c8:a7:6d:ab:27:8c:64:6e:e2:b8:34:12:76:1e:a8:37: 50:d3:fa:68:7c:86:2d:2b:f5:2f:5d:f5:2c:b1:ea:fb:2c:6b: a4:ca:f9:a6:b1:8e:f4:63:70:3e:88:21:8a:b1:89:5c:c7:55: a9:13:97:82:c6:ab:9a:24:70:49:95:9e:71:3c:68:4e:a8:ef: 29:b0:39:47:f3:12:42:38:1a:58:f8:c6:8a:cd:bd:d5:cd:94: be:36:f1:9e:8b:e3:9b:76:6e:00:d8:bf:cd:a6:48:0a:50:08: 87:bf:c4:c4:0e:ad:ad:81:7b:ed:26:53:13:16:3b:dc:ca:aa: a3:ec:54:06:3e:ef:be:eb:3f:c9:a0:f1:26:81:46:f1:4d:78: 1d:86:9a:93:5b:f1:74:67:39:db:c1:f2:03:51:7f:08:6c:06: f2:01:18:e1:c9:90:92:41:9b:3b:9d:6e:8f:ae:5b:64:68:94: cd:ae:fc:be:2a:a9:cf:05:03:02:47:e9:3e:f2:fb:b1:38:ad: e7:c1:d3:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFQKmiOApBHCv3fUae3IUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm MTI4MzQwHhcNMjUxMjIyMjIwMTM0WhcNMjUxMjIzMjIwMTM0WjAzMTEwLwYDVQQD EyhjZjRiZjM2NTViYTJiMWI5ZDYyNjA5YzhiYzdkYjQzYmEwNTU2ODc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGP1hm6QgMyGiY53RMvSZDT+yqnK P+VjHBtwGKsKN4/Xc4ClM1RWLfA3mYfibe0A8EfOBMlwaIqToPkbxvNtmDIG+FVC SCTYCFPo8OHy0TFfLu6yrfjSK4IuTtVpFpvEmwEaTR8TUAzilcf7fSTgUijS0UTx X0smxxtENDV7+Z3cd6z59TlGMovwzqoHuem/kkN3X0nu8RV2Y5f7jOYGEzWEq49A vCUxXOtoh3Wi29BFUPYxB3L09/3qBErqdsMPdm8/rfmRNqVkyMdqwejvxTnmQpl8 2Bl6BLcqhvlIl+B0YI7iiqnptZyAHpfigEmEN9o4fvRLV3EPljDA2WOZwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM9L82VborG51iYJyLx9tDugVWh1MB8GA1UdIwQY MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQ7yau1r YLUiL128kmTriTjYuacdYJ0fE0SlqdSMs9Y8DRUpiDscQqRUisNE47v75JubkkPs YJLIp22rJ4xkbuK4NBJ2Hqg3UNP6aHyGLSv1L131LLHq+yxrpMr5prGO9GNwPogh irGJXMdVqROXgsarmiRwSZWecTxoTqjvKbA5R/MSQjgaWPjGis291c2Uvjbxnovj m3ZuANi/zaZIClAIh7/ExA6trYF77SZTExY73Mqqo+xUBj7vvus/yaDxJoFG8U14 HYaak1vxdGc528HyA1F/CGwG8gEY4cmQkkGbO51uj65bZGiUza78viqpzwUDAkfp PvL7sTit58HTwg== -----END CERTIFICATE-----Generated at Tue Dec 23 05:04:53 2025 by rpki-client