This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/82c263-4791-4223-8970-4ae7ad6ea285/1/PxP6dbPOiUzEZAQaipX4WffBxNI.mft File: PxP6dbPOiUzEZAQaipX4WffBxNI.mft (raw, json) Hash identifier: /NYqFBRQl+cMqGqr+PILnBy+NFuPWZhUFoHpiS+zqzU= Subject key identifier: C9:50:E8:A9:81:50:A4:B4:F7:C1:FF:EE:38:A1:17:C6:E1:F4:A9:4E Authority key identifier: 3F:13:FA:75:B3:CE:89:4C:C4:64:04:1A:8A:95:F8:59:F7:C1:C4:D2 Certificate issuer: /CN=3f13fa75b3ce894cc464041a8a95f859f7c1c4d2 Certificate serial: 019B4AA81159088B38FAED9A712C5B4F48A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxP6dbPOiUzEZAQaipX4WffBxNI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/82c263-4791-4223-8970-4ae7ad6ea285/1/PxP6dbPOiUzEZAQaipX4WffBxNI.mft Manifest number: 0314 Signing time: Tue 23 Dec 2025 10:01:26 +0000 Manifest this update: Tue 23 Dec 2025 10:01:26 +0000 Manifest next update: Wed 24 Dec 2025 10:01:26 +0000 Files and hashes: 1: PxP6dbPOiUzEZAQaipX4WffBxNI.crl (hash: piQqa6T1/Wt+/FErDLxEahuyStGQtIhfHF5xWdhgfjo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/82c263-4791-4223-8970-4ae7ad6ea285/1/PxP6dbPOiUzEZAQaipX4WffBxNI.crl rsync://rpki.ripe.net/repository/DEFAULT/41/82c263-4791-4223-8970-4ae7ad6ea285/1/PxP6dbPOiUzEZAQaipX4WffBxNI.mft rsync://rpki.ripe.net/repository/DEFAULT/PxP6dbPOiUzEZAQaipX4WffBxNI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:a8:11:59:08:8b:38:fa:ed:9a:71:2c:5b:4f:48:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f13fa75b3ce894cc464041a8a95f859f7c1c4d2 Validity Not Before: Dec 23 10:01:26 2025 GMT Not After : Dec 24 10:01:26 2025 GMT Subject: CN=c950e8a98150a4b4f7c1ffee38a117c6e1f4a94e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:73:e7:34:f7:6f:10:9c:5f:d1:49:b3:1d:8d: e4:a7:e9:e5:03:74:70:74:e7:60:ae:1b:7f:2b:50: 3e:29:b2:ba:eb:d4:13:ca:b2:70:db:86:3b:e5:1b: f6:01:fc:21:b5:92:1b:0e:c7:e8:57:ba:bf:6b:09: 9f:81:af:c4:69:ed:b7:11:a0:85:8e:e8:ea:77:7f: a9:4b:d3:3b:84:18:83:b4:d9:81:de:65:0b:21:14: 3c:8e:8b:fd:42:0b:7e:14:ff:33:0a:3f:32:bf:c3: 82:08:a6:c9:6c:fe:2c:cf:5b:62:a4:2a:b0:50:b1: c1:29:18:f2:7e:a7:97:c5:ca:e9:26:c1:7a:7c:7f: 10:2a:0b:b7:95:d1:23:85:d8:9c:a9:a8:95:c4:44: f3:5b:63:08:55:15:18:5c:ee:28:f2:b5:3b:77:76: 65:b4:53:ca:de:41:11:6a:ed:e1:23:c1:cc:4c:cf: 82:60:13:2e:4f:ef:a5:20:6e:9e:4f:66:6a:2e:db: b1:fa:51:f0:1a:d2:f0:0f:28:bc:8f:c0:4f:26:f5: 46:36:37:c1:44:71:4c:aa:d7:b1:5b:52:5c:33:dd: ec:63:4b:a0:aa:75:3d:e6:ff:dd:f0:41:19:c2:dc: f5:e2:50:36:a4:55:7e:40:1c:a3:95:1c:95:e2:71: 64:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:50:E8:A9:81:50:A4:B4:F7:C1:FF:EE:38:A1:17:C6:E1:F4:A9:4E X509v3 Authority Key Identifier: keyid:3F:13:FA:75:B3:CE:89:4C:C4:64:04:1A:8A:95:F8:59:F7:C1:C4:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxP6dbPOiUzEZAQaipX4WffBxNI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/82c263-4791-4223-8970-4ae7ad6ea285/1/PxP6dbPOiUzEZAQaipX4WffBxNI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/82c263-4791-4223-8970-4ae7ad6ea285/1/PxP6dbPOiUzEZAQaipX4WffBxNI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:a7:d7:10:2c:8e:72:da:18:5f:60:60:e0:5c:14:8a:f9:92: 3a:f9:48:d1:f8:b7:d1:d8:a2:8a:50:44:57:03:a7:41:f6:6a: a5:c1:ab:d7:5e:10:1e:58:9c:99:41:de:0e:c0:98:bb:a7:c0: 29:c1:33:31:6a:30:06:c3:57:f0:94:d4:e5:57:9f:72:ca:c4: c7:98:99:b9:26:a1:47:81:92:83:c5:b1:3c:f8:9b:d2:f0:b5: 17:37:4c:9b:a1:3c:d9:71:d8:92:8e:c0:b0:9e:d6:ea:6b:3b: 2f:f8:d4:5a:03:66:5a:bc:1c:64:49:9d:f9:4f:a3:6b:3d:7d: 2a:ea:90:96:e5:cd:0f:d7:e9:6d:e0:36:30:86:36:1c:49:62: af:c0:be:49:93:06:4a:9a:65:59:68:d3:f5:eb:d0:91:ed:3b: 66:f0:e2:5c:5f:fe:e6:e4:e1:9a:44:d4:6f:60:88:c5:19:f8: 34:b3:81:d2:57:4d:58:24:89:37:bd:e1:db:9a:e1:4a:a6:96: 79:8c:3b:1d:04:f0:d3:a9:bb:23:67:25:93:8e:e4:e6:ee:24: b8:a6:d6:4c:19:61:be:a8:b6:32:f2:4c:cd:97:58:7e:d0:c8: 73:39:16:35:1a:44:4d:8b:86:ba:f2:b9:3b:88:c4:f2:6a:1b: 07:40:64:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKqBFZCIs4+u2acSxbT0imMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmMTNmYTc1YjNjZTg5NGNjNDY0MDQxYThhOTVmODU5Zjdj MWM0ZDIwHhcNMjUxMjIzMTAwMTI2WhcNMjUxMjI0MTAwMTI2WjAzMTEwLwYDVQQD EyhjOTUwZThhOTgxNTBhNGI0ZjdjMWZmZWUzOGExMTdjNmUxZjRhOTRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonPnNPdvEJxf0UmzHY3kp+nlA3Rw dOdgrht/K1A+KbK669QTyrJw24Y75Rv2AfwhtZIbDsfoV7q/awmfga/Eae23EaCF jujqd3+pS9M7hBiDtNmB3mULIRQ8jov9Qgt+FP8zCj8yv8OCCKbJbP4sz1tipCqw ULHBKRjyfqeXxcrpJsF6fH8QKgu3ldEjhdicqaiVxETzW2MIVRUYXO4o8rU7d3Zl tFPK3kERau3hI8HMTM+CYBMuT++lIG6eT2ZqLtux+lHwGtLwDyi8j8BPJvVGNjfB RHFMqtexW1JcM93sY0ugqnU95v/d8EEZwtz14lA2pFV+QByjlRyV4nFkywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMlQ6KmBUKS098H/7jihF8bh9KlOMB8GA1UdIwQY MBaAFD8T+nWzzolMxGQEGoqV+Fn3wcTSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHhQNmRiUE9pVXpFWkFRYWlwWDRXZmZCeE5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MmMyNjMtNDc5MS00MjIzLTg5NzAt NGFlN2FkNmVhMjg1LzEvUHhQNmRiUE9pVXpFWkFRYWlwWDRXZmZCeE5JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS84MmMyNjMtNDc5MS00MjIzLTg5NzAtNGFlN2FkNmVhMjg1 LzEvUHhQNmRiUE9pVXpFWkFRYWlwWDRXZmZCeE5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGafXECyO ctoYX2Bg4FwUivmSOvlI0fi30diiilBEVwOnQfZqpcGr114QHlicmUHeDsCYu6fA KcEzMWowBsNX8JTU5VefcsrEx5iZuSahR4GSg8WxPPib0vC1FzdMm6E82XHYko7A sJ7W6ms7L/jUWgNmWrwcZEmd+U+jaz19KuqQluXND9fpbeA2MIY2HElir8C+SZMG SpplWWjT9evQke07ZvDiXF/+5uThmkTUb2CIxRn4NLOB0ldNWCSJN73h25rhSqaW eYw7HQTw06m7I2clk47k5u4kuKbWTBlhvqi2MvJMzZdYftDIczkWNRpETYuGuvK5 O4jE8mobB0BkpA== -----END CERTIFICATE-----Generated at Tue Dec 23 14:54:25 2025 by rpki-client