This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft File: pKgNKvhhtwo37AUOAT5t-6lMiz0.mft (raw, json) Hash identifier: EfSiC3wmm46/nXSOdn4eurHVqI2BfRSaOcK17zI89RQ= Subject key identifier: 16:15:48:CD:6F:BF:81:AE:16:D1:6A:3C:62:C1:41:DE:9B:0D:24:E2 Authority key identifier: A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D Certificate issuer: /CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d Certificate serial: 019B3C7EAE05957F95C2A6C85A444D704ECB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft Manifest number: 102C Signing time: Sat 20 Dec 2025 16:01:33 +0000 Manifest this update: Sat 20 Dec 2025 16:01:33 +0000 Manifest next update: Sun 21 Dec 2025 16:01:33 +0000 Files and hashes: 1: pKgNKvhhtwo37AUOAT5t-6lMiz0.crl (hash: MsXzFoh+1t7UTltuBAxexrVKtybCaDtRp31Tzi8afp8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:ae:05:95:7f:95:c2:a6:c8:5a:44:4d:70:4e:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d Validity Not Before: Dec 20 16:01:33 2025 GMT Not After : Dec 21 16:01:33 2025 GMT Subject: CN=161548cd6fbf81ae16d16a3c62c141de9b0d24e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:18:33:af:60:f3:96:4b:5b:30:06:89:67:de: e5:f1:99:43:97:1e:fa:33:98:af:c4:97:a4:49:09: b7:ca:3f:87:51:d0:fc:4a:ce:25:58:7e:ed:28:88: 1e:d3:b2:8d:6a:a7:ab:b2:cc:ee:b3:0e:04:b9:09: fe:c9:9a:7e:37:9e:24:f2:1f:3c:f1:3a:1f:63:f0: 09:8d:d6:b2:91:e8:52:34:d5:a5:60:d4:cb:b1:e6: e7:dd:60:7d:9b:ea:ce:13:07:09:c9:fa:6e:5b:49: eb:7c:f2:c8:b7:06:76:40:a9:39:2c:20:0a:ea:df: 8e:07:bf:99:41:d3:45:0b:8c:fa:0f:36:c1:f1:84: 60:31:38:63:65:fc:ae:b9:af:41:d6:c1:af:63:59: 71:28:69:f0:fc:02:76:7a:a5:b4:31:c9:4c:d3:e0: f9:ad:b9:e4:17:4e:78:e4:8b:9c:61:f6:09:f5:82: cf:83:a2:f7:95:2e:ec:a2:c4:4e:77:34:0f:b0:d8: a5:79:ce:6d:b0:43:f9:59:04:df:72:05:9e:76:86: c0:3f:3e:39:2a:88:29:05:79:23:e2:63:4c:28:e7: f6:c5:11:4b:54:19:01:d4:82:25:1a:2d:e2:db:d8: d7:d9:dc:3a:b9:4a:96:29:ec:0d:22:d3:b4:21:c9: f2:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:15:48:CD:6F:BF:81:AE:16:D1:6A:3C:62:C1:41:DE:9B:0D:24:E2 X509v3 Authority Key Identifier: keyid:A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:b5:84:57:19:d4:ea:72:24:6e:ef:f9:2f:89:14:3c:0e:32: 29:77:1c:c6:4d:12:b4:b1:de:b3:38:63:87:f6:5d:3e:c6:01: cd:56:98:06:22:4b:5f:9f:e2:91:03:85:46:d0:74:e7:c1:6f: c5:79:8f:06:ea:7b:4b:79:e2:27:fb:c1:52:00:34:43:c2:26: e1:f4:f9:a4:94:02:fb:4d:0f:92:4d:9c:d3:b4:6f:7e:7f:2f: ed:8c:4a:b4:99:f2:56:be:1f:bc:6c:b9:8d:4d:e3:ba:45:07: cd:b2:31:34:72:bf:8e:97:5c:0f:d6:78:9c:be:b1:eb:b1:66: 12:be:b9:4b:dd:42:c7:05:c3:fb:a7:24:6e:9a:f6:48:75:e2: 4f:8d:0b:15:e2:74:8b:8e:91:0c:a6:03:5d:22:71:13:70:68: e2:54:08:0a:30:21:ef:ce:b2:60:b4:2f:a7:56:d8:48:00:5a: b7:b8:62:1c:91:e1:28:11:fa:a6:5e:c0:5e:6f:3e:62:19:e5: 5c:4d:d7:55:17:6c:8b:b0:74:ff:bb:31:06:ab:42:d0:a0:8d: 8a:46:7c:7f:06:8b:65:7f:66:53:f8:85:17:e6:99:8d:a8:57: 2e:48:23:5d:5c:d5:c4:24:f3:7a:32:f8:fa:1a:54:41:0b:10: e5:dc:df:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fq4FlX+VwqbIWkRNcE7LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0YTgwZDJhZjg2MWI3MGEzN2VjMDUwZTAxM2U2ZGZiYTk0 YzhiM2QwHhcNMjUxMjIwMTYwMTMzWhcNMjUxMjIxMTYwMTMzWjAzMTEwLwYDVQQD EygxNjE1NDhjZDZmYmY4MWFlMTZkMTZhM2M2MmMxNDFkZTliMGQyNGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshgzr2DzlktbMAaJZ97l8ZlDlx76 M5ivxJekSQm3yj+HUdD8Ss4lWH7tKIge07KNaqersszusw4EuQn+yZp+N54k8h88 8TofY/AJjdaykehSNNWlYNTLsebn3WB9m+rOEwcJyfpuW0nrfPLItwZ2QKk5LCAK 6t+OB7+ZQdNFC4z6DzbB8YRgMThjZfyuua9B1sGvY1lxKGnw/AJ2eqW0MclM0+D5 rbnkF0545IucYfYJ9YLPg6L3lS7sosROdzQPsNilec5tsEP5WQTfcgWedobAPz45 KogpBXkj4mNMKOf2xRFLVBkB1IIlGi3i29jX2dw6uUqWKewNItO0IcnysQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBYVSM1vv4GuFtFqPGLBQd6bDSTiMB8GA1UdIwQY MBaAFKSoDSr4YbcKN+wFDgE+bfupTIs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYt NjIzNGVhMDllMTg2LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYtNjIzNGVhMDllMTg2 LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAirWEVxnU 6nIkbu/5L4kUPA4yKXccxk0StLHeszhjh/ZdPsYBzVaYBiJLX5/ikQOFRtB058Fv xXmPBup7S3niJ/vBUgA0Q8Im4fT5pJQC+00Pkk2c07Rvfn8v7YxKtJnyVr4fvGy5 jU3jukUHzbIxNHK/jpdcD9Z4nL6x67FmEr65S91CxwXD+6ckbpr2SHXiT40LFeJ0 i46RDKYDXSJxE3Bo4lQICjAh786yYLQvp1bYSABat7hiHJHhKBH6pl7AXm8+Yhnl XE3XVRdsi7B0/7sxBqtC0KCNikZ8fwaLZX9mU/iFF+aZjahXLkgjXVzVxCTzejL4 +hpUQQsQ5dzfFg== -----END CERTIFICATE-----Generated at Sat Dec 20 20:00:44 2025 by rpki-client