This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft File: pnQBXVCbXU85bqNjNp6ddP-tdZM.mft (raw, json) Hash identifier: Lr9TeS1euYpImUfVPctJ9BVqF80mEoGOhMOh5UGIDGU= Subject key identifier: DB:21:6D:94:B0:BC:B4:9C:18:76:4C:7A:CD:94:55:78:CF:12:C2:54 Authority key identifier: A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93 Certificate issuer: /CN=a674015d509b5d4f396ea363369e9d74ffad7593 Certificate serial: 019B59E399FF25EE9DEFBEE75FD70F83B871 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft Manifest number: 1630 Signing time: Fri 26 Dec 2025 09:00:46 +0000 Manifest this update: Fri 26 Dec 2025 09:00:46 +0000 Manifest next update: Sat 27 Dec 2025 09:00:46 +0000 Files and hashes: 1: pnQBXVCbXU85bqNjNp6ddP-tdZM.crl (hash: a8TEbKV0q82h8dWydo1Ws+7X6VdZG3YQ1U3RvHSbKd4=) 2: ytlPgasGVjygeToAnL_7qGL6niY.roa (hash: 4pWkNfB/a5sc8sNCH66lYgOc8aQwiUY9Cf8vuGjBpFo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:99:ff:25:ee:9d:ef:be:e7:5f:d7:0f:83:b8:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a674015d509b5d4f396ea363369e9d74ffad7593 Validity Not Before: Dec 26 09:00:46 2025 GMT Not After : Dec 27 09:00:46 2025 GMT Subject: CN=db216d94b0bcb49c18764c7acd945578cf12c254 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:11:7d:38:e2:43:9e:72:3e:d0:ba:43:0b:52: ed:cc:04:90:68:54:3f:bb:1a:42:12:a2:bd:d3:2b: 9e:a9:f0:02:43:a9:3e:0f:9a:b3:42:54:ac:b5:21: a6:17:b3:ea:79:5e:f4:25:59:4e:ed:cd:a1:59:63: 28:74:da:ba:0c:c0:51:69:5c:b6:13:8f:73:06:d9: d9:4d:ae:13:79:a3:f3:e2:73:bb:2a:16:3e:e2:df: 25:ce:07:7a:ba:8c:64:ca:ed:f1:2b:f8:0b:e9:46: 93:fa:39:02:3e:43:0f:2c:69:34:10:aa:5c:32:65: 9c:34:97:14:15:28:bb:e1:2a:92:2c:33:be:98:84: 9e:5b:64:57:d5:2e:cd:a1:64:dc:94:74:68:5d:a4: 74:48:85:86:99:8c:f7:50:ff:bf:8f:24:72:0a:9a: b4:cf:e7:82:ac:f8:ea:06:d5:8e:da:df:9c:63:ab: ed:52:d5:73:21:2c:95:6e:a6:58:b6:59:f8:1e:4c: 84:75:29:c5:4e:c6:0f:a3:f5:f6:03:34:91:c2:7f: b7:a6:be:bb:dd:b0:f8:6f:ca:ed:34:cb:02:1a:7b: af:be:ae:77:0a:f0:44:b6:84:62:0e:7b:12:94:9f: 30:6b:f4:2c:59:34:ea:fb:6c:9c:c2:b7:b6:4c:90: 6e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:21:6D:94:B0:BC:B4:9C:18:76:4C:7A:CD:94:55:78:CF:12:C2:54 X509v3 Authority Key Identifier: keyid:A6:74:01:5D:50:9B:5D:4F:39:6E:A3:63:36:9E:9D:74:FF:AD:75:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnQBXVCbXU85bqNjNp6ddP-tdZM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/689e70-e38d-4ff1-a972-4113d686dd66/1/pnQBXVCbXU85bqNjNp6ddP-tdZM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:bc:80:ca:97:c6:5d:00:72:3d:3d:05:eb:fd:16:8b:3e:79: 1a:a6:16:66:6b:76:ea:99:1b:b7:3f:5b:50:4b:8c:e1:73:e4: f0:e8:32:d5:eb:77:59:ad:c9:db:51:26:41:81:af:82:ee:fe: ca:e5:86:d7:c8:dd:01:57:df:52:bf:36:83:0e:b4:74:0e:c8: 5f:c3:34:bc:81:2e:04:2d:40:c3:0e:b8:fe:ac:fd:4c:c0:b8: 0f:b8:51:b7:b2:dc:56:c4:07:b9:09:a8:03:93:f5:72:01:72: f5:98:dd:45:db:14:eb:87:e3:7b:97:f6:87:71:2f:8b:08:1c: 3b:9d:3a:e3:99:39:45:b1:ea:e8:9c:1b:72:07:a8:3a:d7:1d: 96:fa:04:7d:3f:b0:52:de:ef:ee:51:67:53:44:0b:54:66:70: 76:41:6e:cf:c8:a7:b6:3c:39:e6:a0:d9:49:1e:8b:7c:22:cf: 5e:f5:45:0d:6a:0c:4c:e0:fe:5b:ed:db:76:44:53:3b:f5:9b: 6d:bd:4e:51:d6:3e:ca:cd:c2:92:da:17:be:3b:33:b6:21:59: 3e:2d:b9:f5:8f:54:ce:56:9a:3d:ea:c7:0c:13:5c:98:4c:03: 6e:4f:06:61:41:cd:eb:2a:50:0d:b6:53:06:98:8a:b6:dc:25: ec:72:c4:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ45n/Je6d777nX9cPg7hxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NzQwMTVkNTA5YjVkNGYzOTZlYTM2MzM2OWU5ZDc0ZmZh ZDc1OTMwHhcNMjUxMjI2MDkwMDQ2WhcNMjUxMjI3MDkwMDQ2WjAzMTEwLwYDVQQD EyhkYjIxNmQ5NGIwYmNiNDljMTg3NjRjN2FjZDk0NTU3OGNmMTJjMjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRF9OOJDnnI+0LpDC1LtzASQaFQ/ uxpCEqK90yueqfACQ6k+D5qzQlSstSGmF7PqeV70JVlO7c2hWWModNq6DMBRaVy2 E49zBtnZTa4TeaPz4nO7KhY+4t8lzgd6uoxkyu3xK/gL6UaT+jkCPkMPLGk0EKpc MmWcNJcUFSi74SqSLDO+mISeW2RX1S7NoWTclHRoXaR0SIWGmYz3UP+/jyRyCpq0 z+eCrPjqBtWO2t+cY6vtUtVzISyVbqZYtln4HkyEdSnFTsYPo/X2AzSRwn+3pr67 3bD4b8rtNMsCGnuvvq53CvBEtoRiDnsSlJ8wa/QsWTTq+2ycwre2TJBunwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNshbZSwvLScGHZMes2UVXjPEsJUMB8GA1UdIwQY MBaAFKZ0AV1Qm11POW6jYzaenXT/rXWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzIt NDExM2Q2ODZkZDY2LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82ODllNzAtZTM4ZC00ZmYxLWE5NzItNDExM2Q2ODZkZDY2 LzEvcG5RQlhWQ2JYVTg1YnFOak5wNmRkUC10ZFpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYryAypfG XQByPT0F6/0Wiz55GqYWZmt26pkbtz9bUEuM4XPk8Ogy1et3Wa3J21EmQYGvgu7+ yuWG18jdAVffUr82gw60dA7IX8M0vIEuBC1Aww64/qz9TMC4D7hRt7LcVsQHuQmo A5P1cgFy9ZjdRdsU64fje5f2h3EviwgcO50645k5RbHq6JwbcgeoOtcdlvoEfT+w Ut7v7lFnU0QLVGZwdkFuz8intjw55qDZSR6LfCLPXvVFDWoMTOD+W+3bdkRTO/Wb bb1OUdY+ys3CktoXvjsztiFZPi259Y9UzlaaPerHDBNcmEwDbk8GYUHN6ypQDbZT BpiKttwl7HLEaw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:04 2025 by rpki-client