This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json) Hash identifier: olR958REPIm/VhnMygkyIyiGOTrbncl/plNS1U+IVKA= Subject key identifier: 67:82:3E:82:00:60:EF:5B:0B:91:E9:DB:76:97:D9:7A:93:1E:39:3D Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce Certificate serial: 019B36B3BEA3A50E7FEBCD551FF9FAA95E96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft Manifest number: 0A5F Signing time: Fri 19 Dec 2025 13:01:47 +0000 Manifest this update: Fri 19 Dec 2025 13:01:47 +0000 Manifest next update: Sat 20 Dec 2025 13:01:47 +0000 Files and hashes: 1: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: bHpCYCoQ58hTilXAusd+i8J7ZxiG+rg5eRx6BeKn6I8=) 2: rWk5sIUEQt5GM5tD9jvlVGxlmoc.roa (hash: bdSHmybqlxfqe2LDlmT/vhR2hatifsBsFgj+STLVUXQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 13:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:b3:be:a3:a5:0e:7f:eb:cd:55:1f:f9:fa:a9:5e:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce Validity Not Before: Dec 19 13:01:47 2025 GMT Not After : Dec 20 13:01:47 2025 GMT Subject: CN=67823e820060ef5b0b91e9db7697d97a931e393d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a0:c5:ba:d7:8a:df:b4:0a:0b:23:4b:e7:c0: 3e:c1:cf:2c:d6:d1:00:4c:b0:92:50:9d:09:3d:3f: 0f:c9:dd:69:26:8d:0a:66:4a:c7:c7:7e:c3:c8:c8: eb:db:72:78:c1:34:2d:1e:8c:71:c9:53:aa:21:ec: 6d:50:81:6a:75:e1:21:73:cd:ae:11:a8:a9:dc:88: db:22:63:5b:26:a8:aa:8e:1e:74:23:3f:76:09:b7: d1:02:31:05:d1:f7:0f:04:45:e7:9d:4b:42:94:11: f5:43:af:98:92:c2:39:b1:94:fc:d7:1b:8f:95:fa: 91:b7:22:b4:e6:93:98:5a:1c:c7:19:99:ae:32:0b: 8c:79:c3:d4:e8:f1:e0:b9:9b:cd:71:ba:92:95:1a: fb:e6:30:db:17:3b:b1:b3:86:ee:f2:18:0c:4a:09: 82:8a:b8:95:87:c0:7c:cd:db:61:c2:ce:86:1d:48: f2:30:a2:32:ab:24:b6:cf:ae:8a:7f:c6:d7:28:1d: 42:34:cb:35:c7:0b:36:0b:b7:1c:16:b7:37:60:20: bf:fd:43:e6:49:98:1b:a7:cb:09:79:06:f3:70:05: fd:dd:a3:0a:0f:c8:a0:4b:e6:96:a9:00:f1:92:92: 14:03:43:f3:17:b8:1f:d6:4e:b8:99:07:ae:a8:a4: 08:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:82:3E:82:00:60:EF:5B:0B:91:E9:DB:76:97:D9:7A:93:1E:39:3D X509v3 Authority Key Identifier: keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:7d:fb:f9:d0:9c:6a:eb:54:ac:46:c0:a6:e3:0c:56:3d:83: 19:b1:18:d6:46:d4:e6:dc:e1:00:49:8a:fc:c4:da:5b:05:58: 15:8e:7c:41:5b:12:86:8f:0b:e3:82:88:54:2b:f7:9f:fb:0e: 05:6d:ff:1d:b3:55:53:08:f2:ea:9b:26:9b:e9:09:8e:c4:2d: 6a:d4:b0:81:5c:ad:31:d0:80:5c:f8:d2:5c:0f:30:35:04:a0: ce:0e:3f:a6:9d:7b:39:c3:b1:49:41:ed:5f:2a:68:b7:5b:4e: 90:3c:eb:66:de:ee:17:a8:f2:7b:c8:e7:e1:06:27:86:65:bb: 19:28:37:5e:6c:2b:d9:3e:86:65:95:b7:5c:fa:24:d2:a9:9e: 46:69:69:cc:8c:d5:8d:62:1a:4e:b6:69:46:9a:14:f2:05:e7: 86:d6:ba:9b:8c:04:0b:d3:ac:64:cc:9b:62:d6:09:f4:23:9e: f6:26:0f:05:5f:81:19:15:7e:cd:52:ed:1f:9b:fe:48:84:63: 5e:dc:af:6a:57:09:5e:30:2c:c1:a2:a2:18:fa:ba:27:70:b5: f0:96:cf:ac:c6:bf:00:81:41:9a:cb:1d:d0:1a:53:c1:3c:04: 3d:4f:40:5e:55:73:e0:ee:d8:8a:d9:0e:34:14:ee:9c:9d:71: ac:af:ad:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2s76jpQ5/681VH/n6qV6WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk NTQyY2UwHhcNMjUxMjE5MTMwMTQ3WhcNMjUxMjIwMTMwMTQ3WjAzMTEwLwYDVQQD Eyg2NzgyM2U4MjAwNjBlZjViMGI5MWU5ZGI3Njk3ZDk3YTkzMWUzOTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6DFuteK37QKCyNL58A+wc8s1tEA TLCSUJ0JPT8Pyd1pJo0KZkrHx37DyMjr23J4wTQtHoxxyVOqIextUIFqdeEhc82u Eaip3IjbImNbJqiqjh50Iz92CbfRAjEF0fcPBEXnnUtClBH1Q6+YksI5sZT81xuP lfqRtyK05pOYWhzHGZmuMguMecPU6PHguZvNcbqSlRr75jDbFzuxs4bu8hgMSgmC iriVh8B8zdthws6GHUjyMKIyqyS2z66Kf8bXKB1CNMs1xws2C7ccFrc3YCC//UPm SZgbp8sJeQbzcAX93aMKD8igS+aWqQDxkpIUA0PzF7gf1k64mQeuqKQIywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGeCPoIAYO9bC5Hp23aX2XqTHjk9MB8GA1UdIwQY MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACn37+dCc autUrEbApuMMVj2DGbEY1kbU5tzhAEmK/MTaWwVYFY58QVsSho8L44KIVCv3n/sO BW3/HbNVUwjy6psmm+kJjsQtatSwgVytMdCAXPjSXA8wNQSgzg4/pp17OcOxSUHt Xypot1tOkDzrZt7uF6jye8jn4QYnhmW7GSg3Xmwr2T6GZZW3XPok0qmeRmlpzIzV jWIaTrZpRpoU8gXnhta6m4wEC9OsZMybYtYJ9COe9iYPBV+BGRV+zVLtH5v+SIRj XtyvalcJXjAswaKiGPq6J3C18JbPrMa/AIFBmssd0BpTwTwEPU9AXlVz4O7YitkO NBTunJ1xrK+tCg== -----END CERTIFICATE-----Generated at Fri Dec 19 22:40:21 2025 by rpki-client