This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft File: P-XZqjR4a6oW1Fa9857K-12XMPg.mft (raw, json) Hash identifier: 1hRgDCZ/SkeYk4hezjyZR0AFuTlZhwh6AiWqO3mfm2M= Subject key identifier: 19:2D:D8:2D:3C:24:F6:00:EB:2D:1E:F5:42:4B:63:07:BB:39:63:AC Authority key identifier: 3F:E5:D9:AA:34:78:6B:AA:16:D4:56:BD:F3:9E:CA:FB:5D:97:30:F8 Certificate issuer: /CN=3fe5d9aa34786baa16d456bdf39ecafb5d9730f8 Certificate serial: 019B34C4FEE7C6DA86A7975E601632795FE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft Manifest number: 1783 Signing time: Fri 19 Dec 2025 04:01:24 +0000 Manifest this update: Fri 19 Dec 2025 04:01:24 +0000 Manifest next update: Sat 20 Dec 2025 04:01:24 +0000 Files and hashes: 1: I8Hl2QUOJ6pW-HzuzhburaAUCcs.roa (hash: TO7xgPDDMwBnfoyPmeOZq+S6vszklMWr0Jg0Yq+3Oiw=) 2: P-XZqjR4a6oW1Fa9857K-12XMPg.crl (hash: 8drfnNgBw/21KN+VZNHjh3YO3lvHDWssv4rR7/GQexg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.crl rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:fe:e7:c6:da:86:a7:97:5e:60:16:32:79:5f:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fe5d9aa34786baa16d456bdf39ecafb5d9730f8 Validity Not Before: Dec 19 04:01:24 2025 GMT Not After : Dec 20 04:01:24 2025 GMT Subject: CN=192dd82d3c24f600eb2d1ef5424b6307bb3963ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:22:75:bb:6c:49:ce:93:95:15:c5:8b:f3:88: 7e:af:21:47:e5:86:7a:4e:22:87:86:1c:e6:f4:a7: 77:91:b7:8d:81:5b:ef:9e:d1:b7:74:44:c2:05:43: 9e:e0:22:68:db:7c:85:35:8b:59:27:71:c8:01:aa: 22:aa:2f:8d:41:2d:eb:9a:36:8d:37:8e:de:52:bf: 39:66:1a:c3:dd:e7:c9:81:c7:e8:e7:ba:d8:42:e7: fb:a6:7e:5e:0a:7d:b7:1e:eb:c9:ed:33:55:32:b0: 6f:0c:38:64:8d:dc:a7:c9:b2:00:d9:38:56:e5:5f: 95:29:da:a3:be:b7:45:a9:96:ec:c6:c6:8d:9f:6f: 58:3e:eb:b3:b2:12:e3:b5:af:f1:99:d2:fe:ab:9c: 34:5d:15:6e:6b:45:96:1c:56:bb:1a:a5:b8:e3:a6: a3:5a:cd:3f:5f:e6:b7:56:6d:6e:8a:1a:f1:2b:ea: b0:a9:3b:57:9f:68:a8:53:fd:74:51:e8:3c:b7:a6: 13:fe:2a:f2:27:9c:8f:d4:c8:17:b3:8a:0e:71:5c: ab:0a:ac:fe:0a:95:bc:b1:86:d9:e2:f9:6a:6f:cd: 44:c5:7a:34:03:a3:56:55:c9:c0:b5:8b:d3:5c:a1: 46:4e:f3:5c:2e:66:51:6d:ee:95:7f:bf:a4:11:9f: 1e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:2D:D8:2D:3C:24:F6:00:EB:2D:1E:F5:42:4B:63:07:BB:39:63:AC X509v3 Authority Key Identifier: keyid:3F:E5:D9:AA:34:78:6B:AA:16:D4:56:BD:F3:9E:CA:FB:5D:97:30:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-XZqjR4a6oW1Fa9857K-12XMPg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a2fe68-761d-4e6c-9dcd-594c1acd9daf/1/P-XZqjR4a6oW1Fa9857K-12XMPg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c9:76:0d:6c:2d:bd:f7:8b:0e:53:5e:32:18:ee:27:01:64:c8: 72:27:d7:3c:93:bb:27:25:35:42:13:a5:42:03:a5:26:3c:10: a1:66:72:8d:a4:b4:f9:23:a6:57:19:11:31:d4:f5:7f:d1:de: a5:54:5d:67:40:43:4f:c4:f1:16:1f:b5:00:ed:40:dc:60:5e: 99:5d:13:0d:48:d1:8c:2c:81:3b:6b:06:07:5a:14:c9:6d:98: d8:8f:c4:fd:02:12:4d:6d:fa:10:90:f4:d5:6c:3d:3e:b6:a8: 05:d9:a1:eb:a0:0a:37:21:10:bc:4f:2c:3b:86:60:2b:ee:7a: 02:a1:c3:e9:ba:0c:fe:68:ae:ac:c6:38:b0:00:5f:03:66:cd: e0:76:9b:17:18:ab:47:e5:5f:e6:e7:f1:1b:54:34:c0:36:2f: c6:b6:9a:fd:9f:71:ca:7f:7e:18:d9:91:51:c9:c0:bb:b8:46: 76:26:93:39:cd:c9:44:23:d7:50:d3:c2:ac:25:02:31:95:4d: e1:23:ca:b3:9f:e0:0b:d0:be:2c:24:f7:16:ca:70:26:89:f2: 60:63:69:55:df:ed:c0:81:ce:97:70:c3:e1:9a:af:a9:b0:89: 8f:25:21:eb:0a:f8:73:78:14:18:a8:b0:01:84:e2:fe:0a:35: 8d:f0:e2:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xP7nxtqGp5deYBYyeV/nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZTVkOWFhMzQ3ODZiYWExNmQ0NTZiZGYzOWVjYWZiNWQ5 NzMwZjgwHhcNMjUxMjE5MDQwMTI0WhcNMjUxMjIwMDQwMTI0WjAzMTEwLwYDVQQD EygxOTJkZDgyZDNjMjRmNjAwZWIyZDFlZjU0MjRiNjMwN2JiMzk2M2FjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySJ1u2xJzpOVFcWL84h+ryFH5YZ6 TiKHhhzm9Kd3kbeNgVvvntG3dETCBUOe4CJo23yFNYtZJ3HIAaoiqi+NQS3rmjaN N47eUr85ZhrD3efJgcfo57rYQuf7pn5eCn23HuvJ7TNVMrBvDDhkjdynybIA2ThW 5V+VKdqjvrdFqZbsxsaNn29YPuuzshLjta/xmdL+q5w0XRVua0WWHFa7GqW446aj Ws0/X+a3Vm1uihrxK+qwqTtXn2ioU/10Ueg8t6YT/iryJ5yP1MgXs4oOcVyrCqz+ CpW8sYbZ4vlqb81ExXo0A6NWVcnAtYvTXKFGTvNcLmZRbe6Vf7+kEZ8enwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBkt2C08JPYA6y0e9UJLYwe7OWOsMB8GA1UdIwQY MBaAFD/l2ao0eGuqFtRWvfOeyvtdlzD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9hMmZlNjgtNzYxZC00ZTZjLTlkY2Qt NTk0YzFhY2Q5ZGFmLzEvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9hMmZlNjgtNzYxZC00ZTZjLTlkY2QtNTk0YzFhY2Q5ZGFm LzEvUC1YWnFqUjRhNm9XMUZhOTg1N0stMTJYTVBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyXYNbC29 94sOU14yGO4nAWTIcifXPJO7JyU1QhOlQgOlJjwQoWZyjaS0+SOmVxkRMdT1f9He pVRdZ0BDT8TxFh+1AO1A3GBemV0TDUjRjCyBO2sGB1oUyW2Y2I/E/QISTW36EJD0 1Ww9PraoBdmh66AKNyEQvE8sO4ZgK+56AqHD6boM/miurMY4sABfA2bN4HabFxir R+Vf5ufxG1Q0wDYvxraa/Z9xyn9+GNmRUcnAu7hGdiaTOc3JRCPXUNPCrCUCMZVN 4SPKs5/gC9C+LCT3FspwJonyYGNpVd/twIHOl3DD4ZqvqbCJjyUh6wr4c3gUGKiw AYTi/go1jfDi8A== -----END CERTIFICATE-----Generated at Fri Dec 19 13:16:52 2025 by rpki-client