This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft File: pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json) Hash identifier: G1c18LOYGQXNzowK5GYEi8NXXNrenEkk5SVLhH8QF0Q= Subject key identifier: EB:64:35:29:9F:0D:5F:A2:1C:00:6D:27:B6:CF:55:01:7B:B9:16:F3 Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59 Certificate issuer: /CN=a609265d894fa79fcd6542facc0ba389738c8459 Certificate serial: 019B4249C1237371DE081270A09713403521 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft Manifest number: 0AA3 Signing time: Sun 21 Dec 2025 19:01:28 +0000 Manifest this update: Sun 21 Dec 2025 19:01:28 +0000 Manifest next update: Mon 22 Dec 2025 19:01:28 +0000 Files and hashes: 1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: UamgPdiDjMqSdJyavPxjQeWVQVGDUNHEaxnfEqqtlmw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:c1:23:73:71:de:08:12:70:a0:97:13:40:35:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459 Validity Not Before: Dec 21 19:01:28 2025 GMT Not After : Dec 22 19:01:28 2025 GMT Subject: CN=eb6435299f0d5fa21c006d27b6cf55017bb916f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:bb:15:e2:46:ff:96:29:2b:28:9c:74:3a:c6: 76:6c:a3:b9:d1:c8:e6:aa:b9:e7:f5:99:c1:9a:63: 28:4a:d8:49:7f:92:3b:0e:d7:0b:a0:0e:b9:3b:20: 6c:78:5b:ca:18:00:ca:7c:66:6a:cb:40:2f:06:c4: 9f:89:9d:c3:62:7f:94:85:97:b9:eb:a3:be:7b:fd: db:f3:4a:c5:46:d1:d9:1c:96:84:e8:ee:fd:dc:6b: 46:e1:75:b3:46:9b:6f:61:1e:82:7e:96:a3:19:8d: 49:fa:15:98:ce:e3:d6:26:7c:22:15:92:28:9c:e9: b4:b9:cb:09:91:ac:84:35:26:e3:20:b7:09:0e:0c: 57:93:89:81:5d:87:bb:df:e6:dd:9d:48:64:62:f0: 3d:47:99:53:aa:58:46:78:ad:15:56:6e:21:54:da: 88:4a:e1:b7:1a:7d:1c:aa:33:b0:34:84:c7:38:8c: 20:ee:8c:ac:b1:b7:bc:47:b3:b9:9a:54:ad:d9:83: 79:c6:a8:61:f4:06:dc:ad:f5:b8:b4:0e:c2:2b:2f: c3:e9:62:61:a3:33:f6:99:bf:72:c4:24:11:ad:ba: 6b:54:47:bb:ea:9d:bd:36:c0:ab:74:45:f6:15:6e: f8:73:6a:65:0d:6b:ff:80:fe:ca:3c:a4:b1:e6:3a: f3:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:64:35:29:9F:0D:5F:A2:1C:00:6D:27:B6:CF:55:01:7B:B9:16:F3 X509v3 Authority Key Identifier: keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:16:b2:a0:a0:a7:18:da:ec:b7:36:a1:d5:1a:27:a8:60:27: 8e:31:2c:88:fc:56:05:fd:1b:f5:7b:a6:29:cc:ab:ec:60:c1: 4a:82:d0:7e:78:f7:d4:10:e2:dd:93:31:0a:0e:63:c2:8f:16: a7:9f:e0:97:74:fe:ed:c8:1f:04:53:a1:01:73:3e:26:e8:53: 67:d5:2d:ab:be:e4:24:43:58:86:37:11:80:a9:93:85:85:9e: f5:03:d1:38:3c:e2:d8:a1:b1:63:3f:7d:6c:fb:95:1c:85:db: d0:f5:dd:6e:1c:70:28:ef:21:3c:fa:81:21:31:16:9c:e8:5f: ec:2f:ae:60:ff:ad:3d:86:8e:42:84:55:46:61:a1:e2:89:c4: 52:c5:e4:fc:7e:cc:26:17:6f:39:ea:20:eb:67:22:45:65:11: 44:57:3b:cf:b3:73:17:71:77:62:df:a1:bb:2e:0a:87:72:25: 66:5a:f7:db:f7:13:1c:1e:45:b4:58:59:44:29:38:69:50:1d: 21:e7:26:1d:cc:01:e0:b7:fd:e5:8d:f4:88:69:d5:2a:d2:b7: f7:88:c3:b5:35:76:ba:93:c1:e2:49:a8:5f:f9:4a:9f:89:e5: 94:59:eb:c0:7d:2a:50:d1:6a:9e:d4:52:64:83:e5:00:20:af: 2c:5a:e2:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCScEjc3HeCBJwoJcTQDUhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4 Yzg0NTkwHhcNMjUxMjIxMTkwMTI4WhcNMjUxMjIyMTkwMTI4WjAzMTEwLwYDVQQD EyhlYjY0MzUyOTlmMGQ1ZmEyMWMwMDZkMjdiNmNmNTUwMTdiYjkxNmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbsV4kb/likrKJx0OsZ2bKO50cjm qrnn9ZnBmmMoSthJf5I7DtcLoA65OyBseFvKGADKfGZqy0AvBsSfiZ3DYn+UhZe5 66O+e/3b80rFRtHZHJaE6O793GtG4XWzRptvYR6CfpajGY1J+hWYzuPWJnwiFZIo nOm0ucsJkayENSbjILcJDgxXk4mBXYe73+bdnUhkYvA9R5lTqlhGeK0VVm4hVNqI SuG3Gn0cqjOwNITHOIwg7oyssbe8R7O5mlSt2YN5xqhh9AbcrfW4tA7CKy/D6WJh ozP2mb9yxCQRrbprVEe76p29NsCrdEX2FW74c2plDWv/gP7KPKSx5jrz5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOtkNSmfDV+iHABtJ7bPVQF7uRbzMB8GA1UdIwQY MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQhayoKCn GNrstzah1RonqGAnjjEsiPxWBf0b9XumKcyr7GDBSoLQfnj31BDi3ZMxCg5jwo8W p5/gl3T+7cgfBFOhAXM+JuhTZ9Utq77kJENYhjcRgKmThYWe9QPRODzi2KGxYz99 bPuVHIXb0PXdbhxwKO8hPPqBITEWnOhf7C+uYP+tPYaOQoRVRmGh4onEUsXk/H7M JhdvOeog62ciRWURRFc7z7NzF3F3Yt+huy4Kh3IlZlr32/cTHB5FtFhZRCk4aVAd IecmHcwB4Lf95Y30iGnVKtK394jDtTV2upPB4kmoX/lKn4nllFnrwH0qUNFqntRS ZIPlACCvLFrisw== -----END CERTIFICATE-----Generated at Sun Dec 21 21:16:52 2025 by rpki-client