This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.mft File: pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.mft (raw, json) Hash identifier: WrlOn8SaLLaAcj1vfMwRBPhgFmR1figl5aYlwv6yQX0= Subject key identifier: 80:60:29:48:C5:85:2E:35:A4:D9:03:0B:AC:26:1A:C4:54:2B:99:95 Authority key identifier: A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4 Certificate issuer: /CN=a647893fb5b348e68a66d55a28f278cbf3931df4 Certificate serial: 019B1BAACDAF9FB195959A74DCA2072D4D3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.mft Manifest number: 0B6A Signing time: Sun 14 Dec 2025 07:02:17 +0000 Manifest this update: Sun 14 Dec 2025 07:02:17 +0000 Manifest next update: Mon 15 Dec 2025 07:02:17 +0000 Files and hashes: 1: pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl (hash: Cdvy2ODTND0ms7qKsw6svT9FlD18GNwSku0KjJ8cckw=) 2: po_LVWpbKXE3R88IVy-uZ3WJPNw.roa (hash: K+p2Dato5TDcm+bOMSRlFPytRWT6WZtTR14LVyHGo2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:aa:cd:af:9f:b1:95:95:9a:74:dc:a2:07:2d:4d:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a647893fb5b348e68a66d55a28f278cbf3931df4 Validity Not Before: Dec 14 07:02:17 2025 GMT Not After : Dec 15 07:02:17 2025 GMT Subject: CN=80602948c5852e35a4d9030bac261ac4542b9995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b0:66:44:ec:f5:09:e6:78:4a:ec:8c:57:65: e8:fb:6f:82:c0:63:20:df:c3:37:e3:9d:ad:ee:fc: c4:28:67:67:c1:ee:39:98:7f:ff:3f:ce:f9:75:4d: be:2c:3d:d6:b9:f3:56:2a:a3:d4:d9:d8:e4:4e:35: 12:78:a8:f0:ca:bc:43:3d:63:5e:7d:3a:f5:fc:c9: 56:f5:ec:0b:31:21:92:b8:04:70:42:e0:5b:71:cd: f6:2e:3c:19:ab:e5:4c:8d:1b:40:a8:4c:15:9f:b4: 8b:7a:ae:95:72:b3:90:e5:ac:b8:45:79:b9:65:17: 78:99:94:1c:3d:9f:43:33:47:a5:e6:90:95:c1:cf: 40:49:7f:1e:ef:74:29:53:fe:0c:51:78:92:c2:81: a4:c7:97:b2:f5:ff:50:51:e5:d2:49:99:df:db:c9: 60:1e:4b:9a:04:af:df:bf:4b:8a:e5:8a:f7:e8:33: 25:fe:fd:cb:ca:cb:33:59:41:81:86:c4:07:4f:60: 30:d9:bc:69:fb:39:51:0a:56:bf:3f:18:5b:fc:f0: c2:79:d5:38:3c:71:52:a0:3b:a0:c4:0e:d8:aa:f9: af:10:c2:fc:ff:49:02:a9:8f:65:d0:4f:1d:93:a4: 3f:9a:01:3b:eb:ff:4a:0f:69:e9:8b:ab:7e:e5:64: 49:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:60:29:48:C5:85:2E:35:A4:D9:03:0B:AC:26:1A:C4:54:2B:99:95 X509v3 Authority Key Identifier: keyid:A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:ca:e9:2d:f2:ca:20:48:79:87:c6:ec:82:ad:70:fa:e6:70: d1:8b:92:23:38:60:ed:88:8c:a2:01:66:0f:f6:9e:b5:42:67: 98:de:e4:67:97:a9:5f:f8:a4:3f:10:86:64:1f:3d:d1:ed:b4: ea:c4:1a:36:5d:3b:5c:5a:fb:58:a5:2e:28:52:11:a2:78:1f: b1:51:15:63:fb:44:6a:b9:08:79:98:f7:e8:b7:01:14:50:c4: bb:dd:31:d8:3f:89:65:6a:a9:2a:1b:9d:9d:c9:cd:e4:0b:16: cf:5b:23:13:a0:b1:3a:1c:49:ec:37:72:93:8d:f2:04:26:56: e5:8f:f2:75:be:f3:aa:c0:29:76:e5:79:14:da:b9:85:dd:aa: a6:a7:37:84:44:be:94:4a:2f:e0:d2:23:90:1b:e1:14:0a:29: 38:22:86:20:9a:2a:91:c4:b3:c8:4c:35:32:3e:b2:93:4d:35: 93:83:fd:0e:b3:72:46:02:f1:10:19:de:6f:b4:48:30:30:19: f8:3d:a2:aa:5e:32:ba:f7:46:f1:84:28:08:34:1c:97:61:fa: 83:86:43:61:56:aa:90:81:ad:26:d0:80:6e:95:4a:7b:f8:ba: a5:ab:15:55:5d:2f:a8:b0:11:c4:a4:aa:9a:a5:51:7e:dc:ef: 6c:04:3e:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqs2vn7GVlZp03KIHLU08MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NDc4OTNmYjViMzQ4ZTY4YTY2ZDU1YTI4ZjI3OGNiZjM5 MzFkZjQwHhcNMjUxMjE0MDcwMjE3WhcNMjUxMjE1MDcwMjE3WjAzMTEwLwYDVQQD Eyg4MDYwMjk0OGM1ODUyZTM1YTRkOTAzMGJhYzI2MWFjNDU0MmI5OTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrBmROz1CeZ4SuyMV2Xo+2+CwGMg 38M3452t7vzEKGdnwe45mH//P875dU2+LD3WufNWKqPU2djkTjUSeKjwyrxDPWNe fTr1/MlW9ewLMSGSuARwQuBbcc32LjwZq+VMjRtAqEwVn7SLeq6VcrOQ5ay4RXm5 ZRd4mZQcPZ9DM0el5pCVwc9ASX8e73QpU/4MUXiSwoGkx5ey9f9QUeXSSZnf28lg HkuaBK/fv0uK5Yr36DMl/v3LysszWUGBhsQHT2Aw2bxp+zlRCla/Pxhb/PDCedU4 PHFSoDugxA7YqvmvEML8/0kCqY9l0E8dk6Q/mgE76/9KD2npi6t+5WRJEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIBgKUjFhS41pNkDC6wmGsRUK5mVMB8GA1UdIwQY MBaAFKZHiT+1s0jmimbVWijyeMvzkx30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDIt ZDYyNDQ5NmRkY2M4LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDItZDYyNDQ5NmRkY2M4 LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMrpLfLK IEh5h8bsgq1w+uZw0YuSIzhg7YiMogFmD/aetUJnmN7kZ5epX/ikPxCGZB890e20 6sQaNl07XFr7WKUuKFIRongfsVEVY/tEarkIeZj36LcBFFDEu90x2D+JZWqpKhud ncnN5AsWz1sjE6CxOhxJ7Ddyk43yBCZW5Y/ydb7zqsApduV5FNq5hd2qpqc3hES+ lEov4NIjkBvhFAopOCKGIJoqkcSzyEw1Mj6yk001k4P9DrNyRgLxEBneb7RIMDAZ +D2iql4yuvdG8YQoCDQcl2H6g4ZDYVaqkIGtJtCAbpVKe/i6pasVVV0vqLARxKSq mqVRftzvbAQ+gw== -----END CERTIFICATE-----Generated at Sun Dec 14 08:41:27 2025 by rpki-client