This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.mft File: pQnoZXbAZeFL--6PZSq2wnnM3hI.mft (raw, json) Hash identifier: dh3xC31pWGXzG3y1FyRRPGkHCnklmooA6UbrkFlUNQ4= Subject key identifier: 88:3A:90:C8:45:AC:2E:4E:81:F9:D3:92:35:C8:CC:DF:B2:71:7A:B2 Authority key identifier: A5:09:E8:65:76:C0:65:E1:4B:FB:EE:8F:65:2A:B6:C2:79:CC:DE:12 Certificate issuer: /CN=a509e86576c065e14bfbee8f652ab6c279ccde12 Certificate serial: 019B2FD4F23A486CD2ACA8F0A535BB78B213 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQnoZXbAZeFL--6PZSq2wnnM3hI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.mft Manifest number: 10BE Signing time: Thu 18 Dec 2025 05:00:43 +0000 Manifest this update: Thu 18 Dec 2025 05:00:43 +0000 Manifest next update: Fri 19 Dec 2025 05:00:43 +0000 Files and hashes: 1: eoOnLGiO6CFkl49Rw92BKVWZ1YY.roa (hash: 5KK2WxAAZ4SHFL6JTNlCRgBRKCCitoVvyQFa3VeriMw=) 2: pQnoZXbAZeFL--6PZSq2wnnM3hI.crl (hash: AjydHD8w5FU+YtG6vRa1n89ki+A6yOK/Yz7gIDXFsqk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.crl rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.mft rsync://rpki.ripe.net/repository/DEFAULT/pQnoZXbAZeFL--6PZSq2wnnM3hI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d4:f2:3a:48:6c:d2:ac:a8:f0:a5:35:bb:78:b2:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a509e86576c065e14bfbee8f652ab6c279ccde12 Validity Not Before: Dec 18 05:00:43 2025 GMT Not After : Dec 19 05:00:43 2025 GMT Subject: CN=883a90c845ac2e4e81f9d39235c8ccdfb2717ab2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e6:2b:d2:2b:59:ee:fa:38:4d:03:ff:23:cd: 50:26:fd:38:d1:43:ae:96:90:18:45:20:93:ec:f0: 00:69:c1:2d:f1:46:8d:9f:28:ea:27:df:09:b3:e7: cc:8c:9d:78:2e:50:16:53:6b:d7:d2:b0:f3:5f:05: c0:cf:bd:85:f8:3b:ad:25:db:a0:bf:43:fb:f6:80: e4:20:37:51:50:2c:87:03:c7:3f:19:89:8a:8c:d9: fb:21:8c:c8:e0:83:84:ea:1b:63:d3:17:fc:ac:49: 7f:2b:4f:90:75:96:f8:57:1b:cc:ad:bc:50:84:9a: 20:2f:bc:43:e7:f8:31:69:d2:d0:58:54:f2:d7:45: 51:de:04:7b:85:c1:f0:49:e6:06:5f:89:50:17:18: a7:97:28:fa:92:31:b4:a8:d0:5e:84:44:18:69:a3: c4:a0:9e:5e:9a:b2:e6:39:a0:b0:23:49:a2:2a:b9: 3d:22:47:ab:6e:5e:bf:ef:4f:f4:04:9a:d8:6d:8e: cc:0b:ea:44:4d:03:58:49:52:cd:e0:3d:08:0e:93: c4:9d:74:fd:7e:da:e3:d9:84:bd:05:b8:58:a4:22: 2d:dd:f8:dc:86:7d:6f:ab:d7:09:98:2a:dc:3d:57: ee:b4:ef:d5:e5:32:12:dd:99:39:6c:a9:b8:2f:55: 00:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:3A:90:C8:45:AC:2E:4E:81:F9:D3:92:35:C8:CC:DF:B2:71:7A:B2 X509v3 Authority Key Identifier: keyid:A5:09:E8:65:76:C0:65:E1:4B:FB:EE:8F:65:2A:B6:C2:79:CC:DE:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQnoZXbAZeFL--6PZSq2wnnM3hI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/014245-8685-4af3-9387-a0f5742b1b04/1/pQnoZXbAZeFL--6PZSq2wnnM3hI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:6d:3d:a6:9c:14:1e:32:c9:67:70:5b:88:d1:e8:fa:8d:53: e6:ef:6c:c6:a0:1d:55:8e:72:cb:ad:40:ef:33:07:55:27:5c: a2:86:7e:aa:ac:a5:47:00:e2:47:34:f0:4c:45:bf:c5:12:b0: f8:21:d1:9d:c9:b9:75:69:39:c7:8c:d8:8e:ab:64:a2:05:36: 23:ff:6c:fb:b8:e5:d6:db:51:fd:83:e1:eb:08:8f:48:3c:ae: 45:90:68:67:23:5b:c3:58:3c:5d:5d:ea:7f:08:84:c6:9f:e5: a6:84:8b:a0:f8:94:38:45:52:e9:c4:b4:f4:38:49:05:93:2a: a0:b5:19:89:bf:56:d6:a3:1d:40:64:0c:3d:54:c8:63:4b:07: cc:b0:0f:62:e6:ad:7b:28:7f:3c:0c:ab:29:54:d2:4d:92:46: 0b:ab:4a:49:5a:55:4a:15:f0:47:17:b6:5a:6d:30:fd:e9:82: 86:70:c2:cb:81:26:0c:8c:8e:b3:0e:32:e4:9e:fb:d3:d8:f1: c1:1d:51:25:d4:d8:0a:91:0c:f6:3f:dc:00:9d:6a:95:89:26: 01:bf:55:23:20:cf:80:99:6c:c9:0b:28:00:e4:1e:fb:18:06: 1c:e6:da:d8:df:88:13:e8:7e:83:01:44:fe:6f:0d:95:ff:45: 2e:65:85:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1PI6SGzSrKjwpTW7eLITMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MDllODY1NzZjMDY1ZTE0YmZiZWU4ZjY1MmFiNmMyNzlj Y2RlMTIwHhcNMjUxMjE4MDUwMDQzWhcNMjUxMjE5MDUwMDQzWjAzMTEwLwYDVQQD Eyg4ODNhOTBjODQ1YWMyZTRlODFmOWQzOTIzNWM4Y2NkZmIyNzE3YWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOYr0itZ7vo4TQP/I81QJv040UOu lpAYRSCT7PAAacEt8UaNnyjqJ98Js+fMjJ14LlAWU2vX0rDzXwXAz72F+DutJdug v0P79oDkIDdRUCyHA8c/GYmKjNn7IYzI4IOE6htj0xf8rEl/K0+QdZb4VxvMrbxQ hJogL7xD5/gxadLQWFTy10VR3gR7hcHwSeYGX4lQFxinlyj6kjG0qNBehEQYaaPE oJ5emrLmOaCwI0miKrk9Ikerbl6/70/0BJrYbY7MC+pETQNYSVLN4D0IDpPEnXT9 ftrj2YS9BbhYpCIt3fjchn1vq9cJmCrcPVfutO/V5TIS3Zk5bKm4L1UAJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIg6kMhFrC5OgfnTkjXIzN+ycXqyMB8GA1UdIwQY MBaAFKUJ6GV2wGXhS/vuj2UqtsJ5zN4SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFFub1pYYkFaZUZMLS02UFpTcTJ3bm5NM2hJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wMTQyNDUtODY4NS00YWYzLTkzODct YTBmNTc0MmIxYjA0LzEvcFFub1pYYkFaZUZMLS02UFpTcTJ3bm5NM2hJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8wMTQyNDUtODY4NS00YWYzLTkzODctYTBmNTc0MmIxYjA0 LzEvcFFub1pYYkFaZUZMLS02UFpTcTJ3bm5NM2hJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhW09ppwU HjLJZ3BbiNHo+o1T5u9sxqAdVY5yy61A7zMHVSdcooZ+qqylRwDiRzTwTEW/xRKw +CHRncm5dWk5x4zYjqtkogU2I/9s+7jl1ttR/YPh6wiPSDyuRZBoZyNbw1g8XV3q fwiExp/lpoSLoPiUOEVS6cS09DhJBZMqoLUZib9W1qMdQGQMPVTIY0sHzLAPYuat eyh/PAyrKVTSTZJGC6tKSVpVShXwRxe2Wm0w/emChnDCy4EmDIyOsw4y5J7709jx wR1RJdTYCpEM9j/cAJ1qlYkmAb9VIyDPgJlsyQsoAOQe+xgGHOba2N+IE+h+gwFE /m8Nlf9FLmWFKw== -----END CERTIFICATE-----Generated at Thu Dec 18 08:03:18 2025 by rpki-client