This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.mft File: pWMWxxKYMeBREHlTLe2B3BLIHaA.mft (raw, json) Hash identifier: faeAZADN4lbEs8QjH61Jbo2oPRtjrXar0DIdQjE4gQE= Subject key identifier: 3B:E5:CA:DD:8C:85:00:17:F3:BC:92:DB:A5:30:21:76:61:2F:2B:50 Authority key identifier: A5:63:16:C7:12:98:31:E0:51:10:79:53:2D:ED:81:DC:12:C8:1D:A0 Certificate issuer: /CN=a56316c7129831e0511079532ded81dc12c81da0 Certificate serial: 019B08FE39541ADCEDB0D6F090EBD8E4B871 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.mft Manifest number: 0D7C Signing time: Wed 10 Dec 2025 16:00:37 +0000 Manifest this update: Wed 10 Dec 2025 16:00:37 +0000 Manifest next update: Thu 11 Dec 2025 16:00:37 +0000 Files and hashes: 1: XAMH6mQExatvC2LMnoXanctLKzE.roa (hash: pCAATiBl9IRxnVx1ZfARnp3JybBqcsAW/QN7pstrTq0=) 2: pWMWxxKYMeBREHlTLe2B3BLIHaA.crl (hash: WXpG3dVUqPiO81FdgXyBG+N5zwJnSPRKeFDKEUFW0Bo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.crl rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.mft rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 16:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:fe:39:54:1a:dc:ed:b0:d6:f0:90:eb:d8:e4:b8:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a56316c7129831e0511079532ded81dc12c81da0 Validity Not Before: Dec 10 16:00:37 2025 GMT Not After : Dec 11 16:00:37 2025 GMT Subject: CN=3be5cadd8c850017f3bc92dba5302176612f2b50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:94:57:7a:a9:30:17:90:ae:f5:68:2a:f9:26: 40:fd:82:80:f5:c9:71:fc:66:06:7b:17:c9:17:00: f1:d5:3b:4c:c5:e9:80:41:22:2e:2e:20:74:44:15: 7d:ef:4d:cb:c7:90:47:f8:be:46:67:f8:fc:14:4d: 66:7f:25:d2:af:f0:9a:67:3c:96:1d:58:11:6e:1c: 59:55:e7:90:c9:47:4c:3b:72:51:e8:4f:9b:c1:20: da:6b:94:97:29:8f:cb:d0:57:1e:15:bb:20:b6:01: 12:ac:cb:82:4a:bb:6d:15:6d:4e:79:62:6d:6f:1a: ba:84:2d:94:58:a7:f7:37:36:90:54:c9:f8:1e:aa: 00:93:b5:0c:cf:56:7c:af:ed:4e:66:33:40:43:c8: 05:cd:4b:75:fd:a1:28:63:97:54:34:84:ae:f4:4e: 18:cf:97:62:87:0b:9f:a7:53:6f:cb:0e:29:ac:bc: 61:b2:7d:b4:fe:cf:62:84:a8:69:a7:e6:69:fd:19: 30:0b:16:ef:8c:d8:45:44:65:9b:12:48:99:4a:08: 46:44:31:87:b1:1b:f4:21:a7:d6:a0:98:cc:2f:a0: 92:89:b8:6e:63:c7:e1:f0:23:f2:da:e5:14:09:ca: c6:8b:0b:b8:77:9e:ec:2c:94:c6:53:10:48:7d:da: 61:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:E5:CA:DD:8C:85:00:17:F3:BC:92:DB:A5:30:21:76:61:2F:2B:50 X509v3 Authority Key Identifier: keyid:A5:63:16:C7:12:98:31:E0:51:10:79:53:2D:ED:81:DC:12:C8:1D:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:ca:37:52:7d:90:60:dd:83:6c:d1:82:bc:d6:24:e0:7d:44: 34:75:0a:86:e1:a6:3e:65:82:2f:b9:dc:1e:9b:6c:48:c4:2a: 5e:c7:6f:f9:07:b5:2d:20:a5:9c:b1:f8:8a:e6:43:c4:ba:d7: 87:28:ba:16:f5:57:dd:2a:c1:7c:6f:3c:96:bf:3a:8d:3e:5f: b5:fb:ac:d1:77:5d:1d:1b:55:08:8e:76:96:83:9e:06:e1:9f: fb:87:1f:35:93:93:32:ad:69:67:d8:a9:9e:89:9e:24:14:18: 3b:e6:cd:66:25:28:b6:5c:89:e1:11:95:60:46:c3:d5:c1:b2: cb:4f:8c:f7:44:6c:22:0c:22:89:e4:31:05:10:c0:0e:16:48: dc:a3:d7:9b:41:07:cc:03:9b:04:20:e6:92:b0:96:06:37:4f: cf:26:b0:fa:07:ef:43:8b:56:26:6b:62:a9:37:1f:ea:1b:4b: e7:9b:9b:42:2f:13:8c:e1:39:de:6e:45:a0:31:6c:45:0e:62: ac:39:4f:a7:83:8b:56:99:05:aa:24:e8:32:be:8f:06:29:a9: 8a:04:49:9a:d1:cb:d9:97:cc:0a:a8:b1:b1:36:30:68:e6:03: 38:c0:c9:44:93:2a:2d:8c:7d:ac:91:db:c6:e7:f3:1d:e1:ef: 82:ce:9a:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsI/jlUGtztsNbwkOvY5LhxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1NjMxNmM3MTI5ODMxZTA1MTEwNzk1MzJkZWQ4MWRjMTJj ODFkYTAwHhcNMjUxMjEwMTYwMDM3WhcNMjUxMjExMTYwMDM3WjAzMTEwLwYDVQQD EygzYmU1Y2FkZDhjODUwMDE3ZjNiYzkyZGJhNTMwMjE3NjYxMmYyYjUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5RXeqkwF5Cu9Wgq+SZA/YKA9clx /GYGexfJFwDx1TtMxemAQSIuLiB0RBV9703Lx5BH+L5GZ/j8FE1mfyXSr/CaZzyW HVgRbhxZVeeQyUdMO3JR6E+bwSDaa5SXKY/L0FceFbsgtgESrMuCSrttFW1OeWJt bxq6hC2UWKf3NzaQVMn4HqoAk7UMz1Z8r+1OZjNAQ8gFzUt1/aEoY5dUNISu9E4Y z5dihwufp1Nvyw4prLxhsn20/s9ihKhpp+Zp/RkwCxbvjNhFRGWbEkiZSghGRDGH sRv0IafWoJjML6CSibhuY8fh8CPy2uUUCcrGiwu4d57sLJTGUxBIfdphAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDvlyt2MhQAX87yS26UwIXZhLytQMB8GA1UdIwQY MBaAFKVjFscSmDHgURB5Uy3tgdwSyB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80ZDkyNjctNGVhYy00MjEzLTliY2It MjhiODJjMGExNGYwLzEvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS80ZDkyNjctNGVhYy00MjEzLTliY2ItMjhiODJjMGExNGYw LzEvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkco3Un2Q YN2DbNGCvNYk4H1ENHUKhuGmPmWCL7ncHptsSMQqXsdv+Qe1LSClnLH4iuZDxLrX hyi6FvVX3SrBfG88lr86jT5ftfus0XddHRtVCI52loOeBuGf+4cfNZOTMq1pZ9ip nomeJBQYO+bNZiUotlyJ4RGVYEbD1cGyy0+M90RsIgwiieQxBRDADhZI3KPXm0EH zAObBCDmkrCWBjdPzyaw+gfvQ4tWJmtiqTcf6htL55ubQi8TjOE53m5FoDFsRQ5i rDlPp4OLVpkFqiToMr6PBimpigRJmtHL2ZfMCqixsTYwaOYDOMDJRJMqLYx9rJHb xufzHeHvgs6aZA== -----END CERTIFICATE-----Generated at Wed Dec 10 21:44:28 2025 by rpki-client