This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft File: P5oSEPUJkiOdOn8uXoATtatJH_8.mft (raw, json) Hash identifier: QkZwZ4wmA4UXzSkO9RMShki9K0ux6wyN7ogmBF/PsBo= Subject key identifier: 1B:B3:7C:5A:3E:CC:B1:04:87:69:84:1B:4D:05:DA:85:4F:22:46:01 Authority key identifier: 3F:9A:12:10:F5:09:92:23:9D:3A:7F:2E:5E:80:13:B5:AB:49:1F:FF Certificate issuer: /CN=3f9a1210f50992239d3a7f2e5e8013b5ab491fff Certificate serial: 019B1916D25E622AB1AF14AD035EF507792D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft Manifest number: 1344 Signing time: Sat 13 Dec 2025 19:01:24 +0000 Manifest this update: Sat 13 Dec 2025 19:01:24 +0000 Manifest next update: Sun 14 Dec 2025 19:01:24 +0000 Files and hashes: 1: P5oSEPUJkiOdOn8uXoATtatJH_8.crl (hash: cqTQuiptkYi5OOM9KnfiZdlid3oNvwOQHUGJUXbW63A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:16:d2:5e:62:2a:b1:af:14:ad:03:5e:f5:07:79:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f9a1210f50992239d3a7f2e5e8013b5ab491fff Validity Not Before: Dec 13 19:01:24 2025 GMT Not After : Dec 14 19:01:24 2025 GMT Subject: CN=1bb37c5a3eccb1048769841b4d05da854f224601 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9b:8e:ef:2e:3d:e2:40:e3:f7:cb:48:97:1c: 7d:30:d1:3b:3a:3b:f2:d6:c9:1b:96:c9:ae:93:9d: 28:d7:38:92:d7:9b:46:72:8d:32:00:e4:fc:45:86: 0c:76:49:4e:77:6e:fe:2d:e5:1e:ed:49:8f:f3:23: 36:b6:9d:16:24:aa:d5:c8:1e:b2:fd:58:04:87:a0: 08:cd:ec:81:65:7d:6e:b3:97:0d:0a:8f:d9:e3:ff: 32:fd:d9:bd:75:db:dc:cd:9a:c8:21:30:7f:fb:9e: d1:86:47:24:af:db:8c:f9:20:2c:6b:71:87:5b:70: 91:aa:48:82:58:36:a9:8f:8e:db:e8:f4:4c:71:a4: 76:06:4d:1f:7f:2c:c3:1a:4d:b6:85:e4:0b:6b:6c: 9f:a2:8c:04:be:83:85:b0:3b:85:24:5f:a4:71:84: 55:99:b4:83:bd:5e:d6:26:c2:d5:90:6c:32:ea:86: 9f:38:d1:74:e1:8c:82:a2:09:b2:c6:5b:87:d7:9e: e3:10:c2:3d:94:ae:a1:40:22:36:1b:5e:d0:02:30: 91:ce:e6:ea:0b:31:d9:6d:dc:aa:1d:da:b0:9d:56: 63:53:c3:7e:14:8b:f0:98:b7:f2:9e:0a:0a:c7:ad: f4:66:4d:f6:a1:27:9a:98:35:34:ca:a9:6b:5b:9c: 67:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:B3:7C:5A:3E:CC:B1:04:87:69:84:1B:4D:05:DA:85:4F:22:46:01 X509v3 Authority Key Identifier: keyid:3F:9A:12:10:F5:09:92:23:9D:3A:7F:2E:5E:80:13:B5:AB:49:1F:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5oSEPUJkiOdOn8uXoATtatJH_8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/14a5e8-f3bf-42f9-a285-a8734f703b98/1/P5oSEPUJkiOdOn8uXoATtatJH_8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e0:0a:3e:dc:9c:96:1b:f8:ae:80:16:14:66:b3:7a:ce:ac:95: 8f:f7:c0:29:de:84:8c:07:c2:54:c6:bc:79:6f:15:04:c2:84: dc:e0:87:c2:c6:94:14:14:1b:06:57:b0:a4:83:1b:dd:20:6f: 21:28:8d:da:17:7c:9d:14:96:f3:e9:56:36:01:3f:0d:6e:67: 22:52:0f:b8:b9:7c:74:17:55:dd:73:d2:12:6a:61:3b:ad:e0: 79:61:95:87:be:b9:fb:89:e3:42:ff:96:ea:e5:db:65:d2:38: c7:2a:cc:a1:b4:12:6c:9d:4a:00:c5:e7:6c:95:42:a0:af:b0: d2:84:d8:85:24:cd:2d:38:0b:d7:19:72:9b:b8:ce:15:52:ea: a6:a1:44:9e:5a:bc:0c:5b:1d:33:0a:2c:86:00:e9:b2:85:07: c9:dd:49:0c:a4:62:a6:c8:d4:3d:0d:f3:f0:82:c3:84:52:a0: 6d:b5:e0:55:e6:6b:0c:5b:e2:a8:10:d9:ff:b0:68:1e:e3:f2: f2:f2:fa:07:f5:7b:30:1b:b5:0f:24:fb:7e:b9:55:c6:ee:68: 79:16:2f:88:f1:76:9e:df:0d:39:71:d1:0e:2e:01:3d:75:11: cd:85:f1:bb:d8:48:80:58:1c:bf:f7:86:12:48:1a:af:eb:23: 33:c3:8b:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZFtJeYiqxrxStA171B3ktMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmOWExMjEwZjUwOTkyMjM5ZDNhN2YyZTVlODAxM2I1YWI0 OTFmZmYwHhcNMjUxMjEzMTkwMTI0WhcNMjUxMjE0MTkwMTI0WjAzMTEwLwYDVQQD EygxYmIzN2M1YTNlY2NiMTA0ODc2OTg0MWI0ZDA1ZGE4NTRmMjI0NjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5uO7y494kDj98tIlxx9MNE7Ojvy 1skblsmuk50o1ziS15tGco0yAOT8RYYMdklOd27+LeUe7UmP8yM2tp0WJKrVyB6y /VgEh6AIzeyBZX1us5cNCo/Z4/8y/dm9ddvczZrIITB/+57Rhkckr9uM+SAsa3GH W3CRqkiCWDapj47b6PRMcaR2Bk0ffyzDGk22heQLa2yfoowEvoOFsDuFJF+kcYRV mbSDvV7WJsLVkGwy6oafONF04YyCogmyxluH157jEMI9lK6hQCI2G17QAjCRzubq CzHZbdyqHdqwnVZjU8N+FIvwmLfyngoKx630Zk32oSeamDU0yqlrW5xngwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBuzfFo+zLEEh2mEG00F2oVPIkYBMB8GA1UdIwQY MBaAFD+aEhD1CZIjnTp/Ll6AE7WrSR//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xNGE1ZTgtZjNiZi00MmY5LWEyODUt YTg3MzRmNzAzYjk4LzEvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8xNGE1ZTgtZjNiZi00MmY5LWEyODUtYTg3MzRmNzAzYjk4 LzEvUDVvU0VQVUpraU9kT244dVhvQVR0YXRKSF84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4Ao+3JyW G/iugBYUZrN6zqyVj/fAKd6EjAfCVMa8eW8VBMKE3OCHwsaUFBQbBlewpIMb3SBv ISiN2hd8nRSW8+lWNgE/DW5nIlIPuLl8dBdV3XPSEmphO63geWGVh765+4njQv+W 6uXbZdI4xyrMobQSbJ1KAMXnbJVCoK+w0oTYhSTNLTgL1xlym7jOFVLqpqFEnlq8 DFsdMwoshgDpsoUHyd1JDKRipsjUPQ3z8ILDhFKgbbXgVeZrDFviqBDZ/7BoHuPy 8vL6B/V7MBu1DyT7frlVxu5oeRYviPF2nt8NOXHRDi4BPXURzYXxu9hIgFgcv/eG Ekgar+sjM8OL1w== -----END CERTIFICATE-----Generated at Sun Dec 14 01:58:54 2025 by rpki-client