This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft File: PBnm8n2SgJXlYN52ePKONFnVWUc.mft (raw, json) Hash identifier: +Sn0PyQjYr6+rJqtVeqQYk1l9Cjjaqa9HSyoEEbxUCM= Subject key identifier: 20:00:9D:49:79:71:34:86:FF:AD:6D:B6:5D:65:1A:64:52:12:4A:2D Authority key identifier: 3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47 Certificate issuer: /CN=3c19e6f27d928095e560de7678f28e3459d55947 Certificate serial: 019B0E25D51C4F140EEB1DE357086D60A26B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft Manifest number: 0283 Signing time: Thu 11 Dec 2025 16:01:58 +0000 Manifest this update: Thu 11 Dec 2025 16:01:58 +0000 Manifest next update: Fri 12 Dec 2025 16:01:58 +0000 Files and hashes: 1: PBnm8n2SgJXlYN52ePKONFnVWUc.crl (hash: EycKwEqHG37LNLm1TuEBmJATzh0XG1g7UOe5sxN18Fw=) 2: QmVb0SoXYnlMedY0w_3_iXHpV1g.roa (hash: a3gXOD/NjdWHnE6P9SQzEQhqDOtbuugfMMDorP0aI2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:25:d5:1c:4f:14:0e:eb:1d:e3:57:08:6d:60:a2:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c19e6f27d928095e560de7678f28e3459d55947 Validity Not Before: Dec 11 16:01:58 2025 GMT Not After : Dec 12 16:01:58 2025 GMT Subject: CN=20009d4979713486ffad6db65d651a6452124a2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ab:43:e8:30:93:1e:ca:b0:2d:18:71:85:a8: 85:4b:65:ad:4a:49:13:c5:6b:f6:90:c5:6b:95:24: e9:15:b2:6b:ae:d1:ed:7a:65:7d:4d:81:6b:56:31: 4d:dc:de:8f:92:e2:30:ed:a7:e2:62:a4:82:46:73: 6b:1e:37:71:61:e6:14:e0:79:a9:ac:0e:59:ab:42: dd:c2:18:5e:e4:b2:71:17:84:dc:64:21:47:53:0d: 8f:94:b8:a8:e0:26:77:fd:cb:e6:fe:8e:b3:97:e9: 85:a2:a6:aa:c8:ad:dd:af:97:de:3c:c7:7f:55:1c: e3:18:65:44:57:b9:c4:a6:ae:f1:a0:43:ee:9e:43: 14:91:e7:eb:79:90:f7:5a:15:40:f4:8b:fb:db:27: 84:1a:69:4b:8a:5c:eb:af:37:29:98:cf:22:5e:fc: 59:5d:32:d1:bf:34:ec:fd:25:46:7b:bc:c4:24:5d: 45:ea:35:1b:ab:a8:e2:97:66:76:85:19:9d:51:aa: 0d:b9:c0:fb:27:d7:67:c0:70:80:1d:9d:4c:6c:0a: d1:1b:42:eb:be:48:32:cf:1d:24:b5:27:56:62:d6: bf:2b:f1:bc:dc:f4:0c:98:5a:2e:54:68:e3:80:e3: 35:c9:c0:b9:00:d6:cb:f5:25:fd:8f:9c:b6:f5:ba: 0c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:00:9D:49:79:71:34:86:FF:AD:6D:B6:5D:65:1A:64:52:12:4A:2D X509v3 Authority Key Identifier: keyid:3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:d4:9c:e7:ee:06:29:1a:57:ec:81:3e:b5:a3:df:fa:a4:f9: 4e:c5:fa:6a:ce:d4:58:c7:b7:3e:c4:eb:47:7e:aa:cf:1c:51: f1:97:48:7b:2b:2f:cc:6b:30:b2:65:17:4c:87:97:ee:2c:0f: d7:14:9b:06:db:8e:42:f9:65:5d:a6:24:70:cd:03:ab:68:98: 76:50:3f:de:c9:40:8a:12:56:17:e8:90:25:23:af:4e:3f:6b: 4a:1b:12:64:d7:80:6c:b0:c6:9f:6b:2f:14:c0:b8:a1:18:a6: 43:fc:3f:e6:44:10:0a:75:24:fd:43:98:a9:0d:03:6b:37:18: 9a:90:a2:a3:da:8e:7f:9b:7f:04:15:22:80:b6:db:5c:ed:3e: da:41:99:fa:95:49:55:63:11:00:b7:e5:e9:60:fd:87:9f:b4: 32:79:e1:90:11:0a:2d:9d:e7:ed:f1:89:01:00:c0:ee:05:ba: 79:bd:fd:9c:28:20:93:92:91:be:33:14:f2:77:61:82:18:2f: b6:05:b9:8a:ff:b0:71:19:fd:93:33:50:85:25:05:0c:f9:72: c1:34:2b:8c:99:2c:c6:7d:47:d5:9e:11:e0:70:fc:ef:ca:cf: 0f:96:b5:cf:e3:2d:8e:15:b3:27:19:50:31:bb:14:ca:c5:79: df:af:56:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJdUcTxQO6x3jVwhtYKJrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMTllNmYyN2Q5MjgwOTVlNTYwZGU3Njc4ZjI4ZTM0NTlk NTU5NDcwHhcNMjUxMjExMTYwMTU4WhcNMjUxMjEyMTYwMTU4WjAzMTEwLwYDVQQD EygyMDAwOWQ0OTc5NzEzNDg2ZmZhZDZkYjY1ZDY1MWE2NDUyMTI0YTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKtD6DCTHsqwLRhxhaiFS2WtSkkT xWv2kMVrlSTpFbJrrtHtemV9TYFrVjFN3N6PkuIw7afiYqSCRnNrHjdxYeYU4Hmp rA5Zq0Ldwhhe5LJxF4TcZCFHUw2PlLio4CZ3/cvm/o6zl+mFoqaqyK3dr5fePMd/ VRzjGGVEV7nEpq7xoEPunkMUkefreZD3WhVA9Iv72yeEGmlLilzrrzcpmM8iXvxZ XTLRvzTs/SVGe7zEJF1F6jUbq6jil2Z2hRmdUaoNucD7J9dnwHCAHZ1MbArRG0Lr vkgyzx0ktSdWYta/K/G83PQMmFouVGjjgOM1ycC5ANbL9SX9j5y29boMiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCAAnUl5cTSG/61ttl1lGmRSEkotMB8GA1UdIwQY MBaAFDwZ5vJ9koCV5WDednjyjjRZ1VlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMt NzkyN2RlNTM5MzY0LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMtNzkyN2RlNTM5MzY0 LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNSc5+4G KRpX7IE+taPf+qT5TsX6as7UWMe3PsTrR36qzxxR8ZdIeysvzGswsmUXTIeX7iwP 1xSbBtuOQvllXaYkcM0Dq2iYdlA/3slAihJWF+iQJSOvTj9rShsSZNeAbLDGn2sv FMC4oRimQ/w/5kQQCnUk/UOYqQ0DazcYmpCio9qOf5t/BBUigLbbXO0+2kGZ+pVJ VWMRALfl6WD9h5+0MnnhkBEKLZ3n7fGJAQDA7gW6eb39nCggk5KRvjMU8ndhghgv tgW5iv+wcRn9kzNQhSUFDPlywTQrjJksxn1H1Z4R4HD878rPD5a1z+MtjhWzJxlQ MbsUysV5369WSg== -----END CERTIFICATE-----Generated at Fri Dec 12 00:29:10 2025 by rpki-client