This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft File: pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json) Hash identifier: 1sDa0b0TqbF4CYK5B8aTY92st+ZVSqOojXm0z46dFsA= Subject key identifier: C2:B8:E0:39:EC:BD:81:13:A5:3B:C9:A5:78:E9:DF:2C:6F:D6:2B:C0 Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA Certificate issuer: /CN=a714c621d57ce42e25093ece857bdb875e3aceaa Certificate serial: 019B5A1B14B37FBF0AD7396F57C74AE0C711 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft Manifest number: 0464 Signing time: Fri 26 Dec 2025 10:01:22 +0000 Manifest this update: Fri 26 Dec 2025 10:01:22 +0000 Manifest next update: Sat 27 Dec 2025 10:01:22 +0000 Files and hashes: 1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: PEy6rvMCsXF4G0NQ8yDaeyEBWarAyUCF6RpmP0HN1TM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1b:14:b3:7f:bf:0a:d7:39:6f:57:c7:4a:e0:c7:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa Validity Not Before: Dec 26 10:01:22 2025 GMT Not After : Dec 27 10:01:22 2025 GMT Subject: CN=c2b8e039ecbd8113a53bc9a578e9df2c6fd62bc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:93:c5:09:c9:c1:48:1c:ff:ca:9d:43:9b:b5: f5:2e:0e:e2:dd:f1:fe:d0:58:1a:72:2e:07:eb:b2: dc:f2:e2:fa:97:6e:da:54:3c:48:a9:0e:37:a5:f8: bd:15:62:67:d3:d8:84:27:86:7d:63:82:80:e4:80: 23:7c:b4:4c:69:ed:32:54:6a:8b:0e:7b:b0:1c:d4: 32:4a:c3:5a:c0:b8:00:2d:5d:23:4b:cf:c7:20:28: 17:d3:db:38:86:c9:c1:68:16:0b:74:10:d5:76:72: 0e:ad:83:1b:ba:c0:57:8f:1f:cb:c2:28:66:9c:3c: 05:9a:d0:85:b6:24:e1:36:d8:3d:df:af:24:7f:41: 11:71:b7:78:cb:a7:98:af:5a:d4:a6:0e:ae:dd:85: af:c5:ab:9a:31:2f:98:40:3c:15:9e:2a:e4:c3:44: b0:94:a9:9a:01:67:81:cc:6c:e1:21:66:5c:9d:be: 56:1a:72:76:c7:1e:74:bb:40:c7:aa:d5:97:1c:56: 33:96:cd:37:62:79:aa:6d:49:c0:f6:f9:b3:dc:32: 27:e0:21:e4:cd:21:4a:46:06:dc:9a:91:0b:99:42: c5:5b:cc:c6:aa:79:35:ff:84:82:24:96:28:a3:81: 74:c8:80:1d:75:ce:88:ba:07:03:a8:d9:fb:ad:11: 1f:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:B8:E0:39:EC:BD:81:13:A5:3B:C9:A5:78:E9:DF:2C:6F:D6:2B:C0 X509v3 Authority Key Identifier: keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:84:37:f4:4a:ad:48:4f:25:64:30:40:18:1f:c9:e9:c3:11: 09:20:39:ca:d7:92:e3:99:1b:ae:55:5a:15:e8:83:4c:3f:2f: fb:44:90:08:2b:03:6d:10:27:71:3d:d5:65:5f:fe:30:1b:d5: 73:0d:7a:b6:c7:81:87:a6:15:68:91:2e:dd:b5:80:fe:96:03: 1d:b5:e9:e4:0a:85:7e:eb:f5:ee:ee:f2:94:f2:a3:65:25:82: 5b:c5:de:dc:ff:80:d5:8c:0f:6b:3d:2c:af:b4:8f:15:75:ce: cf:dd:a1:71:36:34:20:1e:26:2d:7d:c0:22:2d:19:31:1b:53: 05:17:b5:ee:34:4a:be:e0:15:cf:31:71:f2:68:a7:20:a7:2d: 14:4e:af:d4:dc:f0:e3:13:28:a7:79:78:f2:61:8a:18:ae:53: b5:c6:27:f2:1f:e8:06:02:10:55:51:1f:81:01:de:12:30:27: 20:fb:13:8c:83:f1:85:19:c1:c5:20:81:51:35:98:55:94:ad: 9d:3a:64:7b:5f:25:5e:a2:20:d1:3a:82:1e:e9:d4:f2:bf:5f: dd:21:6d:a0:29:d8:99:b7:cb:87:d3:88:61:b8:2f:28:60:1a: f3:1a:32:9b:22:98:49:82:e2:1a:f1:45:60:d2:ab:fa:d4:02: d5:a0:72:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGxSzf78K1zlvV8dK4McRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz YWNlYWEwHhcNMjUxMjI2MTAwMTIyWhcNMjUxMjI3MTAwMTIyWjAzMTEwLwYDVQQD EyhjMmI4ZTAzOWVjYmQ4MTEzYTUzYmM5YTU3OGU5ZGYyYzZmZDYyYmMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5PFCcnBSBz/yp1Dm7X1Lg7i3fH+ 0Fgaci4H67Lc8uL6l27aVDxIqQ43pfi9FWJn09iEJ4Z9Y4KA5IAjfLRMae0yVGqL DnuwHNQySsNawLgALV0jS8/HICgX09s4hsnBaBYLdBDVdnIOrYMbusBXjx/Lwihm nDwFmtCFtiThNtg9368kf0ERcbd4y6eYr1rUpg6u3YWvxauaMS+YQDwVnirkw0Sw lKmaAWeBzGzhIWZcnb5WGnJ2xx50u0DHqtWXHFYzls03YnmqbUnA9vmz3DIn4CHk zSFKRgbcmpELmULFW8zGqnk1/4SCJJYoo4F0yIAddc6IugcDqNn7rREfBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMK44DnsvYETpTvJpXjp3yxv1ivAMB8GA1UdIwQY MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYQ39Eqt SE8lZDBAGB/J6cMRCSA5yteS45kbrlVaFeiDTD8v+0SQCCsDbRAncT3VZV/+MBvV cw16tseBh6YVaJEu3bWA/pYDHbXp5AqFfuv17u7ylPKjZSWCW8Xe3P+A1YwPaz0s r7SPFXXOz92hcTY0IB4mLX3AIi0ZMRtTBRe17jRKvuAVzzFx8minIKctFE6v1Nzw 4xMop3l48mGKGK5TtcYn8h/oBgIQVVEfgQHeEjAnIPsTjIPxhRnBxSCBUTWYVZSt nTpke18lXqIg0TqCHunU8r9f3SFtoCnYmbfLh9OIYbgvKGAa8xoymyKYSYLiGvFF YNKr+tQC1aByxA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:30 2025 by rpki-client