This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft File: Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json) Hash identifier: ghux4/VoSw3SP4LoPMq7xSFFwP4MpDWR19BUE+MAt6Y= Subject key identifier: 3C:0D:E2:CE:74:53:BA:3E:C4:1E:28:AC:ED:FB:EF:9D:01:EB:39:65 Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52 Certificate issuer: /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52 Certificate serial: 019B5ABFA3711B0CC96DC59DDADF1E338CA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft Manifest number: 13B1 Signing time: Fri 26 Dec 2025 13:01:07 +0000 Manifest this update: Fri 26 Dec 2025 13:01:07 +0000 Manifest next update: Sat 27 Dec 2025 13:01:07 +0000 Files and hashes: 1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: B+FNMCAtENqjrMi2J2Bkxos6+gfw3zt1YLASvUh+wZI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:a3:71:1b:0c:c9:6d:c5:9d:da:df:1e:33:8c:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52 Validity Not Before: Dec 26 13:01:07 2025 GMT Not After : Dec 27 13:01:07 2025 GMT Subject: CN=3c0de2ce7453ba3ec41e28acedfbef9d01eb3965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:03:99:47:d0:44:0e:10:b4:49:af:b0:20:8f: bc:90:7c:9b:2b:03:dd:70:0f:cf:bc:52:14:44:88: 4d:71:1d:6d:c8:77:94:dc:1b:d0:5e:62:62:5e:06: b1:18:00:fa:ea:af:e6:e6:21:6c:ed:ec:b8:d4:4b: 1a:c4:d0:57:71:06:cd:eb:1f:c0:2f:21:f7:8c:8e: 8d:fa:d0:cd:00:72:57:2f:b7:11:5a:67:b5:29:7a: 5d:d8:cf:74:18:78:1f:0f:b9:bb:be:f7:03:df:67: a2:99:b1:77:da:91:f5:44:5e:64:28:17:b5:ec:cd: 41:48:92:fd:53:f6:eb:14:ea:97:bc:9d:5a:96:8d: 8c:27:f1:bd:5b:4f:3b:a0:b4:c5:1f:c8:f4:c4:92: 18:dc:ff:65:ce:01:cd:33:0e:bc:f9:a2:3d:ab:92: 5e:6c:47:cd:6d:0a:2e:f6:37:0f:2e:41:a4:54:e4: 69:cd:3f:cd:27:74:91:4d:bc:d4:83:40:f0:20:cc: 93:4c:eb:dc:a4:10:0e:eb:4b:44:46:51:31:c3:76: 25:db:70:05:77:d5:78:e5:1d:a7:bf:55:62:80:9f: 89:b3:da:71:00:c7:7d:4d:72:87:00:63:a8:02:f1: a4:91:0f:a1:ca:90:ca:ca:79:14:44:41:a9:a5:12: 3d:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:0D:E2:CE:74:53:BA:3E:C4:1E:28:AC:ED:FB:EF:9D:01:EB:39:65 X509v3 Authority Key Identifier: keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:28:a7:bb:44:8b:91:84:aa:d9:21:56:ef:69:e0:50:1e:1e: 81:df:fd:38:43:62:f2:67:97:58:21:14:52:b6:1e:95:eb:35: d2:1c:a1:50:57:38:55:2c:48:ce:36:8f:69:20:99:b5:d7:3c: ec:1b:df:4e:d9:9e:3b:7f:e8:a6:fe:16:92:27:03:e8:2e:74: 1b:6b:29:5f:e7:96:34:e1:13:2a:40:e2:78:c8:c7:cd:1b:ec: e6:c3:e1:43:53:e8:e7:57:ce:ca:60:bf:af:57:d3:c3:4d:42: f6:18:9d:9d:05:97:8a:48:8c:1e:b7:ff:f4:92:41:65:eb:e6: 62:32:f9:c1:98:94:77:96:17:aa:f9:d6:e8:53:07:04:ca:b7: e4:4d:5e:30:29:43:7d:47:57:27:90:1e:ea:1c:a8:56:f3:c5: 63:4e:d2:ec:c0:d4:d3:3d:74:4d:02:80:e5:3e:f7:d0:dc:a7: 71:c8:ba:9c:47:10:b9:1a:38:96:0d:72:42:d0:fc:8e:29:6c: 37:92:0b:75:05:ac:16:73:1a:f1:15:de:78:b1:0b:a5:eb:0c: c2:38:db:a0:25:17:4f:a1:b7:c3:25:3c:28:93:1f:98:8d:69: d8:c7:09:14:d7:73:87:40:df:63:68:d3:fb:19:85:75:be:07: 8c:f8:05:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav6NxGwzJbcWd2t8eM4yoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0 NjRlNTIwHhcNMjUxMjI2MTMwMTA3WhcNMjUxMjI3MTMwMTA3WjAzMTEwLwYDVQQD EygzYzBkZTJjZTc0NTNiYTNlYzQxZTI4YWNlZGZiZWY5ZDAxZWIzOTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAOZR9BEDhC0Sa+wII+8kHybKwPd cA/PvFIURIhNcR1tyHeU3BvQXmJiXgaxGAD66q/m5iFs7ey41EsaxNBXcQbN6x/A LyH3jI6N+tDNAHJXL7cRWme1KXpd2M90GHgfD7m7vvcD32eimbF32pH1RF5kKBe1 7M1BSJL9U/brFOqXvJ1alo2MJ/G9W087oLTFH8j0xJIY3P9lzgHNMw68+aI9q5Je bEfNbQou9jcPLkGkVORpzT/NJ3SRTbzUg0DwIMyTTOvcpBAO60tERlExw3Yl23AF d9V45R2nv1VigJ+Js9pxAMd9TXKHAGOoAvGkkQ+hypDKynkUREGppRI9lQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDwN4s50U7o+xB4orO37750B6zllMB8GA1UdIwQY MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4 LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMSinu0SL kYSq2SFW72ngUB4egd/9OENi8meXWCEUUrYeles10hyhUFc4VSxIzjaPaSCZtdc8 7BvfTtmeO3/opv4WkicD6C50G2spX+eWNOETKkDieMjHzRvs5sPhQ1Po51fOymC/ r1fTw01C9hidnQWXikiMHrf/9JJBZevmYjL5wZiUd5YXqvnW6FMHBMq35E1eMClD fUdXJ5Ae6hyoVvPFY07S7MDU0z10TQKA5T730Nyncci6nEcQuRo4lg1yQtD8jils N5ILdQWsFnMa8RXeeLELpesMwjjboCUXT6G3wyU8KJMfmI1p2McJFNdzh0DfY2jT +xmFdb4HjPgFxg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:15:38 2025 by rpki-client