This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.mft File: PXD-HXX32nbS49w0T7HwsLad4AE.mft (raw, json) Hash identifier: FuUne9xSW2bX/J6I3YgBuxGl/6LlKYKBhnO85SLSHG0= Subject key identifier: 08:26:E5:6C:E2:1B:7C:35:5D:4A:A4:B0:C1:ED:25:4C:39:29:0F:67 Authority key identifier: 3D:70:FE:1D:75:F7:DA:76:D2:E3:DC:34:4F:B1:F0:B0:B6:9D:E0:01 Certificate issuer: /CN=3d70fe1d75f7da76d2e3dc344fb1f0b0b69de001 Certificate serial: 019B2B1C4D48BBB50006306017FEDD810411 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXD-HXX32nbS49w0T7HwsLad4AE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.mft Manifest number: 16ED Signing time: Wed 17 Dec 2025 07:00:33 +0000 Manifest this update: Wed 17 Dec 2025 07:00:33 +0000 Manifest next update: Thu 18 Dec 2025 07:00:33 +0000 Files and hashes: 1: PXD-HXX32nbS49w0T7HwsLad4AE.crl (hash: Dwiwf+1QNfxIGuVsO7J64H0zho2nV/NF4QXiOr1Cdxo=) 2: qcINREJGIFWN3YXOgtNuqjCBfnY.roa (hash: 1gG5XU0DGFtKFXRvNOA96XCA/EPC9XB/rEykj9F+ocs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.mft rsync://rpki.ripe.net/repository/DEFAULT/PXD-HXX32nbS49w0T7HwsLad4AE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:1c:4d:48:bb:b5:00:06:30:60:17:fe:dd:81:04:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d70fe1d75f7da76d2e3dc344fb1f0b0b69de001 Validity Not Before: Dec 17 07:00:33 2025 GMT Not After : Dec 18 07:00:33 2025 GMT Subject: CN=0826e56ce21b7c355d4aa4b0c1ed254c39290f67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:7e:53:7b:d3:fe:1a:2d:75:98:ef:fe:60:b7: a2:50:67:23:2b:af:a4:20:d7:6a:d1:71:9d:ec:b6: 27:e6:d8:0e:45:8e:19:76:c1:00:1e:e0:2c:32:0f: c7:b2:e4:bb:d2:6b:a1:56:1a:d8:be:f6:bc:9f:2e: 1f:57:4d:fc:ab:11:0b:be:fc:a4:0c:4b:ec:c1:1a: 4f:d3:3f:48:ff:2b:28:59:92:4b:57:87:7b:08:c3: 97:78:e6:6a:79:ff:be:7b:b5:9d:0e:89:6f:f7:40: 78:b2:d4:ad:d7:d0:8a:53:8c:02:28:5a:8b:75:9f: 71:ab:ce:9c:1b:2c:2d:2e:7f:ea:5d:2e:d4:c0:31: 86:f1:e3:72:3c:7c:4a:93:da:15:fe:34:fa:bf:eb: be:12:aa:7f:db:59:16:d2:61:03:28:7d:3e:77:5c: 91:74:45:ac:8c:aa:2a:12:ee:9f:dd:60:19:36:bc: 11:0a:4c:55:5f:75:d7:cb:af:47:5c:d4:7c:44:b0: ab:c1:fc:df:d9:b4:e8:1b:87:e7:85:57:fc:5e:08: fd:d4:7c:8c:81:e2:f4:7b:5c:f8:2d:79:d8:7c:67: 4e:e8:b5:d1:54:d0:c7:f8:b9:9e:90:16:3e:f9:bb: 4a:3b:b6:ef:0b:4e:b2:39:4c:d5:c3:4f:b5:9b:4e: f2:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:26:E5:6C:E2:1B:7C:35:5D:4A:A4:B0:C1:ED:25:4C:39:29:0F:67 X509v3 Authority Key Identifier: keyid:3D:70:FE:1D:75:F7:DA:76:D2:E3:DC:34:4F:B1:F0:B0:B6:9D:E0:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXD-HXX32nbS49w0T7HwsLad4AE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2456e5-61dd-4ae3-a24f-b852bd8123f0/1/PXD-HXX32nbS49w0T7HwsLad4AE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:2f:86:7c:8b:a9:db:8a:ba:a5:11:62:ff:c0:18:dd:ec:e0: 59:ac:b9:57:35:2d:4c:c1:5d:6c:90:74:c3:10:a9:68:e3:bd: 5c:3d:ff:5a:ff:2a:c2:a4:0c:8b:08:a8:bf:7a:11:e9:78:ea: 25:ca:f5:3f:5b:f3:58:47:51:a5:fe:2d:77:df:a5:a7:a2:ca: 8f:85:5c:f3:17:f5:6d:df:a4:7b:b2:c1:78:ae:65:9b:7e:79: fe:03:c3:6e:a7:98:a1:26:15:f5:9e:78:f8:8f:73:ca:1e:c0: 45:2b:f2:d6:59:e1:cc:66:99:5b:97:0f:0f:02:10:83:c9:5a: d3:06:9f:76:6e:86:43:7c:bb:fe:96:1d:42:dd:c3:68:a6:34: a5:7f:14:93:aa:5c:33:f8:b6:1c:fa:59:ae:5a:35:7e:41:cc: ff:b5:61:c5:22:d8:b3:07:36:54:4b:0d:8a:d9:c3:b8:a8:90: 96:dd:84:db:99:e1:f0:79:a1:97:ca:88:6e:d7:c0:e9:f0:47: 3b:46:cc:3a:f1:d5:2c:8d:ec:c4:28:4b:e8:e5:0e:71:e7:85: 5a:30:f1:5d:87:25:35:3d:26:0e:90:91:8d:ff:1f:32:9a:b8: 00:a8:3e:82:6b:ff:84:1b:79:71:3f:f6:5a:f3:30:54:91:53: 73:ac:78:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrHE1Iu7UABjBgF/7dgQQRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNzBmZTFkNzVmN2RhNzZkMmUzZGMzNDRmYjFmMGIwYjY5 ZGUwMDEwHhcNMjUxMjE3MDcwMDMzWhcNMjUxMjE4MDcwMDMzWjAzMTEwLwYDVQQD EygwODI2ZTU2Y2UyMWI3YzM1NWQ0YWE0YjBjMWVkMjU0YzM5MjkwZjY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H5Te9P+Gi11mO/+YLeiUGcjK6+k INdq0XGd7LYn5tgORY4ZdsEAHuAsMg/HsuS70muhVhrYvva8ny4fV038qxELvvyk DEvswRpP0z9I/ysoWZJLV4d7CMOXeOZqef++e7WdDolv90B4stSt19CKU4wCKFqL dZ9xq86cGywtLn/qXS7UwDGG8eNyPHxKk9oV/jT6v+u+Eqp/21kW0mEDKH0+d1yR dEWsjKoqEu6f3WAZNrwRCkxVX3XXy69HXNR8RLCrwfzf2bToG4fnhVf8Xgj91HyM geL0e1z4LXnYfGdO6LXRVNDH+LmekBY++btKO7bvC06yOUzVw0+1m07ybQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAgm5WziG3w1XUqksMHtJUw5KQ9nMB8GA1UdIwQY MBaAFD1w/h1199p20uPcNE+x8LC2neABMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFhELUhYWDMybmJTNDl3MFQ3SHdzTGFkNEFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yNDU2ZTUtNjFkZC00YWUzLWEyNGYt Yjg1MmJkODEyM2YwLzEvUFhELUhYWDMybmJTNDl3MFQ3SHdzTGFkNEFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC8yNDU2ZTUtNjFkZC00YWUzLWEyNGYtYjg1MmJkODEyM2Yw LzEvUFhELUhYWDMybmJTNDl3MFQ3SHdzTGFkNEFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGy+GfIup 24q6pRFi/8AY3ezgWay5VzUtTMFdbJB0wxCpaOO9XD3/Wv8qwqQMiwiov3oR6Xjq Jcr1P1vzWEdRpf4td9+lp6LKj4Vc8xf1bd+ke7LBeK5lm355/gPDbqeYoSYV9Z54 +I9zyh7ARSvy1lnhzGaZW5cPDwIQg8la0wafdm6GQ3y7/pYdQt3DaKY0pX8Uk6pc M/i2HPpZrlo1fkHM/7VhxSLYswc2VEsNitnDuKiQlt2E25nh8Hmhl8qIbtfA6fBH O0bMOvHVLI3sxChL6OUOceeFWjDxXYclNT0mDpCRjf8fMpq4AKg+gmv/hBt5cT/2 WvMwVJFTc6x4vw== -----END CERTIFICATE-----Generated at Wed Dec 17 09:11:30 2025 by rpki-client