This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft File: PqU6yajcRG-34BE7aLOOlwwZ98w.mft (raw, json) Hash identifier: 62zD0CouOhB9zfcxbNVURgTWDC29OUJzs+jSjMLwGKw= Subject key identifier: CB:88:17:A8:2B:59:14:D9:3E:D4:40:79:CA:29:59:8D:DF:00:82:1E Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc Certificate serial: 019B45138BF88A71553BF59ED3D1F1794088 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft Manifest number: 171A Signing time: Mon 22 Dec 2025 08:01:07 +0000 Manifest this update: Mon 22 Dec 2025 08:01:07 +0000 Manifest next update: Tue 23 Dec 2025 08:01:07 +0000 Files and hashes: 1: PqU6yajcRG-34BE7aLOOlwwZ98w.crl (hash: m00J5sBXvbMQgmd5y3Yn4FAN782qluAxB3vf7tm8HzU=) 2: ZFcvFlhDWryyoXWXMpIDlrIOANM.roa (hash: vf4LDljSHDeogKMO6SAS7Y9xTDtYGGINc31+p97CZuM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 08:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:13:8b:f8:8a:71:55:3b:f5:9e:d3:d1:f1:79:40:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc Validity Not Before: Dec 22 08:01:07 2025 GMT Not After : Dec 23 08:01:07 2025 GMT Subject: CN=cb8817a82b5914d93ed44079ca29598ddf00821e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:da:33:4d:ef:b9:16:96:7c:94:b8:6b:21:3f: 37:9a:83:69:0d:8c:16:28:a5:ed:8d:76:6d:67:61: 65:69:85:cd:47:fe:5b:68:a1:21:91:88:4b:ef:ce: 06:10:1b:0a:4c:71:85:ea:88:95:87:2f:fb:f6:19: 1d:23:6e:0a:ef:3f:6b:f1:c7:4c:46:93:81:d4:39: 04:c4:c5:7d:82:fa:24:be:ff:61:f6:44:bd:a1:20: 15:e7:eb:46:ca:1e:d5:32:77:40:12:34:84:15:3f: 3c:4a:96:61:0f:c7:40:79:d0:ec:26:6c:09:eb:05: 9d:aa:53:31:b2:60:f3:dd:4c:f1:6b:84:fa:a7:7e: 70:31:eb:23:98:34:61:51:13:c5:7b:bb:6c:89:bb: 9d:db:1e:46:13:b9:7b:62:6e:ca:c4:3d:49:ef:f4: d2:f9:2a:81:54:5b:34:e6:45:88:56:5d:2a:e9:41: 05:1d:17:cf:28:76:e7:3f:9a:d8:2c:c0:19:8d:28: 21:6f:84:6f:1c:73:81:f8:31:f3:63:e1:bc:43:9c: 11:81:50:2e:05:71:a7:93:86:2e:c8:dc:bf:20:8f: 86:45:d9:fa:39:6c:df:12:89:85:3b:f8:96:17:d2: 23:ec:74:a6:60:36:9a:e7:3e:3f:80:c4:fc:eb:32: a0:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:88:17:A8:2B:59:14:D9:3E:D4:40:79:CA:29:59:8D:DF:00:82:1E X509v3 Authority Key Identifier: keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b3:2c:74:08:aa:26:a5:c7:d3:b5:ad:09:bb:86:6a:18:16:7f: b2:12:b3:ed:c3:d5:84:69:60:8a:4e:90:85:1b:75:b1:f3:db: 3c:e0:a5:75:02:bb:04:77:d5:f8:58:a3:6c:be:c4:f8:c2:9e: d5:7d:c9:c0:c4:63:96:5d:9c:ff:9c:f1:96:c0:81:9e:c8:14: 8f:24:3e:5e:b3:f3:2f:5f:98:36:ca:56:10:59:97:2f:60:44: d8:35:c6:bd:5e:05:14:9e:e9:4e:fa:dd:43:90:af:b2:58:5f: 02:f6:74:a8:a5:5c:d1:b1:c4:f6:cf:21:f2:a0:f7:3a:f1:c8: 4e:db:3c:91:4e:05:15:9e:31:82:6a:af:cc:50:5f:ef:65:30: aa:77:cc:dc:61:2d:49:8c:d0:93:d4:18:1d:06:c0:91:5e:d7: 8d:cf:e6:ba:0e:13:c4:88:42:75:86:c8:b6:2d:7b:a6:f6:69: 1a:d8:8c:cb:bb:8b:c7:94:a5:8a:04:dd:8d:a6:ff:40:9b:59: 17:ef:47:d6:70:d1:5d:53:fd:e4:da:6f:9f:96:aa:54:39:54: 09:e0:9b:fb:85:8b:82:b9:a1:40:af:d2:9e:04:fa:ab:6b:ea: 56:b4:6b:89:66:98:3a:5c:ef:b0:30:b6:47:86:f9:e4:ae:db: 6a:2d:7c:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFE4v4inFVO/We09HxeUCIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx OWY3Y2MwHhcNMjUxMjIyMDgwMTA3WhcNMjUxMjIzMDgwMTA3WjAzMTEwLwYDVQQD EyhjYjg4MTdhODJiNTkxNGQ5M2VkNDQwNzljYTI5NTk4ZGRmMDA4MjFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dozTe+5FpZ8lLhrIT83moNpDYwW KKXtjXZtZ2FlaYXNR/5baKEhkYhL784GEBsKTHGF6oiVhy/79hkdI24K7z9r8cdM RpOB1DkExMV9gvokvv9h9kS9oSAV5+tGyh7VMndAEjSEFT88SpZhD8dAedDsJmwJ 6wWdqlMxsmDz3Uzxa4T6p35wMesjmDRhURPFe7tsibud2x5GE7l7Ym7KxD1J7/TS +SqBVFs05kWIVl0q6UEFHRfPKHbnP5rYLMAZjSghb4RvHHOB+DHzY+G8Q5wRgVAu BXGnk4YuyNy/II+GRdn6OWzfEomFO/iWF9Ij7HSmYDaa5z4/gMT86zKgjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMuIF6grWRTZPtRAecopWY3fAIIeMB8GA1UdIwQY MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct MzUxYzIxMTkyYzY1LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1 LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsyx0CKom pcfTta0Ju4ZqGBZ/shKz7cPVhGlgik6QhRt1sfPbPOCldQK7BHfV+FijbL7E+MKe 1X3JwMRjll2c/5zxlsCBnsgUjyQ+XrPzL1+YNspWEFmXL2BE2DXGvV4FFJ7pTvrd Q5CvslhfAvZ0qKVc0bHE9s8h8qD3OvHITts8kU4FFZ4xgmqvzFBf72UwqnfM3GEt SYzQk9QYHQbAkV7Xjc/mug4TxIhCdYbIti17pvZpGtiMy7uLx5SligTdjab/QJtZ F+9H1nDRXVP95Npvn5aqVDlUCeCb+4WLgrmhQK/SngT6q2vqVrRriWaYOlzvsDC2 R4b55K7bai18Nw== -----END CERTIFICATE-----Generated at Mon Dec 22 14:29:53 2025 by rpki-client