This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft File: PxckOVmdfaUleXiZvyE7jmNVSRQ.mft (raw, json) Hash identifier: MTP/6lk415nCTd78iv0ixrXe6hX1CvYe5vYbp1DK9aI= Subject key identifier: E7:0A:94:07:52:60:CA:58:D4:06:D7:26:D0:CB:DC:41:FC:D3:C3:32 Authority key identifier: 3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14 Certificate issuer: /CN=3f172439599d7da525797899bf213b8e63554914 Certificate serial: 019B514E79EB59220E27F5556EACBF850856 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft Manifest number: 1724 Signing time: Wed 24 Dec 2025 17:00:56 +0000 Manifest this update: Wed 24 Dec 2025 17:00:56 +0000 Manifest next update: Thu 25 Dec 2025 17:00:56 +0000 Files and hashes: 1: ET0yOb6N2KPn9sEOeciwveLzfFQ.roa (hash: 5UaUVXzPjnKQ9N0meCwxNszuKgkyrbDITbh3/+eJ6rg=) 2: PxckOVmdfaUleXiZvyE7jmNVSRQ.crl (hash: BrP41llPUsX+2/L6sO7tIu1rIXH1ZHIoRnliCjZewT0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:4e:79:eb:59:22:0e:27:f5:55:6e:ac:bf:85:08:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f172439599d7da525797899bf213b8e63554914 Validity Not Before: Dec 24 17:00:56 2025 GMT Not After : Dec 25 17:00:56 2025 GMT Subject: CN=e70a94075260ca58d406d726d0cbdc41fcd3c332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:57:a2:a4:40:5a:f3:7e:a7:db:77:89:9b:b6: 1b:5c:ad:a4:6b:28:d0:26:d3:b5:96:aa:6f:40:4d: 1f:90:46:82:87:19:2a:01:78:2f:a0:2c:14:97:1f: 75:5f:d9:2d:d7:38:9f:74:a5:c2:55:19:cf:6d:8c: e4:98:76:61:17:be:90:3a:bb:83:38:a2:e3:fc:4f: c1:9e:aa:30:e4:a4:2f:aa:da:f2:c9:08:0b:6d:9c: a4:57:80:a3:60:ac:88:24:f6:42:ac:b0:89:4b:96: b2:bd:b9:dc:5b:ff:69:2d:1b:21:b2:5b:e9:f3:54: c6:e2:37:cc:0a:4e:a1:f7:95:a9:04:0c:24:b2:1c: 58:7b:72:b8:b6:32:de:fc:24:af:45:8a:54:29:6d: ff:09:81:6b:bc:a9:5d:d4:c6:b7:5e:cc:f7:b8:76: 18:83:0d:a3:ac:54:3e:bf:6e:e0:42:ba:75:2e:72: 4d:17:88:ad:c3:fc:06:68:54:65:9b:9e:72:e0:23: 9a:50:14:5a:e2:8e:e6:7c:e1:11:0a:cf:eb:c2:e5: 75:be:cc:d4:e2:77:a1:5e:c2:d9:87:0e:93:11:7a: b7:d4:5c:01:bd:b9:d6:62:2a:80:4e:f2:fb:f2:d8: 5d:ca:47:ad:91:fb:20:6f:1f:62:89:d4:13:a6:c3: b8:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:0A:94:07:52:60:CA:58:D4:06:D7:26:D0:CB:DC:41:FC:D3:C3:32 X509v3 Authority Key Identifier: keyid:3F:17:24:39:59:9D:7D:A5:25:79:78:99:BF:21:3B:8E:63:55:49:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxckOVmdfaUleXiZvyE7jmNVSRQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9f9aa9-09c0-48cc-b0a1-887331efb715/1/PxckOVmdfaUleXiZvyE7jmNVSRQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:d1:c6:c5:e3:7b:2a:91:6d:34:a8:fe:bc:4e:c6:46:72:0b: 16:50:9e:55:a7:b4:ad:c3:dd:b8:e1:60:12:af:0d:ce:8e:4e: 36:c7:f4:34:da:24:90:7a:b7:95:4a:ba:ca:c0:b1:11:97:d8: d3:cb:c2:b9:93:74:28:51:f8:8a:71:14:3a:3d:cb:93:91:87: b2:52:71:4f:a0:09:8c:39:3a:79:f1:5c:8f:f2:84:98:41:4e: 71:42:41:00:b8:a5:95:2f:d2:5b:c1:b2:f4:a4:8e:64:3a:d5: d5:cd:01:59:b9:39:46:bb:ba:11:39:6e:5f:7e:52:58:e7:6e: 92:49:1d:97:9f:57:7b:65:a4:29:3a:4e:9d:6b:92:ae:fa:3c: f5:92:ea:cd:c7:36:a4:eb:f0:43:74:25:25:ca:68:ff:4f:ab: 96:41:91:1f:58:64:3a:e1:a2:13:d4:b9:cd:0f:99:0a:b0:1a: 77:ee:45:60:9f:6e:07:5f:71:6b:c4:c9:a3:40:ba:91:2e:06: e1:ec:32:98:c3:8c:39:5d:de:64:13:f1:5b:b8:9c:04:8d:89: 42:9e:e0:58:d9:66:53:00:1b:98:3a:05:30:17:80:69:6a:c9: 15:a2:58:ed:88:d3:c5:c5:4c:2f:dc:39:b4:9c:a3:fd:4a:f3: 72:f0:7d:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRTnnrWSIOJ/VVbqy/hQhWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmMTcyNDM5NTk5ZDdkYTUyNTc5Nzg5OWJmMjEzYjhlNjM1 NTQ5MTQwHhcNMjUxMjI0MTcwMDU2WhcNMjUxMjI1MTcwMDU2WjAzMTEwLwYDVQQD EyhlNzBhOTQwNzUyNjBjYTU4ZDQwNmQ3MjZkMGNiZGM0MWZjZDNjMzMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVeipEBa836n23eJm7YbXK2kayjQ JtO1lqpvQE0fkEaChxkqAXgvoCwUlx91X9kt1zifdKXCVRnPbYzkmHZhF76QOruD OKLj/E/Bnqow5KQvqtryyQgLbZykV4CjYKyIJPZCrLCJS5ayvbncW/9pLRshslvp 81TG4jfMCk6h95WpBAwkshxYe3K4tjLe/CSvRYpUKW3/CYFrvKld1Ma3Xsz3uHYY gw2jrFQ+v27gQrp1LnJNF4itw/wGaFRlm55y4COaUBRa4o7mfOERCs/rwuV1vszU 4nehXsLZhw6TEXq31FwBvbnWYiqATvL78thdyketkfsgbx9iidQTpsO4kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOcKlAdSYMpY1AbXJtDL3EH808MyMB8GA1UdIwQY MBaAFD8XJDlZnX2lJXl4mb8hO45jVUkUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEt ODg3MzMxZWZiNzE1LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi85ZjlhYTktMDljMC00OGNjLWIwYTEtODg3MzMxZWZiNzE1 LzEvUHhja09WbWRmYVVsZVhpWnZ5RTdqbU5WU1JRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAldHGxeN7 KpFtNKj+vE7GRnILFlCeVae0rcPduOFgEq8Nzo5ONsf0NNokkHq3lUq6ysCxEZfY 08vCuZN0KFH4inEUOj3Lk5GHslJxT6AJjDk6efFcj/KEmEFOcUJBALillS/SW8Gy 9KSOZDrV1c0BWbk5Rru6ETluX35SWOdukkkdl59Xe2WkKTpOnWuSrvo89ZLqzcc2 pOvwQ3QlJcpo/0+rlkGRH1hkOuGiE9S5zQ+ZCrAad+5FYJ9uB19xa8TJo0C6kS4G 4ewymMOMOV3eZBPxW7icBI2JQp7gWNlmUwAbmDoFMBeAaWrJFaJY7YjTxcVML9w5 tJyj/UrzcvB9rA== -----END CERTIFICATE-----Generated at Wed Dec 24 23:52:20 2025 by rpki-client