This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft File: PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json) Hash identifier: G5lmJMfVj0ME7eS0tuZlzNhpNRmqvWbABIgV70Jzibc= Subject key identifier: B3:8D:1E:B5:92:6B:30:E3:E0:B0:EE:4D:D3:4B:E4:4F:E2:91:B6:70 Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6 Certificate issuer: /CN=3c41ea44178a702c507000023d14a9f9c47260e6 Certificate serial: 019B6CC6821C030A497880A62912BF608DB4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft Manifest number: 11A5 Signing time: Tue 30 Dec 2025 01:01:47 +0000 Manifest this update: Tue 30 Dec 2025 01:01:47 +0000 Manifest next update: Wed 31 Dec 2025 01:01:47 +0000 Files and hashes: 1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: /JkHHyuQKSdsQWuUOtQuOrYn6aCpv46/ubV6/9ye++U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c6:82:1c:03:0a:49:78:80:a6:29:12:bf:60:8d:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6 Validity Not Before: Dec 30 01:01:47 2025 GMT Not After : Dec 31 01:01:47 2025 GMT Subject: CN=b38d1eb5926b30e3e0b0ee4dd34be44fe291b670 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f3:ee:9e:9d:74:80:be:37:96:95:4a:15:56: 3e:16:9f:15:d9:bc:ca:f9:40:b0:10:6a:f4:d7:1c: ad:b8:e0:01:e1:02:e7:21:68:93:c9:e2:a5:84:73: d2:42:d2:ca:f0:6d:af:49:12:10:35:ed:f3:f9:67: 2f:83:7d:7d:dd:26:8e:3c:5c:4f:8b:2b:6c:e5:84: 3d:04:1b:b8:f2:c9:2a:71:0f:4b:e5:3d:1c:e7:2a: ed:95:cf:d7:e7:a9:2b:3d:d9:d4:ef:aa:dd:65:3c: 0c:c9:a1:ac:40:e1:fc:8b:f2:7b:2b:56:bc:2d:86: 6c:c3:ea:25:a8:7b:9b:50:98:00:ab:6c:be:2b:41: df:9c:6b:1c:19:4b:1d:5b:9c:03:fc:42:cb:49:2e: d8:23:bc:b7:4f:06:77:13:3e:6a:f4:1a:e8:c1:5c: 1e:65:a7:f9:31:9c:cd:c8:9f:7f:5e:e4:1a:38:12: 7a:7f:ee:b7:f0:67:3d:3c:ce:7a:f8:d6:49:90:c1: 00:4f:4e:a7:35:92:1d:1b:30:46:3a:dc:a5:66:32: bb:02:81:98:6f:4b:00:ec:51:a0:be:b9:88:82:bb: f4:88:4c:a7:c0:89:e3:2a:1c:60:a1:99:ec:14:e3: 4d:52:65:7e:d6:d8:c1:49:06:ff:1c:f2:d7:4f:e8: 15:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:8D:1E:B5:92:6B:30:E3:E0:B0:EE:4D:D3:4B:E4:4F:E2:91:B6:70 X509v3 Authority Key Identifier: keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:c9:59:8c:bc:7d:bf:59:ed:d0:07:88:d4:31:e7:03:86:a4: 63:71:5b:46:c2:36:f2:50:72:fd:b0:4d:d9:ce:9b:9c:d7:ee: f9:88:1c:4a:fb:5b:d2:0d:de:61:e3:e6:2f:37:7c:45:42:ba: f0:36:03:ea:59:91:c8:ab:a3:be:da:1c:35:7d:c0:b7:92:56: 8c:6a:9d:f2:b0:15:b3:3f:bd:a6:20:69:4c:19:8a:38:5d:da: 4e:19:a2:05:bc:a7:ef:a4:c0:25:97:43:d7:3c:ad:7a:dc:a6: 4e:8c:26:1e:eb:fc:98:a4:08:c6:de:c9:a4:dd:93:91:1e:25: ed:d6:80:7c:33:68:51:ee:7c:46:92:c7:ec:2f:3d:c0:1c:e4: c3:c9:55:7c:ab:8b:ed:37:80:eb:28:23:35:89:1b:aa:fa:78: b0:1b:db:e2:b7:f1:64:2d:95:73:f3:68:15:94:91:a6:8f:88: 9a:ce:56:ab:f7:d2:b3:51:bc:0a:38:89:fb:83:72:c4:c2:96: 32:b3:25:ff:5e:f8:15:0b:65:ea:6e:bb:81:4b:66:f0:f7:5a: 19:e6:90:ee:5a:9b:27:b6:0e:38:3d:31:36:f4:dc:3c:bd:4e: 9d:78:77:e9:eb:02:f7:f4:35:51:37:3c:25:5b:7e:f9:b3:67: c3:d6:e2:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxoIcAwpJeICmKRK/YI20MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3 MjYwZTYwHhcNMjUxMjMwMDEwMTQ3WhcNMjUxMjMxMDEwMTQ3WjAzMTEwLwYDVQQD EyhiMzhkMWViNTkyNmIzMGUzZTBiMGVlNGRkMzRiZTQ0ZmUyOTFiNjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/Punp10gL43lpVKFVY+Fp8V2bzK +UCwEGr01xytuOAB4QLnIWiTyeKlhHPSQtLK8G2vSRIQNe3z+Wcvg3193SaOPFxP iyts5YQ9BBu48skqcQ9L5T0c5yrtlc/X56krPdnU76rdZTwMyaGsQOH8i/J7K1a8 LYZsw+olqHubUJgAq2y+K0HfnGscGUsdW5wD/ELLSS7YI7y3TwZ3Ez5q9BrowVwe Zaf5MZzNyJ9/XuQaOBJ6f+638Gc9PM56+NZJkMEAT06nNZIdGzBGOtylZjK7AoGY b0sA7FGgvrmIgrv0iEynwInjKhxgoZnsFONNUmV+1tjBSQb/HPLXT+gVaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLONHrWSazDj4LDuTdNL5E/ikbZwMB8GA1UdIwQY MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPslZjLx9 v1nt0AeI1DHnA4akY3FbRsI28lBy/bBN2c6bnNfu+YgcSvtb0g3eYePmLzd8RUK6 8DYD6lmRyKujvtocNX3At5JWjGqd8rAVsz+9piBpTBmKOF3aThmiBbyn76TAJZdD 1zytetymTowmHuv8mKQIxt7JpN2TkR4l7daAfDNoUe58RpLH7C89wBzkw8lVfKuL 7TeA6ygjNYkbqvp4sBvb4rfxZC2Vc/NoFZSRpo+Ims5Wq/fSs1G8CjiJ+4NyxMKW MrMl/174FQtl6m67gUtm8PdaGeaQ7lqbJ7YOOD0xNvTcPL1OnXh36esC9/Q1UTc8 JVt++bNnw9bi1w== -----END CERTIFICATE-----Generated at Tue Dec 30 08:52:27 2025 by rpki-client