This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft File: pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft (raw, json) Hash identifier: twRuW+jfM9xUarv4Dv+GE6qrQ8wEauMf8ukjMK7bfyY= Subject key identifier: 38:FA:6E:7D:22:C4:AD:1C:C9:0C:34:F0:9C:C8:A4:04:2C:2F:6E:C8 Authority key identifier: A4:AB:AF:1D:37:F0:A1:41:A8:14:CA:02:FC:01:E3:D9:62:1C:73:D9 Certificate issuer: /CN=a4abaf1d37f0a141a814ca02fc01e3d9621c73d9 Certificate serial: 019B6D6A7261AD027F22FB3C2063F03A82C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft Manifest number: 1732 Signing time: Tue 30 Dec 2025 04:00:51 +0000 Manifest this update: Tue 30 Dec 2025 04:00:51 +0000 Manifest next update: Wed 31 Dec 2025 04:00:51 +0000 Files and hashes: 1: o-nYlXPYTvbWycHnP4jG4hys78s.roa (hash: +9u5uc7wAwLvJQwWxklCfmQHya0NysgfSBmasNGP6Yk=) 2: pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl (hash: NDUmvrhk/1sHHVSirLtmPG5Jaa/msByZTzwaVHAJXB0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:6a:72:61:ad:02:7f:22:fb:3c:20:63:f0:3a:82:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4abaf1d37f0a141a814ca02fc01e3d9621c73d9 Validity Not Before: Dec 30 04:00:51 2025 GMT Not After : Dec 31 04:00:51 2025 GMT Subject: CN=38fa6e7d22c4ad1cc90c34f09cc8a4042c2f6ec8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:26:53:d0:c4:bd:67:65:4b:5d:d8:8c:74:3e: d6:f6:72:ce:cf:c2:0b:2f:63:60:51:d1:fd:aa:f3: d4:62:00:44:05:93:f6:15:dc:5a:13:1e:2b:60:90: e5:3b:67:d0:d0:32:ff:19:b3:cb:4b:fa:49:fe:71: f5:c2:48:28:bd:ad:8a:87:58:2a:5a:2a:01:92:5e: 90:a7:57:e6:c4:b4:64:09:3d:7c:f8:40:06:85:1f: f2:95:8a:8c:f2:7a:5c:99:f0:88:9b:a8:e3:28:09: c6:bc:09:90:c0:6a:95:2a:56:6a:eb:d0:18:9c:39: aa:64:65:30:af:eb:07:55:c1:33:19:2f:dd:00:b7: b6:ac:f6:5d:91:a2:12:14:80:f0:00:73:b6:d4:6d: 50:e3:f7:64:c2:34:a1:ef:77:86:22:af:0a:a2:fe: 2d:85:f9:b4:c7:4b:21:5c:c8:1d:cc:ea:fa:90:e5: 2e:1c:36:08:39:5a:4e:42:f0:ab:d2:35:22:a8:2f: ba:cc:38:59:6f:08:c9:5c:10:41:f9:63:2b:b7:4f: d9:81:8c:3c:73:d5:7a:f1:8e:e7:99:89:2e:a2:7a: d3:9e:28:df:e7:81:50:70:81:49:08:39:01:8c:33: 37:f5:71:78:07:10:67:18:ef:48:3c:31:ac:fa:40: 59:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:FA:6E:7D:22:C4:AD:1C:C9:0C:34:F0:9C:C8:A4:04:2C:2F:6E:C8 X509v3 Authority Key Identifier: keyid:A4:AB:AF:1D:37:F0:A1:41:A8:14:CA:02:FC:01:E3:D9:62:1C:73:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:30:40:07:e3:54:df:6b:3e:fb:35:a0:89:08:c3:07:59:1c: 06:3c:e3:09:b5:18:71:10:60:16:ac:a4:c9:23:f4:c4:da:b4: 95:1c:71:fd:37:31:42:0e:f9:25:6a:64:6f:f2:7a:c1:c8:26: d3:54:ef:a2:8d:ed:af:6f:f6:40:c3:f0:60:c8:0a:cb:73:16: fe:e4:8e:ac:70:73:28:16:8a:34:5f:59:1a:f6:88:c0:c2:42: d4:df:28:48:9b:16:fb:41:7d:ca:1b:4e:aa:54:46:2e:d7:d7: 44:df:6a:96:92:25:cb:59:bc:ed:38:4c:45:57:39:ef:00:a7: 65:ec:52:82:d1:88:49:e6:bd:10:17:f8:19:af:0c:de:a2:78: 6e:fd:5a:95:59:51:ab:cf:94:1b:2d:3b:16:ce:c6:03:8e:9a: f7:58:d4:3d:f2:6e:38:8e:22:92:be:37:e6:36:dd:a5:7f:5a: 70:f9:f5:f4:a7:4b:55:56:e0:68:3f:20:66:43:ab:d8:2e:89: 8e:26:0a:b4:d0:81:ac:09:85:ea:e7:73:3a:25:1a:08:f2:c4: 84:30:07:19:d9:66:c2:63:a9:57:8c:22:91:f3:9f:86:97:be: 1c:65:42:a7:28:97:2d:8e:5a:88:f4:c6:b2:e7:36:02:1d:42: 9e:27:d0:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttanJhrQJ/Ivs8IGPwOoLFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0YWJhZjFkMzdmMGExNDFhODE0Y2EwMmZjMDFlM2Q5NjIx YzczZDkwHhcNMjUxMjMwMDQwMDUxWhcNMjUxMjMxMDQwMDUxWjAzMTEwLwYDVQQD EygzOGZhNmU3ZDIyYzRhZDFjYzkwYzM0ZjA5Y2M4YTQwNDJjMmY2ZWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSZT0MS9Z2VLXdiMdD7W9nLOz8IL L2NgUdH9qvPUYgBEBZP2FdxaEx4rYJDlO2fQ0DL/GbPLS/pJ/nH1wkgova2Kh1gq WioBkl6Qp1fmxLRkCT18+EAGhR/ylYqM8npcmfCIm6jjKAnGvAmQwGqVKlZq69AY nDmqZGUwr+sHVcEzGS/dALe2rPZdkaISFIDwAHO21G1Q4/dkwjSh73eGIq8Kov4t hfm0x0shXMgdzOr6kOUuHDYIOVpOQvCr0jUiqC+6zDhZbwjJXBBB+WMrt0/ZgYw8 c9V68Y7nmYkuonrTnijf54FQcIFJCDkBjDM39XF4BxBnGO9IPDGs+kBZNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDj6bn0ixK0cyQw08JzIpAQsL27IMB8GA1UdIwQY MBaAFKSrrx038KFBqBTKAvwB49liHHPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNTViZGMtYjU3NC00N2Y5LWIzNDgt OTNjZjY0Zjg4OTkwLzEvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS8xNTViZGMtYjU3NC00N2Y5LWIzNDgtOTNjZjY0Zjg4OTkw LzEvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXzBAB+NU 32s++zWgiQjDB1kcBjzjCbUYcRBgFqykySP0xNq0lRxx/TcxQg75JWpkb/J6wcgm 01Tvoo3tr2/2QMPwYMgKy3MW/uSOrHBzKBaKNF9ZGvaIwMJC1N8oSJsW+0F9yhtO qlRGLtfXRN9qlpIly1m87ThMRVc57wCnZexSgtGISea9EBf4Ga8M3qJ4bv1alVlR q8+UGy07Fs7GA46a91jUPfJuOI4ikr435jbdpX9acPn19KdLVVbgaD8gZkOr2C6J jiYKtNCBrAmF6udzOiUaCPLEhDAHGdlmwmOpV4wikfOfhpe+HGVCpyiXLY5aiPTG suc2Ah1CnifQ3A== -----END CERTIFICATE-----Generated at Tue Dec 30 10:31:14 2025 by rpki-client