This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft File: pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json) Hash identifier: ne1c6ll1F1QEy187CO5N5YYCpvKLpLEnpS4GZK9EnCI= Subject key identifier: 5E:3C:02:73:08:9F:A4:E7:BD:38:E9:C0:A7:1D:96:B9:1E:68:39:BB Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce Certificate serial: 019B405C29ED01E63D11882BF5B3A51F7435 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft Manifest number: 0A64 Signing time: Sun 21 Dec 2025 10:02:20 +0000 Manifest this update: Sun 21 Dec 2025 10:02:20 +0000 Manifest next update: Mon 22 Dec 2025 10:02:20 +0000 Files and hashes: 1: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: mTuPDdyeU6I4lUPRQD9uly4GWiCd2FxLswHpk+gStGc=) 2: rWk5sIUEQt5GM5tD9jvlVGxlmoc.roa (hash: bdSHmybqlxfqe2LDlmT/vhR2hatifsBsFgj+STLVUXQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5c:29:ed:01:e6:3d:11:88:2b:f5:b3:a5:1f:74:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce Validity Not Before: Dec 21 10:02:20 2025 GMT Not After : Dec 22 10:02:20 2025 GMT Subject: CN=5e3c0273089fa4e7bd38e9c0a71d96b91e6839bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:11:cb:bf:0b:61:79:06:98:70:99:78:72:2d: 60:93:60:a4:24:9d:a8:f0:16:df:ab:ab:7b:d5:80: 96:4d:76:aa:80:c2:49:14:24:55:03:1f:8c:21:86: 36:52:62:93:fb:dc:31:f0:e8:b7:1c:f8:48:27:6f: 59:4f:54:14:0b:d4:50:95:7f:22:ae:75:a0:29:54: 95:e7:5b:60:42:57:7d:3f:18:cd:70:28:72:ec:6f: 85:cf:c8:b2:2a:98:a0:bd:26:ee:a3:34:78:ee:5d: 1f:93:0a:e6:2b:d1:76:75:78:24:e0:a2:a9:52:89: c5:42:1e:c2:62:0c:69:31:5d:e6:a7:be:97:aa:9a: fb:ff:c7:bd:43:74:e4:18:22:fe:a0:6e:65:2c:66: 1b:32:21:07:c2:96:02:7e:91:2d:7f:ba:8a:09:bd: 3b:d3:d6:99:f1:c8:06:9a:a5:41:ba:42:26:d6:c4: e3:4f:b1:96:fd:ac:5c:ce:a3:7a:d7:07:7b:6f:a8: ef:6c:d6:3d:98:4e:94:25:fd:23:07:a4:93:21:f3: 3b:ee:92:78:d7:56:95:61:1a:48:05:e2:56:88:1a: 3f:9c:fe:fb:54:6f:8b:ee:28:a8:14:28:53:bd:d1: 54:d8:0b:93:90:29:41:d7:19:a6:ac:6e:ea:7e:d7: 18:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:3C:02:73:08:9F:A4:E7:BD:38:E9:C0:A7:1D:96:B9:1E:68:39:BB X509v3 Authority Key Identifier: keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:0b:9a:d9:ce:7c:2f:16:af:03:e9:7e:d9:63:8b:72:43:8e: 8d:1d:89:2f:0a:31:2b:94:f9:24:38:4a:f1:9c:b3:ae:bd:31: 8f:9e:97:ea:14:15:05:5c:35:ca:0c:67:e6:85:5b:e6:25:ab: eb:4f:46:4e:54:55:da:1a:da:b5:60:ff:dd:c3:8e:30:59:4e: 24:c2:c7:6a:fc:90:e0:8f:20:0f:6f:f4:ce:d9:e0:69:fc:50: 57:97:ce:5b:f4:59:6d:10:be:b6:10:c3:ca:30:90:17:8d:70: 16:7d:4e:14:84:3b:7e:e9:4c:e2:80:1b:42:4e:2f:37:d0:fe: cc:7e:e1:c9:9d:6a:cb:3d:06:0f:3d:af:7b:51:9d:c0:7d:a9: 74:11:fe:ab:fb:82:f5:18:57:68:0a:cc:98:8c:63:e8:ae:d9: 44:ff:bb:7b:a6:15:47:15:1e:26:30:18:03:d0:97:18:32:08: 6d:fd:98:be:53:fb:5c:da:fa:ef:c1:9c:f8:45:1f:6b:42:51: 91:65:53:1e:b6:f5:6f:df:27:d6:7b:5b:75:e2:62:7b:48:28: 85:a9:68:b0:30:4f:dd:5b:f5:66:22:92:ed:94:bf:0c:69:89: 63:8a:e3:9e:3c:46:65:b4:36:35:0a:32:39:53:77:dd:14:49: c5:2e:20:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAXCntAeY9EYgr9bOlH3Q1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk NTQyY2UwHhcNMjUxMjIxMTAwMjIwWhcNMjUxMjIyMTAwMjIwWjAzMTEwLwYDVQQD Eyg1ZTNjMDI3MzA4OWZhNGU3YmQzOGU5YzBhNzFkOTZiOTFlNjgzOWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxHLvwtheQaYcJl4ci1gk2CkJJ2o 8Bbfq6t71YCWTXaqgMJJFCRVAx+MIYY2UmKT+9wx8Oi3HPhIJ29ZT1QUC9RQlX8i rnWgKVSV51tgQld9PxjNcChy7G+Fz8iyKpigvSbuozR47l0fkwrmK9F2dXgk4KKp UonFQh7CYgxpMV3mp76Xqpr7/8e9Q3TkGCL+oG5lLGYbMiEHwpYCfpEtf7qKCb07 09aZ8cgGmqVBukIm1sTjT7GW/axczqN61wd7b6jvbNY9mE6UJf0jB6STIfM77pJ4 11aVYRpIBeJWiBo/nP77VG+L7iioFChTvdFU2AuTkClB1xmmrG7qftcYDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF48AnMIn6TnvTjpwKcdlrkeaDm7MB8GA1UdIwQY MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZQua2c58 LxavA+l+2WOLckOOjR2JLwoxK5T5JDhK8Zyzrr0xj56X6hQVBVw1ygxn5oVb5iWr 609GTlRV2hratWD/3cOOMFlOJMLHavyQ4I8gD2/0ztngafxQV5fOW/RZbRC+thDD yjCQF41wFn1OFIQ7fulM4oAbQk4vN9D+zH7hyZ1qyz0GDz2ve1GdwH2pdBH+q/uC 9RhXaArMmIxj6K7ZRP+7e6YVRxUeJjAYA9CXGDIIbf2YvlP7XNr678Gc+EUfa0JR kWVTHrb1b98n1ntbdeJie0gohalosDBP3Vv1ZiKS7ZS/DGmJY4rjnjxGZbQ2NQoy OVN33RRJxS4gaA== -----END CERTIFICATE-----Generated at Sun Dec 21 11:59:10 2025 by rpki-client