This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft File: PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json) Hash identifier: iyMUHNWVqf8O3H2uTML9crXdCIB+aq0PjKn17GnzDIc= Subject key identifier: 0E:E2:FB:42:EC:25:8D:36:F0:5C:0F:FF:95:24:24:A7:38:0B:32:F1 Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48 Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848 Certificate serial: 019B3DC820A5F11D71A62ACA0CAD917C631B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft Manifest number: 125C Signing time: Sat 20 Dec 2025 22:01:24 +0000 Manifest this update: Sat 20 Dec 2025 22:01:24 +0000 Manifest next update: Sun 21 Dec 2025 22:01:24 +0000 Files and hashes: 1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: L2XzgKqOu0pEIXqNE2JQy/r6ODsFUyWSc3CLm2rza8k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c8:20:a5:f1:1d:71:a6:2a:ca:0c:ad:91:7c:63:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848 Validity Not Before: Dec 20 22:01:24 2025 GMT Not After : Dec 21 22:01:24 2025 GMT Subject: CN=0ee2fb42ec258d36f05c0fff952424a7380b32f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2a:fe:16:93:94:60:34:63:89:64:4f:a6:ba: cc:64:a5:a8:14:6f:4b:f5:79:d8:50:4e:1d:2a:4d: 17:e8:ed:cc:eb:46:9e:4c:44:68:f9:92:6b:27:95: 85:df:b1:52:ed:c7:31:31:73:3a:cc:cf:36:40:3e: 7c:49:d7:d8:ca:11:e2:93:31:d6:ba:10:95:f7:25: 84:20:3a:e1:d9:d9:55:1d:97:07:ee:f2:d4:f3:94: 54:46:bd:61:b6:4b:63:af:8a:bc:95:5b:6c:1b:d3: 35:7a:f7:6a:37:ad:0f:c0:7c:fc:8c:9f:92:ce:c0: 7f:94:a4:a8:1c:bd:be:01:e0:63:7f:b2:8b:d4:5a: f3:d7:0c:fa:7c:76:98:c9:9f:35:fd:2e:26:bf:ea: 39:f3:d2:f7:2a:56:a9:31:62:0c:f4:ae:f1:11:4f: 17:97:f0:43:fc:e3:18:55:2c:7a:49:33:5b:81:22: f8:5c:b1:05:5a:91:99:e8:e0:dd:51:0e:8d:da:10: 05:8a:c5:35:02:f5:6f:25:67:2d:5d:de:6d:c3:fe: 7d:83:2a:8a:56:96:d0:51:04:7f:d8:40:46:ab:27: ca:ee:3b:db:9e:d6:84:bd:bf:87:45:fe:98:b5:ce: 45:27:74:56:d6:41:d5:47:fc:ec:24:d6:e7:47:54: b5:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:E2:FB:42:EC:25:8D:36:F0:5C:0F:FF:95:24:24:A7:38:0B:32:F1 X509v3 Authority Key Identifier: keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:48:5a:c5:0d:9e:2b:21:9e:82:f6:94:ce:7a:21:6f:b0:f0: f0:e4:b8:0a:e8:46:6a:28:c9:dc:55:62:2e:b3:05:66:39:ee: a2:37:14:cf:a1:fa:f8:e5:cb:ca:9c:4c:89:62:32:1a:0c:0d: fa:2d:13:5a:e2:59:8e:8f:b1:84:94:61:63:25:42:75:cb:ee: 6c:87:a0:06:ff:d2:64:a8:06:51:92:70:6b:65:64:e4:c9:63: e7:57:a2:3c:3b:43:3f:28:92:4f:00:eb:5a:5c:5c:53:e9:d3: 83:6f:dd:fc:55:e0:b5:fb:9b:5d:19:51:24:22:34:0b:54:cf: 80:e4:18:77:5b:3e:b5:9e:90:47:57:a1:95:aa:5f:5a:fb:fb: e5:78:79:42:c9:eb:5e:11:95:11:e4:ed:e8:84:9c:e1:dd:87: 01:f4:14:55:dc:b6:5f:4d:92:d5:f2:a5:91:f7:ee:7c:45:fb: 75:2f:bc:e8:6c:97:ba:77:b9:5a:16:68:80:fe:34:7e:7f:14: b1:dd:0f:c2:b2:1e:ee:90:40:79:bc:3d:39:b3:29:ab:f1:26: 92:d9:9b:dc:e6:64:da:32:0e:4f:5c:05:b0:1f:ed:eb:92:7d: 0e:e5:61:ac:5e:0d:30:40:74:eb:b3:74:e2:c6:0f:71:1f:9d: 99:e2:24:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9yCCl8R1xpirKDK2RfGMbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm NTI4NDgwHhcNMjUxMjIwMjIwMTI0WhcNMjUxMjIxMjIwMTI0WjAzMTEwLwYDVQQD EygwZWUyZmI0MmVjMjU4ZDM2ZjA1YzBmZmY5NTI0MjRhNzM4MGIzMmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yr+FpOUYDRjiWRPprrMZKWoFG9L 9XnYUE4dKk0X6O3M60aeTERo+ZJrJ5WF37FS7ccxMXM6zM82QD58SdfYyhHikzHW uhCV9yWEIDrh2dlVHZcH7vLU85RURr1htktjr4q8lVtsG9M1evdqN60PwHz8jJ+S zsB/lKSoHL2+AeBjf7KL1Frz1wz6fHaYyZ81/S4mv+o589L3KlapMWIM9K7xEU8X l/BD/OMYVSx6STNbgSL4XLEFWpGZ6ODdUQ6N2hAFisU1AvVvJWctXd5tw/59gyqK VpbQUQR/2EBGqyfK7jvbntaEvb+HRf6Ytc5FJ3RW1kHVR/zsJNbnR1S1pwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA7i+0LsJY028FwP/5UkJKc4CzLxMB8GA1UdIwQY MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEhaxQ2e KyGegvaUznohb7Dw8OS4CuhGaijJ3FViLrMFZjnuojcUz6H6+OXLypxMiWIyGgwN +i0TWuJZjo+xhJRhYyVCdcvubIegBv/SZKgGUZJwa2Vk5Mlj51eiPDtDPyiSTwDr WlxcU+nTg2/d/FXgtfubXRlRJCI0C1TPgOQYd1s+tZ6QR1ehlapfWvv75Xh5Qsnr XhGVEeTt6ISc4d2HAfQUVdy2X02S1fKlkffufEX7dS+86GyXune5WhZogP40fn8U sd0PwrIe7pBAebw9ObMpq/Emktmb3OZk2jIOT1wFsB/t65J9DuVhrF4NMEB067N0 4sYPcR+dmeIkYA== -----END CERTIFICATE-----Generated at Sun Dec 21 06:04:06 2025 by rpki-client