This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft File: PBnm8n2SgJXlYN52ePKONFnVWUc.mft (raw, json) Hash identifier: 9uhHDHPTjeLkuwJZfoQyY4tCGVKv21C6hDQzuwfq0vA= Subject key identifier: A8:4E:32:5B:3A:7B:D6:18:21:93:42:F6:7A:3A:8E:FD:22:81:AD:41 Authority key identifier: 3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47 Certificate issuer: /CN=3c19e6f27d928095e560de7678f28e3459d55947 Certificate serial: 019B68E9A1470615230EE04AB576BC166C1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft Manifest number: 02B2 Signing time: Mon 29 Dec 2025 07:01:40 +0000 Manifest this update: Mon 29 Dec 2025 07:01:40 +0000 Manifest next update: Tue 30 Dec 2025 07:01:40 +0000 Files and hashes: 1: PBnm8n2SgJXlYN52ePKONFnVWUc.crl (hash: 2/17M+SPXzjLhykDhwIcs7Sk7QHd0rTnQFE1vSPDlp4=) 2: QmVb0SoXYnlMedY0w_3_iXHpV1g.roa (hash: a3gXOD/NjdWHnE6P9SQzEQhqDOtbuugfMMDorP0aI2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:e9:a1:47:06:15:23:0e:e0:4a:b5:76:bc:16:6c:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c19e6f27d928095e560de7678f28e3459d55947 Validity Not Before: Dec 29 07:01:40 2025 GMT Not After : Dec 30 07:01:40 2025 GMT Subject: CN=a84e325b3a7bd618219342f67a3a8efd2281ad41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ad:69:21:32:03:94:dd:6a:12:01:cd:22:35: 27:97:f4:b5:50:39:92:b8:dc:b5:4f:ee:e6:e8:5e: 59:ce:31:dd:70:29:b0:e4:63:7e:c7:df:a4:69:a7: 1d:0f:d1:4b:71:8d:30:dd:a2:ce:d5:d9:0e:35:d1: a1:7b:1d:be:2d:b6:aa:f4:8a:35:44:60:f2:22:1f: 36:9d:8b:e2:f3:7d:1b:ef:e8:7c:cd:db:2d:e7:bf: 0d:e2:b7:bd:95:42:93:c7:74:74:76:b4:75:a6:d8: bb:9a:0e:cc:5d:33:40:4f:ec:24:56:c5:c7:ed:53: a7:c5:b8:76:95:17:c5:ab:5b:9e:9e:08:96:a1:5f: 81:5b:f0:43:5b:ba:46:76:98:d9:fe:6f:e9:65:3c: 52:89:dd:14:65:15:23:0b:f3:bc:2b:f0:0c:f8:6a: 64:e1:0d:e6:da:e3:c0:86:69:0b:8b:ac:cc:28:94: 5b:e9:29:ad:6b:eb:b3:f3:ab:68:b7:db:6f:7f:45: 79:b4:36:c1:65:0e:0f:92:0b:2e:50:c7:9c:79:c8: f0:30:bb:96:2b:0c:ff:0f:6d:aa:de:ba:e8:58:39: b0:c9:25:13:cc:8d:62:03:5e:f7:23:fd:6d:9a:b4: 55:2f:d7:e1:46:29:15:b7:5f:eb:c9:27:9e:9f:45: 95:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:4E:32:5B:3A:7B:D6:18:21:93:42:F6:7A:3A:8E:FD:22:81:AD:41 X509v3 Authority Key Identifier: keyid:3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:2d:c7:80:04:2e:7b:00:21:5b:90:ae:fe:0f:65:f8:02:e1: cd:a9:64:0f:14:27:79:77:fc:13:bf:67:c7:d9:7f:66:d8:c7: 44:2f:09:db:81:b8:0b:ea:fd:ef:2f:e9:c6:6e:e2:4e:76:38: de:2d:e2:e6:f7:66:88:ea:c7:7f:a1:6b:08:d0:27:cc:97:ea: 9f:7f:76:73:0a:4d:4f:e2:d1:41:7a:33:eb:7e:39:ba:e6:51: eb:26:53:4a:a3:2e:cb:18:2b:7d:7c:e2:14:0f:cb:c1:03:ed: 6b:2a:96:47:0b:22:3e:e2:4d:84:07:ee:1f:d4:54:33:8e:a7: 4d:70:c2:a6:5a:23:1e:4d:69:99:84:c6:85:33:74:d6:6e:b6: 86:58:0d:a7:a9:21:a2:36:58:11:7d:28:40:4b:f8:3f:9c:4d: 8b:c5:b5:f7:71:aa:73:5c:83:b2:84:94:02:7e:61:28:51:5f: 12:7d:7f:ec:f3:7f:a5:67:75:fe:8c:fd:12:f0:83:83:1b:50: 3a:ba:f8:b7:e9:94:17:a5:56:79:1f:b3:86:fa:11:2d:8c:70: 8b:94:4f:23:14:3f:35:14:99:61:92:92:94:bc:74:ed:a0:93: f3:90:54:b6:1c:c8:d7:ff:ca:aa:b0:42:66:a2:5c:90:63:2c: a0:b7:29:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6aFHBhUjDuBKtXa8FmwbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMTllNmYyN2Q5MjgwOTVlNTYwZGU3Njc4ZjI4ZTM0NTlk NTU5NDcwHhcNMjUxMjI5MDcwMTQwWhcNMjUxMjMwMDcwMTQwWjAzMTEwLwYDVQQD EyhhODRlMzI1YjNhN2JkNjE4MjE5MzQyZjY3YTNhOGVmZDIyODFhZDQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr61pITIDlN1qEgHNIjUnl/S1UDmS uNy1T+7m6F5ZzjHdcCmw5GN+x9+kaacdD9FLcY0w3aLO1dkONdGhex2+Lbaq9Io1 RGDyIh82nYvi830b7+h8zdst578N4re9lUKTx3R0drR1pti7mg7MXTNAT+wkVsXH 7VOnxbh2lRfFq1uengiWoV+BW/BDW7pGdpjZ/m/pZTxSid0UZRUjC/O8K/AM+Gpk 4Q3m2uPAhmkLi6zMKJRb6Smta+uz86tot9tvf0V5tDbBZQ4PkgsuUMececjwMLuW Kwz/D22q3rroWDmwySUTzI1iA173I/1tmrRVL9fhRikVt1/rySeen0WV+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKhOMls6e9YYIZNC9no6jv0iga1BMB8GA1UdIwQY MBaAFDwZ5vJ9koCV5WDednjyjjRZ1VlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMt NzkyN2RlNTM5MzY0LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMtNzkyN2RlNTM5MzY0 LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArC3HgAQu ewAhW5Cu/g9l+ALhzalkDxQneXf8E79nx9l/ZtjHRC8J24G4C+r97y/pxm7iTnY4 3i3i5vdmiOrHf6FrCNAnzJfqn392cwpNT+LRQXoz6345uuZR6yZTSqMuyxgrfXzi FA/LwQPtayqWRwsiPuJNhAfuH9RUM46nTXDCplojHk1pmYTGhTN01m62hlgNp6kh ojZYEX0oQEv4P5xNi8W193Gqc1yDsoSUAn5hKFFfEn1/7PN/pWd1/oz9EvCDgxtQ Orr4t+mUF6VWeR+zhvoRLYxwi5RPIxQ/NRSZYZKSlLx07aCT85BUthzI1//KqrBC ZqJckGMsoLcpnw== -----END CERTIFICATE-----Generated at Mon Dec 29 08:29:05 2025 by rpki-client