This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft File: PBnm8n2SgJXlYN52ePKONFnVWUc.mft (raw, json) Hash identifier: Cx3gT80O1nXpNX4qGCYwlQ1yvrpXe7zM3TYMfLGSgyw= Subject key identifier: 35:DC:73:CC:69:E8:FE:1E:87:49:22:0E:46:2D:66:D1:03:1D:05:F3 Authority key identifier: 3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47 Certificate issuer: /CN=3c19e6f27d928095e560de7678f28e3459d55947 Certificate serial: 019B747ED86B5D5E7FD29FA69171FEE6084C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft Manifest number: 02B8 Signing time: Wed 31 Dec 2025 13:00:28 +0000 Manifest this update: Wed 31 Dec 2025 13:00:28 +0000 Manifest next update: Thu 01 Jan 2026 13:00:28 +0000 Files and hashes: 1: PBnm8n2SgJXlYN52ePKONFnVWUc.crl (hash: 3h3Pc78R03gXY6Yc7KKeV6mouSbDKCwYNs8x4csSOkQ=) 2: QmVb0SoXYnlMedY0w_3_iXHpV1g.roa (hash: a3gXOD/NjdWHnE6P9SQzEQhqDOtbuugfMMDorP0aI2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 13:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:74:7e:d8:6b:5d:5e:7f:d2:9f:a6:91:71:fe:e6:08:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c19e6f27d928095e560de7678f28e3459d55947 Validity Not Before: Dec 31 13:00:28 2025 GMT Not After : Jan 1 13:00:28 2026 GMT Subject: CN=35dc73cc69e8fe1e8749220e462d66d1031d05f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4e:9e:d1:27:f7:6e:46:73:27:12:e5:9b:b5: d4:09:83:d3:3f:c1:e0:ae:3c:79:bc:31:09:fc:e9: b1:93:eb:af:6a:fc:54:7b:04:ab:9d:d4:89:e0:c6: 8b:17:95:24:dd:1d:a3:41:6e:60:06:b8:b1:2b:6d: bb:32:56:a6:d2:e6:11:f5:d8:dc:a3:38:62:66:f9: 91:91:d2:b2:66:14:b0:4d:b6:4c:7b:11:df:26:06: aa:56:ad:20:74:1b:de:b9:3a:0d:d1:fc:66:23:67: 9b:24:a5:01:03:29:45:e6:09:13:3d:bc:90:59:72: d1:26:40:ef:32:e6:df:76:f6:21:4a:0c:ae:a7:04: 59:ff:dd:c0:6f:34:ca:c4:c6:af:9d:5a:c7:79:df: 73:80:cd:96:a4:e9:d8:1e:71:78:1f:6b:ed:74:50: e0:9f:9f:63:df:bc:66:ca:35:2a:43:5b:e7:d0:28: 04:b8:5c:8c:ad:b0:11:c0:91:35:3a:fa:22:7a:32: 3d:42:6b:c8:2d:c9:d2:c6:88:85:f1:73:3e:bb:c8: 88:35:35:af:fd:d7:94:72:86:1e:af:d9:59:af:b0: 02:e0:5c:a9:5c:8b:ad:f3:b2:b2:ae:3d:1c:a9:1e: e2:93:ff:e8:9c:79:93:21:38:85:5d:15:d9:50:4f: 57:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DC:73:CC:69:E8:FE:1E:87:49:22:0E:46:2D:66:D1:03:1D:05:F3 X509v3 Authority Key Identifier: keyid:3C:19:E6:F2:7D:92:80:95:E5:60:DE:76:78:F2:8E:34:59:D5:59:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBnm8n2SgJXlYN52ePKONFnVWUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/239b73-7aa7-4b58-b12c-7927de539364/1/PBnm8n2SgJXlYN52ePKONFnVWUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:6e:a9:74:ca:5d:99:69:06:f9:b5:bb:7d:78:bf:27:74:6d: 58:ef:d1:45:40:6a:46:b4:d9:a5:fc:64:00:57:85:82:76:05: ca:b2:53:99:c6:04:98:ea:48:96:01:82:65:56:76:04:5f:85: 7d:50:55:dc:92:b3:e1:2e:9f:d2:56:47:73:06:50:ca:49:3d: b2:51:b9:2c:d5:64:74:6d:40:18:66:bf:6a:4b:59:c0:12:84: 34:e2:66:09:ac:e2:89:fe:ae:d6:c7:45:df:37:93:6b:0d:d9: 85:d1:ff:42:4a:fd:77:6e:e1:ad:5c:dd:9c:c8:17:3a:12:df: fb:ea:2b:e3:19:84:14:fd:88:1b:97:c2:66:4b:a9:3c:06:1b: 45:96:4b:1a:b1:5e:68:a8:27:44:4a:51:98:8d:f9:f1:57:40: d2:40:3f:aa:db:6f:23:58:a7:43:dc:45:72:06:63:34:22:0f: d8:54:25:1a:8e:4b:10:5e:03:6c:ec:7e:6c:12:e6:84:69:87: e3:3f:2c:80:87:b1:3e:b6:df:46:a9:a3:26:6c:23:d9:50:4f: 6c:18:d2:fd:d7:b0:71:36:f1:0d:cd:cc:9b:b1:f9:a4:57:b2: cb:36:28:87:ee:60:7e:36:25:d5:fb:b8:bb:bf:0c:42:b9:b9: 96:ae:83:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt0fthrXV5/0p+mkXH+5ghMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMTllNmYyN2Q5MjgwOTVlNTYwZGU3Njc4ZjI4ZTM0NTlk NTU5NDcwHhcNMjUxMjMxMTMwMDI4WhcNMjYwMTAxMTMwMDI4WjAzMTEwLwYDVQQD EygzNWRjNzNjYzY5ZThmZTFlODc0OTIyMGU0NjJkNjZkMTAzMWQwNWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk6e0Sf3bkZzJxLlm7XUCYPTP8Hg rjx5vDEJ/Omxk+uvavxUewSrndSJ4MaLF5Uk3R2jQW5gBrixK227Mlam0uYR9djc ozhiZvmRkdKyZhSwTbZMexHfJgaqVq0gdBveuToN0fxmI2ebJKUBAylF5gkTPbyQ WXLRJkDvMubfdvYhSgyupwRZ/93AbzTKxMavnVrHed9zgM2WpOnYHnF4H2vtdFDg n59j37xmyjUqQ1vn0CgEuFyMrbARwJE1OvoiejI9QmvILcnSxoiF8XM+u8iINTWv /deUcoYer9lZr7AC4FypXIut87Kyrj0cqR7ik//onHmTITiFXRXZUE9X4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDXcc8xp6P4eh0kiDkYtZtEDHQXzMB8GA1UdIwQY MBaAFDwZ5vJ9koCV5WDednjyjjRZ1VlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMt NzkyN2RlNTM5MzY0LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS8yMzliNzMtN2FhNy00YjU4LWIxMmMtNzkyN2RlNTM5MzY0 LzEvUEJubThuMlNnSlhsWU41MmVQS09ORm5WV1VjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgG6pdMpd mWkG+bW7fXi/J3RtWO/RRUBqRrTZpfxkAFeFgnYFyrJTmcYEmOpIlgGCZVZ2BF+F fVBV3JKz4S6f0lZHcwZQykk9slG5LNVkdG1AGGa/aktZwBKENOJmCaziif6u1sdF 3zeTaw3ZhdH/Qkr9d27hrVzdnMgXOhLf++or4xmEFP2IG5fCZkupPAYbRZZLGrFe aKgnREpRmI358VdA0kA/qttvI1inQ9xFcgZjNCIP2FQlGo5LEF4DbOx+bBLmhGmH 4z8sgIexPrbfRqmjJmwj2VBPbBjS/dewcTbxDc3Mm7H5pFeyyzYoh+5gfjYl1fu4 u78MQrm5lq6DXg== -----END CERTIFICATE-----Generated at Wed Dec 31 21:48:11 2025 by rpki-client