This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft File: PE71UtfFcTYTTntE1pfLAs3n2H0.mft (raw, json) Hash identifier: wXcpg1hpukbjMsNsOdULiNPOwFVHuhQKgeXoZ2MMplI= Subject key identifier: 12:B6:71:A8:54:FA:3F:DF:D0:36:C1:5B:6A:93:AF:18:D4:1A:89:35 Authority key identifier: 3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D Certificate issuer: /CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d Certificate serial: 019B2B53ED3486CE43C1A3F41735EB88D27F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft Manifest number: 0BE4 Signing time: Wed 17 Dec 2025 08:01:18 +0000 Manifest this update: Wed 17 Dec 2025 08:01:18 +0000 Manifest next update: Thu 18 Dec 2025 08:01:18 +0000 Files and hashes: 1: PE71UtfFcTYTTntE1pfLAs3n2H0.crl (hash: kI586O/h3Utbz+uqvATwNIKK0yv8EuxH9HnGhswfKkQ=) 2: RuZvzxLvicWfAkL-HU_suiyEHkc.roa (hash: 1ChRVjdhLwU5Jyhx1uu/EkAAaI5ej8w7SIJnkr0NI2Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 08:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:53:ed:34:86:ce:43:c1:a3:f4:17:35:eb:88:d2:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d Validity Not Before: Dec 17 08:01:18 2025 GMT Not After : Dec 18 08:01:18 2025 GMT Subject: CN=12b671a854fa3fdfd036c15b6a93af18d41a8935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fd:73:7f:59:f4:8a:c0:70:e0:49:2a:99:d8: d4:4b:64:9c:99:2d:e9:43:db:84:12:7e:9d:9e:1a: d8:7c:d5:34:87:aa:1f:cf:44:1f:68:1c:83:1c:87: 3f:4e:e4:76:4d:48:2b:48:ab:cb:e5:7d:04:85:a9: 8a:39:98:b0:e6:3a:7e:2f:7d:05:5f:a8:52:bd:7d: 78:62:45:0b:58:29:72:0a:01:11:59:e5:cb:10:3e: 33:7a:10:57:83:bb:f8:b8:00:28:a0:85:0c:b6:91: 02:25:e1:e5:af:64:55:d0:34:78:3c:ad:e4:5a:bb: bf:5b:98:9d:02:20:be:c2:8d:01:dd:00:3d:d8:48: 29:07:52:de:b9:c7:7f:17:82:59:96:e1:bb:f5:7f: 55:58:f2:2a:2f:32:96:c6:18:7a:94:08:d0:13:e9: 23:cd:2c:3c:9c:21:6d:f7:53:94:f5:56:32:e2:6e: b9:d2:7d:85:0a:2e:bc:0a:4f:44:48:92:70:95:83: 33:e6:f1:5a:ea:04:f9:81:b8:53:4b:83:31:55:b3: 96:89:10:9b:3c:44:5a:33:cf:8e:29:72:7e:59:ec: 3d:b8:7c:98:57:a4:65:1a:1f:e6:b1:4e:e2:63:0d: 81:87:18:38:b4:99:5a:f6:ce:aa:24:12:1a:e1:fc: 73:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B6:71:A8:54:FA:3F:DF:D0:36:C1:5B:6A:93:AF:18:D4:1A:89:35 X509v3 Authority Key Identifier: keyid:3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:82:b7:20:5d:29:05:2c:00:44:17:7b:71:1c:ad:fd:2b:db: 4b:1e:76:f5:13:0c:90:17:78:98:18:6e:64:8a:08:2b:f8:91: 0d:8d:c1:aa:70:2b:07:8d:0f:c1:ff:ac:6c:83:41:b4:36:8c: 04:20:74:b1:5e:8d:e7:2c:73:a0:44:a1:df:85:e0:34:1c:2c: c1:32:7d:6e:08:92:35:3b:ee:30:1e:a9:09:b3:2b:c9:ce:51: 24:f9:6a:94:48:eb:bc:6e:03:b9:90:ac:8a:1a:d6:68:a0:9a: ba:dd:79:54:20:04:40:e1:de:c4:5f:df:5e:34:2e:48:0b:25: 44:df:07:ea:6c:39:28:02:c6:f4:6a:2b:55:ae:aa:9e:63:3f: cd:44:92:52:73:80:ce:83:de:15:ad:c6:05:19:4a:37:f9:56: 5e:57:e7:36:b3:2d:c5:c3:f4:41:ad:6f:88:01:5e:18:74:de: b1:16:e5:6b:a0:b7:4f:08:18:18:3b:b2:aa:39:b6:54:a6:97: fe:bc:77:bc:d1:d9:67:10:78:1c:22:47:66:89:63:f1:76:4b: 03:13:03:b7:c2:c8:48:e5:3d:86:11:c7:2b:9d:07:7a:bc:72: 47:f0:d9:11:c6:06:b5:71:3c:f1:ec:71:1c:c5:5d:8a:69:67: 5f:04:7a:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrU+00hs5DwaP0FzXriNJ/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNGVmNTUyZDdjNTcxMzYxMzRlN2I0NGQ2OTdjYjAyY2Rl N2Q4N2QwHhcNMjUxMjE3MDgwMTE4WhcNMjUxMjE4MDgwMTE4WjAzMTEwLwYDVQQD EygxMmI2NzFhODU0ZmEzZmRmZDAzNmMxNWI2YTkzYWYxOGQ0MWE4OTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP1zf1n0isBw4EkqmdjUS2ScmS3p Q9uEEn6dnhrYfNU0h6ofz0QfaByDHIc/TuR2TUgrSKvL5X0EhamKOZiw5jp+L30F X6hSvX14YkULWClyCgERWeXLED4zehBXg7v4uAAooIUMtpECJeHlr2RV0DR4PK3k Wru/W5idAiC+wo0B3QA92EgpB1Leucd/F4JZluG79X9VWPIqLzKWxhh6lAjQE+kj zSw8nCFt91OU9VYy4m650n2FCi68Ck9ESJJwlYMz5vFa6gT5gbhTS4MxVbOWiRCb PERaM8+OKXJ+Wew9uHyYV6RlGh/msU7iYw2Bhxg4tJla9s6qJBIa4fxzEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBK2cahU+j/f0DbBW2qTrxjUGok1MB8GA1UdIwQY MBaAFDxO9VLXxXE2E057RNaXywLN59h9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDct MTE0NDFlMTZhMTM3LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDctMTE0NDFlMTZhMTM3 LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYK3IF0p BSwARBd7cRyt/SvbSx529RMMkBd4mBhuZIoIK/iRDY3BqnArB40Pwf+sbINBtDaM BCB0sV6N5yxzoESh34XgNBwswTJ9bgiSNTvuMB6pCbMryc5RJPlqlEjrvG4DuZCs ihrWaKCaut15VCAEQOHexF/fXjQuSAslRN8H6mw5KALG9GorVa6qnmM/zUSSUnOA zoPeFa3GBRlKN/lWXlfnNrMtxcP0Qa1viAFeGHTesRbla6C3TwgYGDuyqjm2VKaX /rx3vNHZZxB4HCJHZolj8XZLAxMDt8LISOU9hhHHK50HerxyR/DZEcYGtXE88exx HMVdimlnXwR6jQ== -----END CERTIFICATE-----Generated at Wed Dec 17 13:27:25 2025 by rpki-client