This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft File: pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json) Hash identifier: h6bnxsP5+XDz3oCGwlNEwGmBblPrWpW1wwDi5g214tI= Subject key identifier: F8:26:D5:44:5C:C0:71:6C:71:1F:FC:B9:0D:7A:B9:3B:C7:A9:96:5E Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D Certificate issuer: /CN=a67caa06c0a8f754016e614480bbb3877e40891d Certificate serial: 019BAD935AAB53183EA5BAB3080F58D616CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft Manifest number: 04EC Signing time: Sun 11 Jan 2026 15:01:13 +0000 Manifest this update: Sun 11 Jan 2026 15:01:13 +0000 Manifest next update: Mon 12 Jan 2026 15:01:13 +0000 Files and hashes: 1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: GoFuBAOwOUpSYAJzn5XkbaxV5L/OLnfy3OerZKrXLNY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 15:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ad:93:5a:ab:53:18:3e:a5:ba:b3:08:0f:58:d6:16:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d Validity Not Before: Jan 11 15:01:13 2026 GMT Not After : Jan 12 15:01:13 2026 GMT Subject: CN=f826d5445cc0716c711ffcb90d7ab93bc7a9965e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:6d:e9:b1:a5:e7:d4:ab:b5:67:87:14:6e:91: 60:93:2a:56:34:59:e9:dd:de:b4:67:6c:eb:ae:af: af:d7:c0:b6:e1:03:aa:90:c0:22:4a:3b:97:b4:fc: 14:93:81:dd:47:89:78:a8:eb:29:04:f3:f7:3c:0a: aa:6d:c4:2a:a9:e3:ae:fd:a2:4e:08:85:04:12:83: 73:7c:b3:b6:1c:15:ab:e2:12:76:23:00:bd:57:38: 63:14:34:3c:16:ff:14:90:d7:e1:8d:d1:80:15:21: 6b:8c:79:9b:4d:6b:0c:b1:8e:98:49:5d:21:50:8e: 55:ee:02:c0:96:95:fb:a3:c8:7d:db:d9:4d:c7:2c: 5a:e6:20:90:82:64:cf:2e:ae:75:c0:88:fc:54:2f: 19:95:50:57:75:37:f8:f4:5b:0c:82:03:91:ac:82: 0f:9c:ba:32:86:bf:d3:05:44:ea:4f:9d:c2:7e:7b: d8:6f:df:db:8e:c3:6d:3c:92:35:ac:99:45:6c:5e: 01:45:58:0f:a9:89:2c:3a:9d:ee:96:a5:fc:e0:74: 64:f1:17:4a:df:a2:fb:9d:91:c3:54:5c:92:59:b1: 48:6d:97:9e:18:ec:7f:dc:8d:ed:c7:1d:9c:a6:01: 5a:e9:38:b9:f7:63:55:e6:bf:2c:f3:59:05:f9:85: d3:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:26:D5:44:5C:C0:71:6C:71:1F:FC:B9:0D:7A:B9:3B:C7:A9:96:5E X509v3 Authority Key Identifier: keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:a0:b7:93:59:3f:a4:bc:c9:ef:e5:31:dd:6b:15:63:cc:cc: ca:cb:8d:0f:56:d6:78:ad:d8:6f:d8:47:42:32:70:c6:de:3d: 20:98:0b:6d:b3:f4:a1:4d:fe:81:3f:f5:b9:31:83:bd:6c:25: f0:6e:59:eb:ac:e9:c2:9d:04:36:f3:c9:c0:f3:65:7b:d2:6a: 17:6a:8b:dc:b5:a4:89:f0:a7:f0:a2:30:d9:12:09:d8:00:0e: c0:81:53:35:aa:19:b5:37:82:40:cb:76:8c:a0:67:82:20:89: 5a:f1:bf:0e:53:80:cd:57:1c:8d:64:9d:2d:21:bf:40:aa:12: 1d:59:94:85:6a:6b:bb:cb:13:0e:28:01:05:da:ca:2c:66:5c: f1:37:29:86:0f:43:9a:c5:10:d4:e4:1b:7f:0f:7a:1c:d3:5e: 44:ef:1c:42:2b:ed:b6:a7:f5:93:72:d5:cd:1b:e3:6c:85:af: 8f:80:c4:6d:b0:65:ea:16:52:e9:4b:77:ef:3c:8e:39:86:1a: 29:12:6c:bc:d7:43:b6:48:4b:a9:5c:3d:b5:0b:0d:fe:cd:c5: 3c:4f:06:12:cb:80:4f:2f:b4:86:b9:68:d6:97:02:92:1e:53: 8c:28:c8:8d:fb:45:38:b6:84:b2:fa:5a:ef:86:b7:d1:66:30: 29:74:0a:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZutk1qrUxg+pbqzCA9Y1hbNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0 MDg5MWQwHhcNMjYwMTExMTUwMTEzWhcNMjYwMTEyMTUwMTEzWjAzMTEwLwYDVQQD EyhmODI2ZDU0NDVjYzA3MTZjNzExZmZjYjkwZDdhYjkzYmM3YTk5NjVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm3psaXn1Ku1Z4cUbpFgkypWNFnp 3d60Z2zrrq+v18C24QOqkMAiSjuXtPwUk4HdR4l4qOspBPP3PAqqbcQqqeOu/aJO CIUEEoNzfLO2HBWr4hJ2IwC9VzhjFDQ8Fv8UkNfhjdGAFSFrjHmbTWsMsY6YSV0h UI5V7gLAlpX7o8h929lNxyxa5iCQgmTPLq51wIj8VC8ZlVBXdTf49FsMggORrIIP nLoyhr/TBUTqT53CfnvYb9/bjsNtPJI1rJlFbF4BRVgPqYksOp3ulqX84HRk8RdK 36L7nZHDVFySWbFIbZeeGOx/3I3txx2cpgFa6Ti592NV5r8s81kF+YXTawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPgm1URcwHFscR/8uQ16uTvHqZZeMB8GA1UdIwQY MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKC3k1k/ pLzJ7+Ux3WsVY8zMysuND1bWeK3Yb9hHQjJwxt49IJgLbbP0oU3+gT/1uTGDvWwl 8G5Z66zpwp0ENvPJwPNle9JqF2qL3LWkifCn8KIw2RIJ2AAOwIFTNaoZtTeCQMt2 jKBngiCJWvG/DlOAzVccjWSdLSG/QKoSHVmUhWpru8sTDigBBdrKLGZc8Tcphg9D msUQ1OQbfw96HNNeRO8cQivttqf1k3LVzRvjbIWvj4DEbbBl6hZS6Ut37zyOOYYa KRJsvNdDtkhLqVw9tQsN/s3FPE8GEsuATy+0hrlo1pcCkh5TjCjIjftFOLaEsvpa 74a30WYwKXQKSw== -----END CERTIFICATE-----Generated at Sun Jan 11 22:13:03 2026 by rpki-client