This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft File: PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft (raw, json) Hash identifier: 7DPw9HI8wLjcSb9w08gN27Q7Ufga6DjFq+ct0UA/GnI= Subject key identifier: 67:4F:91:86:65:CE:0C:E7:9F:F8:7D:35:B2:E6:48:23:60:54:1F:C3 Authority key identifier: 3D:76:7D:5F:E7:EF:3F:22:8B:DD:BD:E5:A0:E5:C1:80:06:F7:54:08 Certificate issuer: /CN=3d767d5fe7ef3f228bddbde5a0e5c18006f75408 Certificate serial: 019B2287DB2B4965C5B8F20C10F1FCED3B81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXZ9X-fvPyKL3b3loOXBgAb3VAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft Manifest number: 1001 Signing time: Mon 15 Dec 2025 15:01:27 +0000 Manifest this update: Mon 15 Dec 2025 15:01:27 +0000 Manifest next update: Tue 16 Dec 2025 15:01:27 +0000 Files and hashes: 1: J60Pw4hyKKjQhqi1eSTzFtauoi0.roa (hash: Pts66hPVy/S0JFZfVc88DLunALgdL+k1upaL/I3M97g=) 2: PXZ9X-fvPyKL3b3loOXBgAb3VAg.crl (hash: Nx5bWnHoeCkBzH2sH2smCRkS+cDKY0YQ5Xx68GjEfSo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft rsync://rpki.ripe.net/repository/DEFAULT/PXZ9X-fvPyKL3b3loOXBgAb3VAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:87:db:2b:49:65:c5:b8:f2:0c:10:f1:fc:ed:3b:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d767d5fe7ef3f228bddbde5a0e5c18006f75408 Validity Not Before: Dec 15 15:01:27 2025 GMT Not After : Dec 16 15:01:27 2025 GMT Subject: CN=674f918665ce0ce79ff87d35b2e6482360541fc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:88:93:75:38:bc:03:54:35:c4:c2:47:cf:ff: b5:ec:72:43:2c:82:31:be:4a:ed:f1:7b:29:b7:5c: 1a:7e:78:70:88:46:be:d8:1f:2c:c2:e4:b6:2b:59: 85:1e:45:af:87:1a:33:a2:b7:b2:8a:82:5a:50:b9: 73:79:57:93:73:16:3b:5c:01:6d:56:03:63:5e:63: c5:fd:a0:b4:ce:f0:52:78:c8:3d:07:f5:11:38:a1: 4b:87:87:09:02:95:a3:16:88:6e:19:b5:cd:f1:79: 75:2b:fb:d8:11:cc:de:b0:cf:70:e3:34:05:b8:eb: 6d:07:42:c8:eb:d5:40:61:d0:b0:13:e2:a8:e8:50: 6f:85:bd:c7:02:4a:00:e2:20:14:f6:ba:5a:ef:04: 34:57:2f:3e:98:9b:b5:53:3d:6d:31:18:f6:ae:98: f5:10:32:b8:26:5d:bf:d0:cf:25:f9:b5:80:55:88: 09:27:05:f5:0a:d0:9b:42:7a:0d:82:6f:a2:99:fe: 03:4c:0b:58:30:5b:29:5a:28:7e:12:7a:ae:26:8e: c2:b7:a4:31:6b:cc:b5:28:b2:42:b6:a4:86:84:cd: 03:50:51:08:f2:be:d8:73:a0:70:c4:3a:29:60:63: 86:c5:2c:9e:d3:43:2a:8e:1a:3d:cc:4e:d5:3f:cb: 90:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:4F:91:86:65:CE:0C:E7:9F:F8:7D:35:B2:E6:48:23:60:54:1F:C3 X509v3 Authority Key Identifier: keyid:3D:76:7D:5F:E7:EF:3F:22:8B:DD:BD:E5:A0:E5:C1:80:06:F7:54:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXZ9X-fvPyKL3b3loOXBgAb3VAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/074982-db01-4747-9d12-ff72e4fa93a5/1/PXZ9X-fvPyKL3b3loOXBgAb3VAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:9b:39:df:e7:af:96:56:c7:7c:96:35:bf:04:58:7a:e6:a1: 9a:58:a0:eb:d8:d6:0d:35:2f:87:8c:ed:82:9e:87:bc:15:ce: fa:62:49:9e:71:89:01:de:19:2d:ef:39:e9:e5:61:2d:a3:16: 1f:1f:6c:af:9c:0b:81:34:a8:66:48:23:96:33:7b:7b:93:29: 8e:01:a4:e6:c9:14:b6:44:54:ae:c4:7e:f6:50:db:c7:e6:8b: 5d:2f:0f:51:d2:1e:d9:1f:9d:43:c7:6c:c0:6f:aa:36:a7:79: ab:5f:7f:9f:d9:46:55:b3:9d:7a:db:2a:59:29:bf:13:4d:f1: e2:e0:f2:d6:a5:66:a6:5d:76:34:43:b8:21:ab:6a:87:cd:e8: ac:39:ae:4e:89:dd:86:c9:53:36:1d:96:57:8c:74:5f:3d:01: c4:32:fc:57:7d:ba:74:d3:6d:b6:2d:da:17:8a:00:21:1d:45: 8d:b2:68:54:4a:47:c1:f1:73:99:91:3b:d4:b1:dd:bd:67:ce: 99:2c:4a:57:72:27:e4:06:af:78:43:d6:62:b2:60:26:5a:c5: 5f:01:86:14:14:71:ee:f6:5a:0c:41:08:fd:b8:86:af:7d:c1: da:b7:81:ed:2b:0b:ac:a7:96:70:2f:58:48:c5:0f:3d:11:d3: 90:57:ad:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsih9srSWXFuPIMEPH87TuBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNzY3ZDVmZTdlZjNmMjI4YmRkYmRlNWEwZTVjMTgwMDZm NzU0MDgwHhcNMjUxMjE1MTUwMTI3WhcNMjUxMjE2MTUwMTI3WjAzMTEwLwYDVQQD Eyg2NzRmOTE4NjY1Y2UwY2U3OWZmODdkMzViMmU2NDgyMzYwNTQxZmMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYiTdTi8A1Q1xMJHz/+17HJDLIIx vkrt8Xspt1wafnhwiEa+2B8swuS2K1mFHkWvhxozoreyioJaULlzeVeTcxY7XAFt VgNjXmPF/aC0zvBSeMg9B/UROKFLh4cJApWjFohuGbXN8Xl1K/vYEczesM9w4zQF uOttB0LI69VAYdCwE+Ko6FBvhb3HAkoA4iAU9rpa7wQ0Vy8+mJu1Uz1tMRj2rpj1 EDK4Jl2/0M8l+bWAVYgJJwX1CtCbQnoNgm+imf4DTAtYMFspWih+EnquJo7Ct6Qx a8y1KLJCtqSGhM0DUFEI8r7Yc6BwxDopYGOGxSye00Mqjho9zE7VP8uQ/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGdPkYZlzgznn/h9NbLmSCNgVB/DMB8GA1UdIwQY MBaAFD12fV/n7z8ii9295aDlwYAG91QIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFhaOVgtZnZQeUtMM2IzbG9PWEJnQWIzVkFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8wNzQ5ODItZGIwMS00NzQ3LTlkMTIt ZmY3MmU0ZmE5M2E1LzEvUFhaOVgtZnZQeUtMM2IzbG9PWEJnQWIzVkFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS8wNzQ5ODItZGIwMS00NzQ3LTlkMTItZmY3MmU0ZmE5M2E1 LzEvUFhaOVgtZnZQeUtMM2IzbG9PWEJnQWIzVkFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT5s53+ev llbHfJY1vwRYeuahmlig69jWDTUvh4ztgp6HvBXO+mJJnnGJAd4ZLe856eVhLaMW Hx9sr5wLgTSoZkgjljN7e5MpjgGk5skUtkRUrsR+9lDbx+aLXS8PUdIe2R+dQ8ds wG+qNqd5q19/n9lGVbOdetsqWSm/E03x4uDy1qVmpl12NEO4Iatqh83orDmuTond hslTNh2WV4x0Xz0BxDL8V326dNNtti3aF4oAIR1FjbJoVEpHwfFzmZE71LHdvWfO mSxKV3In5AaveEPWYrJgJlrFXwGGFBRx7vZaDEEI/biGr33B2reB7SsLrKeWcC9Y SMUPPRHTkFetCg== -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:07 2025 by rpki-client