This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft File: pkHn9ngj7vUqGf4dyODmp_QclDM.mft (raw, json) Hash identifier: VfASaOtlSerPABlaIyl014qqYsObE9zU0F8qxKVYrYg= Subject key identifier: F7:2B:4C:F0:C4:D4:F5:44:88:70:28:91:12:EE:00:D4:9F:3C:F4:9A Authority key identifier: A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33 Certificate issuer: /CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433 Certificate serial: 019B3CEBF5FA43D0F0C1A17DD0CD2A4EAFFA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft Manifest number: 0B25 Signing time: Sat 20 Dec 2025 18:00:55 +0000 Manifest this update: Sat 20 Dec 2025 18:00:55 +0000 Manifest next update: Sun 21 Dec 2025 18:00:55 +0000 Files and hashes: 1: H2ciew030YT_ZKL58SNBSDs0iQc.roa (hash: dr7FPAyraTf1nqxR0HjlvGsow4ZxkGibDCSpB0tZ3CU=) 2: pkHn9ngj7vUqGf4dyODmp_QclDM.crl (hash: fpdFBYHCYjFj1j/9KwvOjW2wQRoKdz2OHn2B65GH37I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:eb:f5:fa:43:d0:f0:c1:a1:7d:d0:cd:2a:4e:af:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433 Validity Not Before: Dec 20 18:00:55 2025 GMT Not After : Dec 21 18:00:55 2025 GMT Subject: CN=f72b4cf0c4d4f5448870289112ee00d49f3cf49a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c3:cb:87:8f:11:5d:40:4b:15:33:2d:0b:57: c6:a9:6b:80:a8:0b:7c:ae:f4:41:22:7c:4b:e1:a1: 4a:c8:9e:44:51:7b:91:43:c2:1c:4e:72:8e:f4:6a: 3a:d3:e2:ac:b6:03:ed:bf:e2:dd:c3:de:62:36:9a: 90:92:de:10:47:48:df:e5:dd:4b:38:96:fe:85:d2: ff:e0:27:4f:fb:9c:45:15:7a:92:68:b5:f0:23:62: a6:2b:42:d7:35:ad:49:89:51:03:2c:bf:ab:20:96: 8f:76:32:e6:f1:2c:98:c1:61:99:ca:22:bd:21:2a: 42:5a:b0:3a:b5:d7:47:34:96:84:81:d1:73:26:8d: a7:66:85:5d:43:e5:88:32:45:9c:37:cf:f1:72:b9: 6a:5d:6f:ae:93:5c:7e:2a:08:05:4b:b1:ce:5e:05: 5a:76:23:1e:75:ad:cb:8e:d6:b5:da:3c:2a:eb:fe: 43:27:fb:95:3d:f3:38:cc:e3:b4:65:1c:53:19:83: f6:0e:02:6f:5e:5b:be:5d:df:2e:88:cb:52:05:c4: cd:23:05:35:3f:b1:eb:b3:ba:d7:c1:55:03:81:0a: 85:fc:de:ae:2f:fe:cf:eb:9c:0f:b9:ed:43:ee:1a: f6:d0:b2:ce:ad:f3:02:79:5a:ba:ef:19:53:9e:2f: 8c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:2B:4C:F0:C4:D4:F5:44:88:70:28:91:12:EE:00:D4:9F:3C:F4:9A X509v3 Authority Key Identifier: keyid:A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:c1:70:3f:c3:bf:d5:e4:ee:e4:9f:e2:f7:56:94:d2:1c:a6: 56:b2:06:6f:73:3a:53:5b:2a:69:91:b4:e8:6e:42:d5:62:b2: c6:0c:29:c6:d4:1c:e2:a2:c0:1f:5d:56:05:ad:5a:f0:ea:cf: df:9c:54:6f:4c:e5:40:01:37:8d:60:26:13:18:90:69:d2:62: ba:ba:f8:ec:d9:c2:d6:b7:6c:50:59:1a:f2:c7:27:f7:a2:f9: 0f:b0:66:36:d9:c5:dd:db:73:2b:47:90:12:a5:cd:e4:88:c3: aa:40:99:90:76:1d:e7:5a:d8:0b:89:ee:99:52:fb:c8:a2:fe: bc:0a:84:63:60:e9:df:6e:6d:04:88:7d:77:4f:3f:a5:c5:6b: 90:3f:df:3a:0c:84:6a:c9:93:b3:be:8a:ea:23:f2:27:c0:1e: e4:45:13:21:7e:2e:86:2b:ac:62:85:00:da:d0:e1:7e:e2:f9: 46:5f:93:ab:a2:a4:62:44:42:ed:ae:7b:7c:dd:31:f5:34:50: 06:40:be:26:71:c8:f0:94:6d:96:f6:df:a2:39:f2:11:b4:b0: 28:41:3d:e7:9c:6b:b6:ef:87:ef:a5:be:35:8b:82:ab:f3:92: 54:93:2a:a5:d7:54:45:fc:88:fa:ac:25:20:21:b8:55:35:12: b6:64:07:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs86/X6Q9DwwaF90M0qTq/6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NDFlN2Y2NzgyM2VlZjUyYTE5ZmUxZGM4ZTBlNmE3ZjQx Yzk0MzMwHhcNMjUxMjIwMTgwMDU1WhcNMjUxMjIxMTgwMDU1WjAzMTEwLwYDVQQD EyhmNzJiNGNmMGM0ZDRmNTQ0ODg3MDI4OTExMmVlMDBkNDlmM2NmNDlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsPLh48RXUBLFTMtC1fGqWuAqAt8 rvRBInxL4aFKyJ5EUXuRQ8IcTnKO9Go60+KstgPtv+Ldw95iNpqQkt4QR0jf5d1L OJb+hdL/4CdP+5xFFXqSaLXwI2KmK0LXNa1JiVEDLL+rIJaPdjLm8SyYwWGZyiK9 ISpCWrA6tddHNJaEgdFzJo2nZoVdQ+WIMkWcN8/xcrlqXW+uk1x+KggFS7HOXgVa diMeda3Ljta12jwq6/5DJ/uVPfM4zOO0ZRxTGYP2DgJvXlu+Xd8uiMtSBcTNIwU1 P7Hrs7rXwVUDgQqF/N6uL/7P65wPue1D7hr20LLOrfMCeVq67xlTni+MawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPcrTPDE1PVEiHAokRLuANSfPPSaMB8GA1UdIwQY MBaAFKZB5/Z4I+71Khn+Hcjg5qf0HJQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUt MDc4OGY3OTIxODUyLzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUtMDc4OGY3OTIxODUy LzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZcFwP8O/ 1eTu5J/i91aU0hymVrIGb3M6U1sqaZG06G5C1WKyxgwpxtQc4qLAH11WBa1a8OrP 35xUb0zlQAE3jWAmExiQadJiurr47NnC1rdsUFka8scn96L5D7BmNtnF3dtzK0eQ EqXN5IjDqkCZkHYd51rYC4numVL7yKL+vAqEY2Dp325tBIh9d08/pcVrkD/fOgyE asmTs76K6iPyJ8Ae5EUTIX4uhiusYoUA2tDhfuL5Rl+Tq6KkYkRC7a57fN0x9TRQ BkC+JnHI8JRtlvbfojnyEbSwKEE955xrtu+H76W+NYuCq/OSVJMqpddURfyI+qwl ICG4VTUStmQH/Q== -----END CERTIFICATE-----Generated at Sun Dec 21 01:47:32 2025 by rpki-client