This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft File: Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json) Hash identifier: x68BfwzQaURpJabqA9QSzOGNRAOaU8HzFMBHEwZ3cGA= Subject key identifier: 2C:9C:00:AE:76:8A:AF:CF:C7:05:80:15:2F:F6:49:B4:06:5D:35:98 Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52 Certificate issuer: /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52 Certificate serial: 019B6A32BCD9155E6509D639D8DE68A1464B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft Manifest number: 13B9 Signing time: Mon 29 Dec 2025 13:01:08 +0000 Manifest this update: Mon 29 Dec 2025 13:01:08 +0000 Manifest next update: Tue 30 Dec 2025 13:01:08 +0000 Files and hashes: 1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: MXFvUbgbCwgxTzShX1ZIQYYHW6MzCHsaE7zgfqzX08E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 13:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:32:bc:d9:15:5e:65:09:d6:39:d8:de:68:a1:46:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52 Validity Not Before: Dec 29 13:01:08 2025 GMT Not After : Dec 30 13:01:08 2025 GMT Subject: CN=2c9c00ae768aafcfc70580152ff649b4065d3598 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:0a:e8:92:22:ac:42:75:4b:00:43:48:bf:f4: 50:2c:7d:8b:fe:16:9d:89:1f:4c:72:80:84:1e:a4: 8c:16:bf:ee:e1:3b:82:03:52:ea:08:af:c1:5c:ad: 33:a9:bc:c8:b7:91:75:33:73:8e:57:4c:f6:f0:60: 26:11:dc:d8:e9:32:ad:1b:b9:ba:3a:6f:b4:2f:0f: 9d:4e:ad:72:92:35:35:10:68:e4:d1:97:6b:46:37: 8e:5c:cf:c1:fc:7b:ff:14:e4:a7:4a:62:5c:63:b2: 0a:57:04:89:92:34:d9:07:32:eb:28:8f:62:9f:96: 42:1e:19:c6:4a:10:93:82:56:fc:72:de:fd:ea:89: e5:d6:6c:17:1d:5e:c8:c5:df:32:9a:a6:0c:1f:d0: 47:3f:e4:e2:69:82:2a:06:b0:1f:c4:f8:a3:04:91: 6e:c1:58:75:15:7c:05:fd:eb:0d:8f:45:cb:19:d7: 61:0e:c5:e1:01:ee:fe:58:d4:69:b6:27:3b:8d:a3: 02:5b:81:69:f3:0c:08:71:ac:e0:45:26:eb:ce:e4: d0:e2:61:40:c0:7c:49:64:e6:ef:58:94:0f:58:a2: 2f:4e:c8:50:80:49:8b:a5:73:1b:0e:5a:77:56:eb: bd:8c:b1:f9:f4:e6:e5:a7:5f:61:20:d2:5f:3f:f4: e6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:9C:00:AE:76:8A:AF:CF:C7:05:80:15:2F:F6:49:B4:06:5D:35:98 X509v3 Authority Key Identifier: keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:24:6d:fd:fd:47:b4:c6:4d:cf:45:3a:9b:0d:cb:89:84:61: 7f:ce:95:0b:10:7d:b8:17:a4:43:de:39:24:78:a6:00:21:d7: 13:43:17:34:b2:bd:52:70:7e:80:e5:2b:47:d0:1b:48:c4:40: 97:4b:d3:c0:f1:1f:63:3e:1f:bb:9a:67:61:17:7e:55:b3:bf: c6:6c:17:39:5b:a7:a7:03:f6:a2:c6:73:39:eb:5b:fe:fe:f1: 59:b8:7c:21:e2:88:77:ea:5f:84:37:ff:35:15:32:fa:5e:e7: 0a:dc:85:f4:e5:8f:bd:dd:77:cd:64:ca:9c:5e:7a:c5:e1:c7: b2:7b:18:86:cb:02:99:a0:c4:c4:7b:9e:ef:84:2a:80:65:c3: 4b:1f:3b:d9:6f:e9:43:35:68:20:f9:e4:c0:c9:4c:9d:7b:ab: cc:79:3d:23:ac:2f:50:76:de:cc:6d:8f:22:63:8b:71:a8:dd: 8d:72:02:55:36:ca:9e:ce:4a:8a:65:55:96:c5:3f:44:43:bf: e9:96:f5:dc:b3:de:92:8a:08:8f:fa:fd:d0:1a:67:07:3e:b0: b7:18:56:b8:80:4d:b7:db:37:c8:76:78:c9:e6:60:b7:58:8f: 88:18:0c:f5:9b:a5:c6:ac:a6:a1:d9:44:f1:50:65:5c:de:4f: 91:74:30:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtqMrzZFV5lCdY52N5ooUZLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0 NjRlNTIwHhcNMjUxMjI5MTMwMTA4WhcNMjUxMjMwMTMwMTA4WjAzMTEwLwYDVQQD EygyYzljMDBhZTc2OGFhZmNmYzcwNTgwMTUyZmY2NDliNDA2NWQzNTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogrokiKsQnVLAENIv/RQLH2L/had iR9McoCEHqSMFr/u4TuCA1LqCK/BXK0zqbzIt5F1M3OOV0z28GAmEdzY6TKtG7m6 Om+0Lw+dTq1ykjU1EGjk0ZdrRjeOXM/B/Hv/FOSnSmJcY7IKVwSJkjTZBzLrKI9i n5ZCHhnGShCTglb8ct796onl1mwXHV7Ixd8ymqYMH9BHP+TiaYIqBrAfxPijBJFu wVh1FXwF/esNj0XLGddhDsXhAe7+WNRptic7jaMCW4Fp8wwIcazgRSbrzuTQ4mFA wHxJZObvWJQPWKIvTshQgEmLpXMbDlp3Vuu9jLH59Oblp19hINJfP/Tm8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCycAK52iq/PxwWAFS/2SbQGXTWYMB8GA1UdIwQY MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4 LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVCRt/f1H tMZNz0U6mw3LiYRhf86VCxB9uBekQ945JHimACHXE0MXNLK9UnB+gOUrR9AbSMRA l0vTwPEfYz4fu5pnYRd+VbO/xmwXOVunpwP2osZzOetb/v7xWbh8IeKId+pfhDf/ NRUy+l7nCtyF9OWPvd13zWTKnF56xeHHsnsYhssCmaDExHue74QqgGXDSx872W/p QzVoIPnkwMlMnXurzHk9I6wvUHbezG2PImOLcajdjXICVTbKns5KimVVlsU/REO/ 6Zb13LPekooIj/r90BpnBz6wtxhWuIBNt9s3yHZ4yeZgt1iPiBgM9ZulxqymodlE 8VBlXN5PkXQw+Q== -----END CERTIFICATE-----Generated at Mon Dec 29 17:41:42 2025 by rpki-client