This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft File: PkJOJFpkMkpocx3SbzDGhbqopng.mft (raw, json) Hash identifier: C3FDVp3Os4dWbDEhbJcFWkPaaSbRpMTTiIFOC3kHcJE= Subject key identifier: 45:C3:8D:B4:F6:06:A0:72:BC:A4:A5:BE:19:B3:21:76:AC:9E:B2:BE Authority key identifier: 3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78 Certificate issuer: /CN=3e424e245a64324a68731dd26f30c685baa8a678 Certificate serial: 019B6CFC355D500153F63702C4892C7E13B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft Manifest number: 17A3 Signing time: Tue 30 Dec 2025 02:00:26 +0000 Manifest this update: Tue 30 Dec 2025 02:00:26 +0000 Manifest next update: Wed 31 Dec 2025 02:00:26 +0000 Files and hashes: 1: 9BKbZIRd9-X7DwnbmN0tiFBfwDk.roa (hash: sc6ZIVElHs/p3IrdFGLfeuXuK5hZseBYNoiFQsWbBIY=) 2: PkJOJFpkMkpocx3SbzDGhbqopng.crl (hash: CD+JDN5aeeO9+ThSIswXaCikG8Xah3XJcwQQiLXmYng=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 23:52:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:fc:35:5d:50:01:53:f6:37:02:c4:89:2c:7e:13:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e424e245a64324a68731dd26f30c685baa8a678 Validity Not Before: Dec 30 02:00:26 2025 GMT Not After : Dec 31 02:00:26 2025 GMT Subject: CN=45c38db4f606a072bca4a5be19b32176ac9eb2be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a6:a2:e8:06:9b:a1:b8:1b:ca:eb:05:19:a4: c2:b6:a5:3d:ff:1e:54:8f:ea:2d:15:56:53:dc:da: 56:ef:5c:fc:fc:04:2b:9d:22:27:32:68:d4:8e:d6: d4:e8:d2:a9:71:e5:d8:26:6a:e0:ba:51:1f:6f:7c: bb:5b:a0:ca:b9:5e:89:62:41:24:be:b5:07:ac:e0: 03:cc:c1:2a:54:04:8e:12:f3:48:a6:6b:b4:08:d2: b9:aa:d4:78:45:17:d9:d2:84:f6:5b:cc:cf:46:62: df:a6:e3:34:63:8c:d0:fd:5c:73:f4:f5:fb:82:a5: c8:2b:e0:76:3e:8d:ee:2d:c6:0d:e4:1d:ff:5a:76: 29:25:a2:f8:49:90:31:0e:f8:a5:96:8b:cd:89:51: 50:58:55:1f:b0:78:88:b6:1f:76:8e:82:16:af:ad: 02:71:14:5c:76:6b:a4:2b:ef:52:e3:78:90:9e:40: 6e:55:58:24:af:d7:3a:ee:f9:01:a1:be:68:fb:cd: ab:17:87:c0:85:f9:c8:a9:86:da:c6:16:6f:35:0e: 38:62:be:54:5e:66:a2:9c:e0:55:1c:67:3c:85:29: 79:1a:12:8d:31:72:6b:54:f5:40:27:27:43:fa:1e: 5b:ff:a7:a7:81:15:fa:a4:62:3f:71:44:55:0f:0a: 77:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:C3:8D:B4:F6:06:A0:72:BC:A4:A5:BE:19:B3:21:76:AC:9E:B2:BE X509v3 Authority Key Identifier: keyid:3E:42:4E:24:5A:64:32:4A:68:73:1D:D2:6F:30:C6:85:BA:A8:A6:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PkJOJFpkMkpocx3SbzDGhbqopng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1002c1-00bc-4308-b55d-54da0468fdad/1/PkJOJFpkMkpocx3SbzDGhbqopng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:da:8e:ba:09:c5:dc:52:c4:17:bd:6a:14:90:16:29:97:a5: 2d:27:73:07:0b:21:f5:df:2f:f0:a5:b1:64:2c:c9:0c:d0:7f: 58:b7:c4:e8:94:42:c6:69:fc:66:39:f0:0f:8c:f0:5e:1b:66: f8:cd:4c:fa:4a:a3:f3:5c:be:9a:2a:e4:5f:2c:9c:36:d9:e6: 88:a9:1f:13:d5:00:59:73:9c:0b:75:bd:9a:7e:66:eb:0e:3c: 63:cc:3f:37:c5:2a:fa:22:e1:df:9c:c3:be:85:cb:49:d2:06: 53:12:e2:2e:f8:bc:b7:5b:ae:3c:3a:b3:c3:df:53:fc:33:57: 3c:4a:ec:ec:7d:25:2a:3f:78:61:e9:6a:50:69:42:74:e8:a4: 3e:b4:0d:a6:df:5e:21:1d:6f:97:f6:04:95:d3:fd:1f:42:04: 65:56:53:ac:35:9d:2b:a9:33:4e:af:bf:06:17:8f:0e:44:7b: 86:20:df:59:45:94:48:12:1e:c0:a5:f3:98:c6:c4:c7:68:4e: 82:e2:64:5d:1c:fa:1e:35:51:6f:5b:1e:19:25:19:7b:5c:0f: d6:4c:ce:3a:4f:63:a1:65:48:37:71:54:b2:9c:0f:47:29:f5: f1:a9:3e:d4:c4:7a:5f:41:13:4c:e6:4f:03:a4:83:d1:82:e2: 7b:86:8b:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZts/DVdUAFT9jcCxIksfhOyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlNDI0ZTI0NWE2NDMyNGE2ODczMWRkMjZmMzBjNjg1YmFh OGE2NzgwHhcNMjUxMjMwMDIwMDI2WhcNMjUxMjMxMDIwMDI2WjAzMTEwLwYDVQQD Eyg0NWMzOGRiNGY2MDZhMDcyYmNhNGE1YmUxOWIzMjE3NmFjOWViMmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKai6AabobgbyusFGaTCtqU9/x5U j+otFVZT3NpW71z8/AQrnSInMmjUjtbU6NKpceXYJmrgulEfb3y7W6DKuV6JYkEk vrUHrOADzMEqVASOEvNIpmu0CNK5qtR4RRfZ0oT2W8zPRmLfpuM0Y4zQ/Vxz9PX7 gqXIK+B2Po3uLcYN5B3/WnYpJaL4SZAxDvillovNiVFQWFUfsHiIth92joIWr60C cRRcdmukK+9S43iQnkBuVVgkr9c67vkBob5o+82rF4fAhfnIqYbaxhZvNQ44Yr5U XmainOBVHGc8hSl5GhKNMXJrVPVAJydD+h5b/6engRX6pGI/cURVDwp3pQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEXDjbT2BqByvKSlvhmzIXasnrK+MB8GA1UdIwQY MBaAFD5CTiRaZDJKaHMd0m8wxoW6qKZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQt NTRkYTA0NjhmZGFkLzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC8xMDAyYzEtMDBiYy00MzA4LWI1NWQtNTRkYTA0NjhmZGFk LzEvUGtKT0pGcGtNa3BvY3gzU2J6REdoYnFvcG5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9qOugnF 3FLEF71qFJAWKZelLSdzBwsh9d8v8KWxZCzJDNB/WLfE6JRCxmn8ZjnwD4zwXhtm +M1M+kqj81y+mirkXyycNtnmiKkfE9UAWXOcC3W9mn5m6w48Y8w/N8Uq+iLh35zD voXLSdIGUxLiLvi8t1uuPDqzw99T/DNXPErs7H0lKj94YelqUGlCdOikPrQNpt9e IR1vl/YEldP9H0IEZVZTrDWdK6kzTq+/BhePDkR7hiDfWUWUSBIewKXzmMbEx2hO guJkXRz6HjVRb1seGSUZe1wP1kzOOk9joWVIN3FUspwPRyn18ak+1MR6X0ETTOZP A6SD0YLie4aL8A== -----END CERTIFICATE-----Generated at Tue Dec 30 04:38:15 2025 by rpki-client