This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft File: PEHqRBeKcCxQcAACPRSp-cRyYOY.mft (raw, json) Hash identifier: 4m7Uw48Mk17bXcxjM0TYO/tV/7NbgXAUXX69nWCq1BE= Subject key identifier: 0C:99:08:64:90:53:F9:B0:C2:9D:6D:86:63:99:32:FC:F3:CA:E2:DF Authority key identifier: 3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6 Certificate issuer: /CN=3c41ea44178a702c507000023d14a9f9c47260e6 Certificate serial: 019AF31C7BDD602FD7E04A6FC6D9044EAD12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft Manifest number: 1166 Signing time: Sat 06 Dec 2025 10:02:01 +0000 Manifest this update: Sat 06 Dec 2025 10:02:01 +0000 Manifest next update: Sun 07 Dec 2025 10:02:01 +0000 Files and hashes: 1: PEHqRBeKcCxQcAACPRSp-cRyYOY.crl (hash: NzL6QFnm2ZyTYnH13AvsmfuyfxWyS7dyW+DInnbXtDc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:7b:dd:60:2f:d7:e0:4a:6f:c6:d9:04:4e:ad:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c41ea44178a702c507000023d14a9f9c47260e6 Validity Not Before: Dec 6 10:02:01 2025 GMT Not After : Dec 7 10:02:01 2025 GMT Subject: CN=0c9908649053f9b0c29d6d86639932fcf3cae2df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6b:3c:be:f2:8f:5d:f9:d2:dd:bd:ec:a7:d5: db:07:f8:7a:71:17:99:0b:24:5f:14:f8:6d:81:a6: 38:5b:fb:6e:0b:d2:be:db:db:00:c2:21:c1:5b:8d: a8:9d:f3:4f:3e:ef:bb:64:b2:cf:2c:7d:14:ce:70: a9:60:df:70:8a:e6:cf:6f:e5:28:3d:6f:16:92:d9: 3a:ec:83:67:1b:52:e9:ab:5b:e8:63:51:aa:b4:60: e8:38:9d:e0:2c:ce:7e:59:ba:c4:8b:e5:e9:c1:ef: d9:4f:ce:de:01:35:9d:9a:4f:a1:5d:61:ac:b8:6e: 7e:d7:0a:94:a0:f0:b4:5d:89:c5:43:63:dc:98:10: c8:1d:1a:e0:70:02:4e:70:c8:af:4d:1c:84:27:57: d5:94:48:b3:f5:19:f5:16:e3:4e:c8:0a:ad:f6:34: 4e:2f:87:70:af:f3:f4:73:f2:de:3f:d2:a4:21:d1: e9:50:95:63:88:15:ac:63:58:52:ca:a7:bf:4a:41: 11:33:48:33:2f:b8:e9:e3:37:43:9a:8d:7d:e0:a2: b8:19:0c:39:a3:02:d7:d3:68:98:83:48:74:e0:c8: b1:d1:e1:7f:44:cd:62:2e:f3:02:80:28:27:5d:39: 5b:00:f4:c5:67:1f:a6:9b:c9:17:bd:ea:7e:0d:6a: 0d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:99:08:64:90:53:F9:B0:C2:9D:6D:86:63:99:32:FC:F3:CA:E2:DF X509v3 Authority Key Identifier: keyid:3C:41:EA:44:17:8A:70:2C:50:70:00:02:3D:14:A9:F9:C4:72:60:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEHqRBeKcCxQcAACPRSp-cRyYOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/144941-1354-4869-aac2-747251e49242/1/PEHqRBeKcCxQcAACPRSp-cRyYOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:30:07:85:6e:d4:b0:dc:73:f3:d8:88:6b:ff:0f:36:b4:9b: dc:f3:7f:c0:67:22:da:b1:5a:89:7f:c6:b1:29:03:39:cc:24: 7e:96:c0:57:0b:1a:9c:88:1f:07:4a:9a:e5:6c:ff:2f:2d:ae: 11:db:77:fa:b9:9c:de:99:2c:b4:3d:3b:2a:eb:f9:2d:25:eb: ba:e4:8e:83:6d:a9:06:a4:2d:d1:94:e0:ef:be:a5:1c:5c:03: fa:3e:2f:65:97:44:5a:43:0e:35:1d:3f:ab:4d:45:83:10:1d: 12:77:97:43:4e:12:62:49:85:ab:e2:59:67:ca:b6:1b:f3:6e: 8f:66:1b:8c:c7:16:a7:7c:a5:b6:05:21:f2:be:91:24:04:4a: 9c:69:01:7d:0e:b8:70:bd:9d:1d:51:00:24:3f:e7:0e:72:16: 06:ac:75:46:21:95:af:28:7a:44:d9:b7:63:e1:7c:d0:85:06: 05:51:db:b4:d5:0e:4b:ba:56:57:f9:fa:80:e0:ff:62:cb:7d: a1:84:f6:7a:65:c6:3d:14:f5:8c:c1:98:af:ff:cf:cb:fd:ec: 64:c6:0b:17:ef:5b:87:3e:12:e1:2f:7b:43:e6:a6:90:10:33: df:73:03:2f:62:7f:b7:23:a9:b3:48:01:e6:7b:6e:6e:6f:ce: ba:44:a5:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHHvdYC/X4EpvxtkETq0SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNDFlYTQ0MTc4YTcwMmM1MDcwMDAwMjNkMTRhOWY5YzQ3 MjYwZTYwHhcNMjUxMjA2MTAwMjAxWhcNMjUxMjA3MTAwMjAxWjAzMTEwLwYDVQQD EygwYzk5MDg2NDkwNTNmOWIwYzI5ZDZkODY2Mzk5MzJmY2YzY2FlMmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGs8vvKPXfnS3b3sp9XbB/h6cReZ CyRfFPhtgaY4W/tuC9K+29sAwiHBW42onfNPPu+7ZLLPLH0UznCpYN9wiubPb+Uo PW8Wktk67INnG1Lpq1voY1GqtGDoOJ3gLM5+WbrEi+Xpwe/ZT87eATWdmk+hXWGs uG5+1wqUoPC0XYnFQ2PcmBDIHRrgcAJOcMivTRyEJ1fVlEiz9Rn1FuNOyAqt9jRO L4dwr/P0c/LeP9KkIdHpUJVjiBWsY1hSyqe/SkERM0gzL7jp4zdDmo194KK4GQw5 owLX02iYg0h04Mix0eF/RM1iLvMCgCgnXTlbAPTFZx+mm8kXvep+DWoNKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAyZCGSQU/mwwp1thmOZMvzzyuLfMB8GA1UdIwQY MBaAFDxB6kQXinAsUHAAAj0UqfnEcmDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzIt NzQ3MjUxZTQ5MjQyLzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8xNDQ5NDEtMTM1NC00ODY5LWFhYzItNzQ3MjUxZTQ5MjQy LzEvUEVIcVJCZUtjQ3hRY0FBQ1BSU3AtY1J5WU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKzAHhW7U sNxz89iIa/8PNrSb3PN/wGci2rFaiX/GsSkDOcwkfpbAVwsanIgfB0qa5Wz/Ly2u Edt3+rmc3pkstD07Kuv5LSXruuSOg22pBqQt0ZTg776lHFwD+j4vZZdEWkMONR0/ q01FgxAdEneXQ04SYkmFq+JZZ8q2G/Nuj2YbjMcWp3yltgUh8r6RJARKnGkBfQ64 cL2dHVEAJD/nDnIWBqx1RiGVryh6RNm3Y+F80IUGBVHbtNUOS7pWV/n6gOD/Yst9 oYT2emXGPRT1jMGYr//Py/3sZMYLF+9bhz4S4S97Q+amkBAz33MDL2J/tyOps0gB 5ntubm/OukSl2A== -----END CERTIFICATE-----Generated at Sat Dec 6 16:31:53 2025 by rpki-client