This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft File: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json) Hash identifier: y2DK0wvOzTUXitvwNlY6Fm1rkr4nXN+PW1A5r4jMNU4= Subject key identifier: 9C:68:7D:96:ED:23:A4:C7:C8:1C:92:6A:3D:3A:C9:FE:98:30:AB:16 Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34 Certificate issuer: /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834 Certificate serial: 019AF31BA9A348139A721D5C9A69404D9B40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft Manifest number: 1732 Signing time: Sat 06 Dec 2025 10:01:07 +0000 Manifest this update: Sat 06 Dec 2025 10:01:07 +0000 Manifest next update: Sun 07 Dec 2025 10:01:07 +0000 Files and hashes: 1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: zthHo1Cx4zeZRhL1wLRXGN1Yk2GIOeZXETe4waH8QG0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:a9:a3:48:13:9a:72:1d:5c:9a:69:40:4d:9b:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834 Validity Not Before: Dec 6 10:01:07 2025 GMT Not After : Dec 7 10:01:07 2025 GMT Subject: CN=9c687d96ed23a4c7c81c926a3d3ac9fe9830ab16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b4:2b:dc:39:ba:f4:89:07:7e:4c:54:1e:8e: 18:c2:e2:3e:d2:dd:2c:07:63:17:b2:46:57:9b:49: cc:3d:85:dd:55:75:65:7b:40:49:50:cf:8b:2b:66: a2:0e:38:14:3b:b7:53:b7:51:2d:ed:ec:1c:b8:10: ab:71:98:ba:cb:2f:9c:8f:1b:7f:59:30:e8:33:bd: 11:06:15:f2:8c:ff:b6:b0:08:ce:20:4f:e3:bc:37: a3:fc:21:79:15:87:fe:03:50:0f:0d:55:a8:bb:20: 3c:ee:8d:83:8a:53:e0:84:c0:6d:5d:d3:50:20:1f: cd:bf:37:60:fe:95:8a:24:f9:f2:20:9d:1d:da:a8: a2:a0:53:b3:94:4e:c9:5e:08:8e:c2:09:99:5f:04: 81:9b:fa:e1:72:4a:15:b0:f0:48:8b:16:a2:73:50: 58:51:b7:d3:01:c1:99:01:ee:73:52:e1:05:73:61: 55:e3:07:bd:c3:20:89:b5:f6:73:cf:32:96:ae:e8: 33:8e:08:26:43:18:5e:e3:8f:d8:73:ce:98:1e:00: aa:74:f0:73:ee:1d:ba:39:55:ac:a8:40:27:cc:4a: cb:0f:38:65:8f:a3:11:28:35:a2:1a:c8:5f:64:a9: 7f:49:6b:24:a7:35:f2:16:08:59:93:4b:07:4d:11: 32:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:68:7D:96:ED:23:A4:C7:C8:1C:92:6A:3D:3A:C9:FE:98:30:AB:16 X509v3 Authority Key Identifier: keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:a5:ca:67:87:9e:7a:3b:b9:93:17:0a:30:02:44:e5:d4:2f: 9b:3b:fb:4f:5f:b8:bf:13:e3:75:25:39:bc:5e:06:1f:ef:82: 4c:41:89:38:83:3b:79:be:03:83:65:bd:31:4a:23:f8:95:b1: 12:40:b2:4c:9f:23:1c:39:80:ef:ab:9a:54:04:e3:e0:f8:21: 43:f3:fd:57:91:0b:b7:0e:d8:47:bf:8e:2d:bd:00:96:de:c2: 07:7f:9c:92:58:48:09:ab:2c:49:f2:ab:05:6d:94:a3:c6:e7: da:b7:b4:71:a7:df:92:a0:8c:a0:56:96:ab:d9:c5:ea:06:f6: 33:60:e6:e8:ec:1e:db:d7:01:2b:1a:d9:e7:f5:38:dd:c9:90: f3:92:61:3b:fc:3b:bb:b4:e6:7a:e0:42:58:8a:1f:1a:aa:92: 1e:e1:9f:39:30:53:80:72:cd:d8:92:8a:76:1b:69:83:ab:15: 15:92:b9:3b:35:d2:59:8a:2f:75:12:1a:99:46:2d:35:a6:2a: 88:d1:3d:53:55:9e:33:1d:67:ba:db:f9:73:9d:9c:4a:7c:a7: 6c:5a:74:e3:6b:29:e5:1b:9a:b0:ad:2e:d8:d3:04:01:eb:87: 4a:c8:0b:06:23:ac:44:d7:a9:34:db:46:6a:ac:d4:59:85:31: fc:1a:fa:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG6mjSBOach1cmmlATZtAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm MTI4MzQwHhcNMjUxMjA2MTAwMTA3WhcNMjUxMjA3MTAwMTA3WjAzMTEwLwYDVQQD Eyg5YzY4N2Q5NmVkMjNhNGM3YzgxYzkyNmEzZDNhYzlmZTk4MzBhYjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLQr3Dm69IkHfkxUHo4YwuI+0t0s B2MXskZXm0nMPYXdVXVle0BJUM+LK2aiDjgUO7dTt1Et7ewcuBCrcZi6yy+cjxt/ WTDoM70RBhXyjP+2sAjOIE/jvDej/CF5FYf+A1APDVWouyA87o2DilPghMBtXdNQ IB/Nvzdg/pWKJPnyIJ0d2qiioFOzlE7JXgiOwgmZXwSBm/rhckoVsPBIixaic1BY UbfTAcGZAe5zUuEFc2FV4we9wyCJtfZzzzKWrugzjggmQxhe44/Yc86YHgCqdPBz 7h26OVWsqEAnzErLDzhlj6MRKDWiGshfZKl/SWskpzXyFghZk0sHTREyqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJxofZbtI6THyBySaj06yf6YMKsWMB8GA1UdIwQY MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqXKZ4ee eju5kxcKMAJE5dQvmzv7T1+4vxPjdSU5vF4GH++CTEGJOIM7eb4Dg2W9MUoj+JWx EkCyTJ8jHDmA76uaVATj4PghQ/P9V5ELtw7YR7+OLb0Alt7CB3+cklhICassSfKr BW2Uo8bn2re0caffkqCMoFaWq9nF6gb2M2Dm6Owe29cBKxrZ5/U43cmQ85JhO/w7 u7TmeuBCWIofGqqSHuGfOTBTgHLN2JKKdhtpg6sVFZK5OzXSWYovdRIamUYtNaYq iNE9U1WeMx1nutv5c52cSnynbFp042sp5RuasK0u2NMEAeuHSsgLBiOsRNepNNtG aqzUWYUx/Br69g== -----END CERTIFICATE-----Generated at Sat Dec 6 17:26:37 2025 by rpki-client