This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft File: PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json) Hash identifier: k0jMBaJngo8Wz0X/XHX76Qjc9TMIE804UeZFC+FcVoQ= Subject key identifier: FA:6A:82:49:BD:F6:F0:63:A4:25:23:4F:48:50:DD:70:EC:CC:58:0D Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC Certificate issuer: /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc Certificate serial: 019AF5099BF1B1D2AA99C2AFDDE4113B67B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 19:00:38 +0000 Manifest this update: Sat 06 Dec 2025 19:00:38 +0000 Manifest next update: Sun 07 Dec 2025 19:00:38 +0000 Files and hashes: 1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: DVvX/V9oLOZGEFl+rVdepzR7v9cBnVbjbQT/V4CeX1Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:9b:f1:b1:d2:aa:99:c2:af:dd:e4:11:3b:67:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc Validity Not Before: Dec 6 19:00:38 2025 GMT Not After : Dec 7 19:00:38 2025 GMT Subject: CN=fa6a8249bdf6f063a425234f4850dd70eccc580d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:df:d2:01:af:72:d6:e9:19:57:42:16:8c:91: ad:39:29:7e:f8:72:ff:54:96:f7:44:11:59:74:99: 9b:ef:27:c7:9b:2c:4e:4e:6a:87:f9:7a:ac:c0:52: 84:38:7f:f3:68:ed:6f:b7:f2:78:13:e9:3a:83:9d: 3c:94:9a:22:8c:87:e2:2c:7d:d7:11:a8:dc:70:87: 9e:2f:a4:b2:27:3e:2c:0e:3c:ff:d7:4f:f3:e3:98: 00:41:a0:07:1d:2c:87:6d:ec:7f:1c:83:ec:2a:23: 3b:86:1f:d0:61:fb:9d:6e:6d:a5:83:75:34:d7:89: a7:98:a7:c6:c4:09:e8:1f:32:af:9c:85:83:c6:f1: d8:73:1b:91:f9:d4:5a:81:f3:33:e8:f3:ff:b1:42: d3:f7:6a:79:22:7c:8e:69:4f:b1:a1:a2:44:bd:c8: 32:08:4b:80:b9:49:81:54:8c:4d:65:b7:d2:4e:6c: 47:21:35:26:5c:c7:e0:7f:7e:43:8c:4e:fc:03:79: 97:9a:e1:75:f1:ac:ae:5d:3f:44:40:f7:fc:7e:78: 76:a2:f8:87:8f:92:25:d6:34:6c:26:5e:00:62:f7: 91:1a:a7:a1:c4:ff:c5:a3:b6:91:4a:3a:4d:d2:33: 72:ad:9c:bf:1d:fb:98:78:32:d9:24:93:54:44:06: c7:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:6A:82:49:BD:F6:F0:63:A4:25:23:4F:48:50:DD:70:EC:CC:58:0D X509v3 Authority Key Identifier: keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:4c:b3:32:68:22:26:b3:f8:44:be:5e:22:7b:4e:31:64:bf: de:91:01:95:64:34:15:d8:0d:30:f0:72:4a:bf:5c:23:cc:e4: 06:9d:ea:66:06:bf:fd:c3:b4:1e:dc:a8:78:1b:d6:6e:fe:3a: eb:54:12:b9:89:f1:f3:0a:00:1a:ab:bb:aa:8b:e4:3a:98:fa: 6f:57:bd:f0:9c:ff:9b:27:60:09:7f:08:e7:88:88:b7:fb:ed: a3:63:44:84:56:53:2a:9b:fd:19:a3:03:37:9f:fc:3e:1f:cd: ba:bb:33:5f:ff:eb:2a:c1:aa:3a:0a:e8:45:24:a8:eb:7e:48: 91:84:83:67:c6:0b:b8:44:ec:de:09:bf:c6:8e:0a:77:1f:5e: 22:30:fd:5e:4e:6e:7c:64:49:06:7b:af:41:08:bf:68:8c:a3: 4d:a7:4f:20:8e:82:49:71:ed:a9:bb:f3:28:7c:2b:a8:71:58: b3:7e:df:af:fa:4d:27:5f:a9:cd:e7:c1:24:b3:78:36:ef:2f: a8:55:76:12:13:d5:ec:7b:51:c0:7f:a2:98:c3:e6:ec:16:06: 7a:8d:70:3e:e8:74:6b:8e:bf:06:23:4b:63:c0:d7:74:bc:d5: 77:d8:82:cf:68:a5:83:17:8f:91:a6:83:21:ad:77:ad:10:a2: 47:f5:58:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CZvxsdKqmcKv3eQRO2e0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi MWIzYmMwHhcNMjUxMjA2MTkwMDM4WhcNMjUxMjA3MTkwMDM4WjAzMTEwLwYDVQQD EyhmYTZhODI0OWJkZjZmMDYzYTQyNTIzNGY0ODUwZGQ3MGVjY2M1ODBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN/SAa9y1ukZV0IWjJGtOSl++HL/ VJb3RBFZdJmb7yfHmyxOTmqH+XqswFKEOH/zaO1vt/J4E+k6g508lJoijIfiLH3X EajccIeeL6SyJz4sDjz/10/z45gAQaAHHSyHbex/HIPsKiM7hh/QYfudbm2lg3U0 14mnmKfGxAnoHzKvnIWDxvHYcxuR+dRagfMz6PP/sULT92p5InyOaU+xoaJEvcgy CEuAuUmBVIxNZbfSTmxHITUmXMfgf35DjE78A3mXmuF18ayuXT9EQPf8fnh2oviH j5Il1jRsJl4AYveRGqehxP/Fo7aRSjpN0jNyrZy/HfuYeDLZJJNURAbHkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPpqgkm99vBjpCUjT0hQ3XDszFgNMB8GA1UdIwQY MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2 LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUEyzMmgi JrP4RL5eIntOMWS/3pEBlWQ0FdgNMPBySr9cI8zkBp3qZga//cO0HtyoeBvWbv46 61QSuYnx8woAGqu7qovkOpj6b1e98Jz/mydgCX8I54iIt/vto2NEhFZTKpv9GaMD N5/8Ph/NurszX//rKsGqOgroRSSo635IkYSDZ8YLuETs3gm/xo4Kdx9eIjD9Xk5u fGRJBnuvQQi/aIyjTadPII6CSXHtqbvzKHwrqHFYs37fr/pNJ1+pzefBJLN4Nu8v qFV2EhPV7HtRwH+imMPm7BYGeo1wPuh0a46/BiNLY8DXdLzVd9iCz2ilgxePkaaD Ia13rRCiR/VYNg== -----END CERTIFICATE-----Generated at Sun Dec 7 05:24:49 2025 by rpki-client