This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft File: pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft (raw, json) Hash identifier: w+mWLC9E4IheXcAKt+iRmatLH8aNkKEmaI2h4plqki0= Subject key identifier: 44:C2:32:5F:B9:D0:29:82:B2:19:79:A6:56:FF:BF:A2:37:6B:8E:B6 Authority key identifier: A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB Certificate issuer: /CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb Certificate serial: 019AF5AEC86B657830031A2C87758B15C044 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft Manifest number: 0BF6 Signing time: Sat 06 Dec 2025 22:01:03 +0000 Manifest this update: Sat 06 Dec 2025 22:01:03 +0000 Manifest next update: Sun 07 Dec 2025 22:01:03 +0000 Files and hashes: 1: LPRtA19ISdoMAcOg5dTdVh6L9Jk.roa (hash: yfplS3KyTgY8se7AVlwzcVLsAsein115ckLeaHyCF6w=) 2: pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl (hash: Sd2zKjd+mAder0X7hCbZeQZ+TA/4sjKPqqaqY4sQbH0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:c8:6b:65:78:30:03:1a:2c:87:75:8b:15:c0:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb Validity Not Before: Dec 6 22:01:03 2025 GMT Not After : Dec 7 22:01:03 2025 GMT Subject: CN=44c2325fb9d02982b21979a656ffbfa2376b8eb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:2e:b7:60:de:54:88:1b:e9:38:62:26:01:3c: 2a:1c:6c:24:8a:e5:56:1d:50:18:7e:e6:fe:b5:c1: ab:55:70:3e:3b:15:b1:8b:d4:80:0e:a6:51:a5:9e: 28:b2:28:1c:3b:85:58:21:c8:c6:57:d9:f0:74:0f: 6b:7f:c9:55:cb:79:a8:4d:73:6a:1d:c2:88:99:70: 48:c8:03:33:9a:1a:25:cc:aa:88:59:88:80:66:12: 4c:75:c4:7f:80:71:bb:dd:20:d9:5a:8a:7e:3d:be: 7d:31:6a:97:7d:15:29:b2:de:9b:1a:2b:10:8e:5c: 26:54:0c:d3:5f:55:71:55:ac:d2:b8:9d:11:c6:9f: e7:64:23:e9:cd:b7:54:58:97:b2:e6:22:fe:dd:44: 56:a6:dc:ab:f0:fd:21:ed:cb:6c:4a:51:e0:ed:ec: a0:95:34:6c:e1:1a:44:63:e2:48:c0:7c:55:a0:d6: b5:50:26:e9:fd:bf:0d:16:a6:f7:73:e5:ee:75:46: 2e:be:9e:74:b0:6b:60:64:67:a9:5c:b2:21:19:0f: 68:dd:b2:44:8f:ae:11:77:8c:f2:2f:36:73:7e:52: 3e:ab:06:b1:d6:ac:44:c6:82:12:4d:d7:53:93:05: 90:17:6e:69:29:5a:00:a3:75:71:e3:ce:fb:80:b5: d3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:C2:32:5F:B9:D0:29:82:B2:19:79:A6:56:FF:BF:A2:37:6B:8E:B6 X509v3 Authority Key Identifier: keyid:A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:8a:dc:85:dc:fa:6a:5e:10:47:1c:6f:99:66:e9:30:7c:1e: 65:70:25:e5:a4:48:b3:36:0f:28:62:09:43:fa:30:db:03:a3: 21:14:1d:64:61:2a:9c:b6:79:70:c8:bc:69:c4:48:31:ad:4f: 21:aa:20:d5:aa:db:54:da:ad:1e:b6:f5:55:9f:49:84:74:1f: b9:6b:6c:90:8d:7b:46:f3:a8:5d:bb:45:e5:f0:11:3b:62:e1: 20:b2:b6:d8:7b:b0:03:ad:70:6e:1b:25:30:c7:eb:c6:46:da: 9e:b9:91:f6:55:df:82:a0:3c:1d:af:f8:c0:73:64:72:85:05: 88:2b:3d:65:a8:f5:09:ff:51:5c:73:b9:9b:f7:9e:f6:39:2e: 04:d9:82:9d:c3:f0:5b:3e:fa:3c:a6:d9:51:20:2a:f7:40:9f: f1:9b:f8:4c:21:10:d8:fa:e9:b8:54:9b:69:ca:9a:e5:08:9e: ce:82:a6:1e:b4:8c:a7:7c:9b:f6:90:12:59:8f:2c:59:8f:c3: 87:2b:49:08:bf:96:db:a4:3c:c4:b2:e8:d8:9f:64:fa:a8:83: 09:68:c7:da:09:e7:6e:9c:af:2b:b4:06:9f:26:11:9b:4f:69: af:7a:06:65:31:b4:cd:3d:e9:4b:90:01:fc:80:09:ad:2d:27: 16:2e:d3:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rshrZXgwAxosh3WLFcBEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MGNkM2I5ZmI2NDY0OTE1YWQwZDM3NjA5MzRjMDE4Mjg4 OWYxZmIwHhcNMjUxMjA2MjIwMTAzWhcNMjUxMjA3MjIwMTAzWjAzMTEwLwYDVQQD Eyg0NGMyMzI1ZmI5ZDAyOTgyYjIxOTc5YTY1NmZmYmZhMjM3NmI4ZWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC63YN5UiBvpOGImATwqHGwkiuVW HVAYfub+tcGrVXA+OxWxi9SADqZRpZ4osigcO4VYIcjGV9nwdA9rf8lVy3moTXNq HcKImXBIyAMzmholzKqIWYiAZhJMdcR/gHG73SDZWop+Pb59MWqXfRUpst6bGisQ jlwmVAzTX1VxVazSuJ0Rxp/nZCPpzbdUWJey5iL+3URWptyr8P0h7ctsSlHg7eyg lTRs4RpEY+JIwHxVoNa1UCbp/b8NFqb3c+XudUYuvp50sGtgZGepXLIhGQ9o3bJE j64Rd4zyLzZzflI+qwax1qxExoISTddTkwWQF25pKVoAo3Vx4877gLXTGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFETCMl+50CmCshl5plb/v6I3a462MB8GA1UdIwQY MBaAFKUM07n7ZGSRWtDTdgk0wBgoifH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTct MzdlOWU4NmE5Mjc5LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTctMzdlOWU4NmE5Mjc5 LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOorchdz6 al4QRxxvmWbpMHweZXAl5aRIszYPKGIJQ/ow2wOjIRQdZGEqnLZ5cMi8acRIMa1P Iaog1arbVNqtHrb1VZ9JhHQfuWtskI17RvOoXbtF5fARO2LhILK22HuwA61wbhsl MMfrxkbanrmR9lXfgqA8Ha/4wHNkcoUFiCs9Zaj1Cf9RXHO5m/ee9jkuBNmCncPw Wz76PKbZUSAq90Cf8Zv4TCEQ2PrpuFSbacqa5QiezoKmHrSMp3yb9pASWY8sWY/D hytJCL+W26Q8xLLo2J9k+qiDCWjH2gnnbpyvK7QGnyYRm09pr3oGZTG0zT3pS5AB /IAJrS0nFi7TrA== -----END CERTIFICATE-----Generated at Sat Dec 6 23:36:01 2025 by rpki-client