This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft File: PE71UtfFcTYTTntE1pfLAs3n2H0.mft (raw, json) Hash identifier: PsPzaaaqKp4tWLTS5k+WKd2A3+B/vjnoD9O4L5NCSxs= Subject key identifier: 73:34:BB:44:02:DB:20:D7:26:DA:61:BC:FB:11:94:A3:B7:3D:A7:DD Authority key identifier: 3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D Certificate issuer: /CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d Certificate serial: 019B311EEF95627CDB970800361D9EC7EF01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft Manifest number: 0BE7 Signing time: Thu 18 Dec 2025 11:01:09 +0000 Manifest this update: Thu 18 Dec 2025 11:01:09 +0000 Manifest next update: Fri 19 Dec 2025 11:01:09 +0000 Files and hashes: 1: PE71UtfFcTYTTntE1pfLAs3n2H0.crl (hash: 72ad4ZNVSSX5QR3ELPA0vCZ7jd4HfMtKIPxq2TZLMxQ=) 2: RuZvzxLvicWfAkL-HU_suiyEHkc.roa (hash: 1ChRVjdhLwU5Jyhx1uu/EkAAaI5ej8w7SIJnkr0NI2Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 11:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:1e:ef:95:62:7c:db:97:08:00:36:1d:9e:c7:ef:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c4ef552d7c57136134e7b44d697cb02cde7d87d Validity Not Before: Dec 18 11:01:09 2025 GMT Not After : Dec 19 11:01:09 2025 GMT Subject: CN=7334bb4402db20d726da61bcfb1194a3b73da7dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:49:4e:63:a1:ac:13:8e:4f:8b:09:a7:d1:5b: 7a:9c:59:31:21:1c:c9:61:b8:0e:3e:0c:6e:e2:33: 80:d6:1c:78:7b:53:c7:6a:00:e2:74:c9:94:65:a0: ce:9a:5d:25:d8:49:1c:08:27:d5:c1:09:06:d5:02: 43:b1:60:65:ee:63:ff:b4:96:c9:b9:ff:66:3b:d3: 8b:03:82:b4:cb:8c:36:71:f7:4d:e6:02:6a:51:9b: 11:58:56:f5:a1:13:6f:d5:b5:78:19:6f:c4:03:4c: d3:97:3b:5a:04:4f:73:e2:61:72:73:c8:8a:40:0a: 1f:3f:ca:5e:33:1c:78:f6:2a:bc:13:c6:3b:db:c1: f6:39:ed:a0:cc:a9:d0:3b:ff:18:e5:72:1f:78:07: cb:88:91:03:e9:48:f5:c5:15:52:76:04:1b:59:0c: aa:56:52:67:b0:aa:8a:47:85:8d:94:72:aa:8c:4c: 8a:87:05:6c:fa:a8:47:32:03:7b:56:9f:7f:3d:17: 91:21:13:4a:a1:b8:47:2b:46:ff:a0:b2:19:f0:b0: aa:84:72:4e:d3:63:f6:e1:1e:eb:c3:bb:74:ee:00: 93:cc:b4:a5:b5:94:fb:f8:9a:65:12:ce:51:46:ee: e8:d5:88:ae:da:17:dc:79:07:c2:a8:17:8c:63:ea: df:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:34:BB:44:02:DB:20:D7:26:DA:61:BC:FB:11:94:A3:B7:3D:A7:DD X509v3 Authority Key Identifier: keyid:3C:4E:F5:52:D7:C5:71:36:13:4E:7B:44:D6:97:CB:02:CD:E7:D8:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE71UtfFcTYTTntE1pfLAs3n2H0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b321d1-814b-4cf9-9d07-11441e16a137/1/PE71UtfFcTYTTntE1pfLAs3n2H0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:d8:c3:b5:be:40:ea:d8:b1:b7:58:d2:c1:9e:99:ce:27:3c: 59:fd:18:ef:bf:67:5b:9e:18:e2:47:9c:fe:38:73:2e:11:ee: 3b:ef:29:d8:e1:13:eb:b1:28:05:3d:9c:68:34:9e:91:ff:1b: 9e:61:e1:df:39:34:b3:9c:10:b6:0e:18:08:0d:38:cc:70:c3: 52:04:f0:7d:10:80:a6:88:a9:16:7a:42:5f:57:35:d5:7a:fc: fb:fb:6f:bb:3f:74:20:7e:ea:a4:19:ed:6b:83:95:90:37:19: 20:ce:19:8d:c7:f5:d3:8c:f8:a3:09:34:db:54:99:31:1d:f6: a2:a3:a7:d5:8e:15:fb:8d:c2:37:71:39:d6:16:fc:af:92:60: 6f:2d:35:a1:3c:91:38:19:13:f2:da:b3:8d:14:de:c9:34:68: 89:5d:05:a2:05:8b:a9:ab:bf:2d:47:3d:a5:1d:d6:83:74:db: 04:a7:57:6d:7f:1c:ef:63:67:5d:5c:77:fd:16:70:5e:25:cd: d1:32:29:fd:e9:d7:0d:fe:d8:2d:dd:06:0b:33:8e:00:91:b1: 7b:00:1f:90:55:a9:4e:55:20:c6:cd:6e:89:2a:6a:17:a9:5f: a5:f3:fc:b5:8c:53:32:c8:66:62:f7:a7:84:02:65:1d:50:a8: d8:74:0c:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxHu+VYnzblwgANh2ex+8BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNGVmNTUyZDdjNTcxMzYxMzRlN2I0NGQ2OTdjYjAyY2Rl N2Q4N2QwHhcNMjUxMjE4MTEwMTA5WhcNMjUxMjE5MTEwMTA5WjAzMTEwLwYDVQQD Eyg3MzM0YmI0NDAyZGIyMGQ3MjZkYTYxYmNmYjExOTRhM2I3M2RhN2RkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0lOY6GsE45Piwmn0Vt6nFkxIRzJ YbgOPgxu4jOA1hx4e1PHagDidMmUZaDOml0l2EkcCCfVwQkG1QJDsWBl7mP/tJbJ uf9mO9OLA4K0y4w2cfdN5gJqUZsRWFb1oRNv1bV4GW/EA0zTlztaBE9z4mFyc8iK QAofP8peMxx49iq8E8Y728H2Oe2gzKnQO/8Y5XIfeAfLiJED6Uj1xRVSdgQbWQyq VlJnsKqKR4WNlHKqjEyKhwVs+qhHMgN7Vp9/PReRIRNKobhHK0b/oLIZ8LCqhHJO 02P24R7rw7t07gCTzLSltZT7+JplEs5RRu7o1Yiu2hfceQfCqBeMY+rfgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHM0u0QC2yDXJtphvPsRlKO3PafdMB8GA1UdIwQY MBaAFDxO9VLXxXE2E057RNaXywLN59h9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDct MTE0NDFlMTZhMTM3LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9iMzIxZDEtODE0Yi00Y2Y5LTlkMDctMTE0NDFlMTZhMTM3 LzEvUEU3MVV0ZkZjVFlUVG50RTFwZkxBczNuMkgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoNjDtb5A 6tixt1jSwZ6Zzic8Wf0Y779nW54Y4kec/jhzLhHuO+8p2OET67EoBT2caDSekf8b nmHh3zk0s5wQtg4YCA04zHDDUgTwfRCApoipFnpCX1c11Xr8+/tvuz90IH7qpBnt a4OVkDcZIM4Zjcf104z4owk021SZMR32oqOn1Y4V+43CN3E51hb8r5Jgby01oTyR OBkT8tqzjRTeyTRoiV0FogWLqau/LUc9pR3Wg3TbBKdXbX8c72NnXVx3/RZwXiXN 0TIp/enXDf7YLd0GCzOOAJGxewAfkFWpTlUgxs1uiSpqF6lfpfP8tYxTMshmYven hAJlHVCo2HQMrw== -----END CERTIFICATE-----Generated at Thu Dec 18 18:29:23 2025 by rpki-client