This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft File: PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft (raw, json) Hash identifier: 3xbfwq5b0OFBRpjj3vsdcYUVwFSvpK9REP6aJIq2eiQ= Subject key identifier: 4E:3F:7B:1A:96:E7:FB:26:65:C0:9A:F7:D7:7B:36:45:0C:37:D5:67 Authority key identifier: 3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8 Certificate issuer: /CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8 Certificate serial: 019AF653871B277710B016E19D22844DA14C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft Manifest number: 1760 Signing time: Sun 07 Dec 2025 01:01:00 +0000 Manifest this update: Sun 07 Dec 2025 01:01:00 +0000 Manifest next update: Mon 08 Dec 2025 01:01:00 +0000 Files and hashes: 1: PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl (hash: MDzk1FQfz/69dr4OmpbDVMlPJQ9XWnAn+n9Mur3d/LU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:53:87:1b:27:77:10:b0:16:e1:9d:22:84:4d:a1:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d72a5f4bf7466a61462acb88808c7f036d4d6d8 Validity Not Before: Dec 7 01:01:00 2025 GMT Not After : Dec 8 01:01:00 2025 GMT Subject: CN=4e3f7b1a96e7fb2665c09af7d77b36450c37d567 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f6:91:24:da:19:72:66:fb:7c:0a:f7:7f:e9: 25:a0:b2:de:84:05:71:05:50:c4:ca:3f:aa:dd:27: 92:07:a2:82:8f:ba:5f:21:3e:aa:06:fc:88:9e:1c: ea:ad:6d:02:27:db:1d:e5:8d:1e:dc:0b:8a:8a:37: 10:47:07:fb:b5:ba:7e:e8:6d:01:16:f0:a6:fc:d1: 2c:a7:20:98:5e:e0:21:57:b6:99:5b:e2:0a:47:28: cc:ef:fa:61:ea:5f:28:69:3c:05:f9:0c:24:37:f2: 56:e2:f4:e6:26:56:3b:9e:c1:e8:4b:71:84:a2:af: 89:c9:80:fe:b5:f7:6e:d0:ce:8c:ec:ec:3b:cf:bb: 58:8a:cb:47:1d:3d:6f:8d:b5:07:9d:91:59:3b:4f: 9f:b4:75:af:38:37:80:2f:04:7d:45:15:c5:50:4a: af:5a:b7:0d:6a:08:a9:ea:aa:b6:57:59:20:74:c5: 27:c2:b2:ea:a2:9d:f8:79:80:85:84:b9:e8:83:bf: 9d:96:e0:0a:7a:63:de:50:57:64:53:bf:58:df:b0: 62:2f:84:0e:5a:76:9f:12:67:9f:2a:b8:70:ea:39: b5:ec:d7:9c:8e:f9:08:ac:28:39:b4:d8:08:21:59: 88:ce:d1:15:dd:ab:89:42:f3:43:78:a7:e6:70:36: 33:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:3F:7B:1A:96:E7:FB:26:65:C0:9A:F7:D7:7B:36:45:0C:37:D5:67 X509v3 Authority Key Identifier: keyid:3D:72:A5:F4:BF:74:66:A6:14:62:AC:B8:88:08:C7:F0:36:D4:D6:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXKl9L90ZqYUYqy4iAjH8DbU1tg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e89aa9-a3cb-4f75-a442-80c0f14edae1/1/PXKl9L90ZqYUYqy4iAjH8DbU1tg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:a1:98:c9:a7:76:f2:a2:97:e1:30:81:5b:be:f3:72:23:23: dd:0a:1a:82:81:5e:28:08:4c:34:2e:b9:03:99:a5:67:50:e5: f8:ea:b9:2d:cf:3d:e3:2c:c0:fb:a2:f3:bf:e7:d0:3c:f0:ff: 52:60:47:d2:26:c1:9d:5a:ec:9c:b1:6f:a0:4b:85:96:dc:28: de:be:79:c3:5f:ee:e0:87:bf:a4:9d:0d:b8:a5:91:47:52:f3: 9d:26:51:f0:89:fa:4f:81:37:98:cb:e0:ef:63:5d:28:75:9f: bc:12:78:8f:e0:3b:20:0f:0d:ee:77:35:15:89:c3:98:9a:44: ee:1f:8a:10:f0:3e:d5:b8:38:7a:87:01:82:3f:d2:f6:22:e8: 39:55:72:e7:af:bc:56:2e:f9:2b:42:12:7c:99:fa:e2:cc:cb: 66:d9:18:49:70:93:bd:5d:33:79:1c:0a:03:59:a8:2b:47:41: 9a:a9:80:1a:fa:e2:50:ed:51:e2:e4:d6:5e:c7:a4:05:69:08: 43:e4:f1:ea:ac:06:64:5e:62:ef:32:73:0b:7f:2c:ed:67:2c: af:8e:48:c5:2a:92:f5:ce:65:3e:4b:08:c5:bf:5d:11:13:4e: 7c:0f:3d:3e:70:44:17:57:cb:96:d0:03:4a:d0:66:49:fa:b5: 4c:9d:c8:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2U4cbJ3cQsBbhnSKETaFMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNzJhNWY0YmY3NDY2YTYxNDYyYWNiODg4MDhjN2YwMzZk NGQ2ZDgwHhcNMjUxMjA3MDEwMTAwWhcNMjUxMjA4MDEwMTAwWjAzMTEwLwYDVQQD Eyg0ZTNmN2IxYTk2ZTdmYjI2NjVjMDlhZjdkNzdiMzY0NTBjMzdkNTY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPaRJNoZcmb7fAr3f+kloLLehAVx BVDEyj+q3SeSB6KCj7pfIT6qBvyInhzqrW0CJ9sd5Y0e3AuKijcQRwf7tbp+6G0B FvCm/NEspyCYXuAhV7aZW+IKRyjM7/ph6l8oaTwF+QwkN/JW4vTmJlY7nsHoS3GE oq+JyYD+tfdu0M6M7Ow7z7tYistHHT1vjbUHnZFZO0+ftHWvODeALwR9RRXFUEqv WrcNagip6qq2V1kgdMUnwrLqop34eYCFhLnog7+dluAKemPeUFdkU79Y37BiL4QO WnafEmefKrhw6jm17NecjvkIrCg5tNgIIVmIztEV3auJQvNDeKfmcDYzAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE4/exqW5/smZcCa99d7NkUMN9VnMB8GA1UdIwQY MBaAFD1ypfS/dGamFGKsuIgIx/A21NbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDIt ODBjMGYxNGVkYWUxLzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9lODlhYTktYTNjYi00Zjc1LWE0NDItODBjMGYxNGVkYWUx LzEvUFhLbDlMOTBacVlVWXF5NGlBakg4RGJVMXRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKGYyad2 8qKX4TCBW77zciMj3QoagoFeKAhMNC65A5mlZ1Dl+Oq5Lc894yzA+6Lzv+fQPPD/ UmBH0ibBnVrsnLFvoEuFltwo3r55w1/u4Ie/pJ0NuKWRR1LznSZR8In6T4E3mMvg 72NdKHWfvBJ4j+A7IA8N7nc1FYnDmJpE7h+KEPA+1bg4eocBgj/S9iLoOVVy56+8 Vi75K0ISfJn64szLZtkYSXCTvV0zeRwKA1moK0dBmqmAGvriUO1R4uTWXsekBWkI Q+Tx6qwGZF5i7zJzC38s7Wcsr45IxSqS9c5lPksIxb9dERNOfA89PnBEF1fLltAD StBmSfq1TJ3IXg== -----END CERTIFICATE-----Generated at Sun Dec 7 04:05:42 2025 by rpki-client