This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft File: PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json) Hash identifier: UMV276X6hwSJaUUs2ddx6mqbwN+qelozj0TkAzJjUAw= Subject key identifier: 1F:CD:97:CC:3B:3C:C1:C5:05:5C:60:7A:1A:AA:BA:7C:DA:75:F9:FB Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5 Certificate issuer: /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5 Certificate serial: 019AF12D11F6DF9C6ECDB9C48AF8C730EBBB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft Manifest number: 0A93 Signing time: Sat 06 Dec 2025 01:00:54 +0000 Manifest this update: Sat 06 Dec 2025 01:00:54 +0000 Manifest next update: Sun 07 Dec 2025 01:00:54 +0000 Files and hashes: 1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: lhcbxXBT/C1XXYNw8BQZGWa1OYjXFOroI1wmOTWasy4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:11:f6:df:9c:6e:cd:b9:c4:8a:f8:c7:30:eb:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5 Validity Not Before: Dec 6 01:00:54 2025 GMT Not After : Dec 7 01:00:54 2025 GMT Subject: CN=1fcd97cc3b3cc1c5055c607a1aaaba7cda75f9fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:25:81:6a:3a:ff:81:d2:11:2c:65:66:02:84: d6:3e:4f:85:28:ed:d1:25:64:44:e3:35:cb:a6:30: 47:bd:da:81:61:01:f7:5e:ca:2f:59:e1:7f:7d:09: 8f:cf:c9:68:b7:35:f4:14:f3:01:78:38:14:3e:9b: e6:e1:78:2c:0c:3b:52:2f:f0:6c:27:2b:a2:20:a5: 87:0a:cf:5c:82:97:d0:38:6b:0e:ba:68:21:17:a3: ee:de:dd:6e:20:4e:be:ac:c0:b5:ac:37:19:99:65: 7f:7d:45:3e:64:a4:2d:dc:6d:e1:af:17:e1:43:27: cf:e4:ac:12:99:c6:cd:aa:18:64:48:ee:55:20:d6: 6b:74:68:1c:23:95:60:21:69:c7:53:43:b7:bd:11: aa:c1:53:7d:19:c4:5e:64:99:e1:3f:f6:24:f1:f3: a9:6f:00:79:34:dc:ff:57:2b:d6:3f:77:98:0c:45: e6:c9:5d:89:42:fa:7e:2c:23:b9:72:56:23:d5:3b: e4:41:15:45:3f:31:a1:b4:59:cb:84:00:fe:d4:62: 69:ac:6e:bf:d6:3b:ab:79:c2:ab:09:e8:74:90:b1: ee:d9:b3:a3:8f:3f:85:54:a3:e3:73:d0:be:fc:ef: f5:50:ce:be:9c:23:31:11:0b:10:11:81:79:11:fb: 19:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:CD:97:CC:3B:3C:C1:C5:05:5C:60:7A:1A:AA:BA:7C:DA:75:F9:FB X509v3 Authority Key Identifier: keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:cc:39:a2:95:87:93:7f:3e:43:8d:79:35:a6:79:6e:8d:ed: ca:b8:3e:0f:c7:6e:01:50:14:31:79:99:e7:5c:77:d3:9a:82: af:0b:c5:b0:93:de:ff:40:52:f9:5e:cc:9b:6f:e7:c8:bc:d6: 6e:40:13:14:31:59:5f:81:ea:11:54:f5:dc:e7:d2:e2:30:64: d7:9f:75:61:d5:fb:94:fc:c2:2f:7f:64:ab:e7:85:8d:7d:1a: b7:05:4e:79:65:cb:95:dc:1d:fe:a1:dd:7a:81:bb:4a:61:66: cf:d0:ac:32:bf:d6:4b:2e:ed:28:81:12:2a:28:0e:03:bc:c8: 63:64:62:27:b7:6d:49:46:cc:6c:14:89:d9:b2:ce:0c:4b:bf: 29:dc:60:7a:89:c8:fd:f1:7f:e7:fb:5c:8b:61:98:2e:dd:f9: af:c5:8f:2c:87:b1:db:b6:3f:dd:ec:01:d5:6a:85:af:cc:11: 5d:25:fa:8e:8e:5e:17:38:55:1f:8c:5d:fb:4f:aa:53:4a:88: cf:6b:1d:9d:9d:92:36:3d:54:3c:ac:45:0c:6f:e9:2b:d9:a1: 0d:d9:9d:c8:a7:66:76:9e:89:27:e1:fc:d8:9f:1d:04:4c:0c: 2e:ab:6d:bd:c2:0f:8e:9f:c8:3d:57:b4:4e:33:42:79:da:fc: c6:7c:78:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLRH235xuzbnEivjHMOu7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx MTUxZjUwHhcNMjUxMjA2MDEwMDU0WhcNMjUxMjA3MDEwMDU0WjAzMTEwLwYDVQQD EygxZmNkOTdjYzNiM2NjMWM1MDU1YzYwN2ExYWFhYmE3Y2RhNzVmOWZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCWBajr/gdIRLGVmAoTWPk+FKO3R JWRE4zXLpjBHvdqBYQH3XsovWeF/fQmPz8lotzX0FPMBeDgUPpvm4XgsDDtSL/Bs JyuiIKWHCs9cgpfQOGsOumghF6Pu3t1uIE6+rMC1rDcZmWV/fUU+ZKQt3G3hrxfh QyfP5KwSmcbNqhhkSO5VINZrdGgcI5VgIWnHU0O3vRGqwVN9GcReZJnhP/Yk8fOp bwB5NNz/VyvWP3eYDEXmyV2JQvp+LCO5clYj1TvkQRVFPzGhtFnLhAD+1GJprG6/ 1jurecKrCeh0kLHu2bOjjz+FVKPjc9C+/O/1UM6+nCMxEQsQEYF5EfsZaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB/Nl8w7PMHFBVxgehqqunzadfn7MB8GA1UdIwQY MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3 LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARsw5opWH k38+Q415NaZ5bo3tyrg+D8duAVAUMXmZ51x305qCrwvFsJPe/0BS+V7Mm2/nyLzW bkATFDFZX4HqEVT13OfS4jBk1591YdX7lPzCL39kq+eFjX0atwVOeWXLldwd/qHd eoG7SmFmz9CsMr/WSy7tKIESKigOA7zIY2RiJ7dtSUbMbBSJ2bLODEu/KdxgeonI /fF/5/tci2GYLt35r8WPLIex27Y/3ewB1WqFr8wRXSX6jo5eFzhVH4xd+0+qU0qI z2sdnZ2SNj1UPKxFDG/pK9mhDdmdyKdmdp6JJ+H82J8dBEwMLqttvcIPjp/IPVe0 TjNCedr8xnx4Ug== -----END CERTIFICATE-----Generated at Sat Dec 6 11:16:23 2025 by rpki-client