This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft File: PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json) Hash identifier: lPEpRjrRyhiSfMmAplqk4skV8N4bA4ZinxMqxUHJyac= Subject key identifier: FD:AC:32:12:55:79:2F:7D:92:34:86:8D:BD:46:B8:26:CC:07:06:EF Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76 Certificate issuer: /CN=3d0263c9575cbd011263ae88839a7888b74fa076 Certificate serial: 019AF12EB8302D1445AD6723D4F9E882D757 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft Manifest number: 128C Signing time: Sat 06 Dec 2025 01:02:42 +0000 Manifest this update: Sat 06 Dec 2025 01:02:42 +0000 Manifest next update: Sun 07 Dec 2025 01:02:42 +0000 Files and hashes: 1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: j3LBDd28kT2SdAJXWosfCWoiCzyO2uoraofd9HmvyTU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:b8:30:2d:14:45:ad:67:23:d4:f9:e8:82:d7:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076 Validity Not Before: Dec 6 01:02:42 2025 GMT Not After : Dec 7 01:02:42 2025 GMT Subject: CN=fdac321255792f7d9234868dbd46b826cc0706ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c7:cc:3e:a0:46:7f:68:53:ad:22:26:24:13: 9d:5a:d3:3f:81:6e:a0:b9:47:a9:4d:0e:a9:1f:e8: 06:97:e2:5d:e0:4a:22:d8:c8:90:34:ea:48:ef:be: 4c:74:e4:d0:f7:87:11:e8:fc:18:5e:a9:ac:db:1e: 6e:44:26:b2:84:24:48:d7:38:6d:f5:52:53:1a:cb: 41:b8:4b:53:cf:ad:f1:80:64:f0:dc:76:0a:ba:7c: 4a:98:5f:b7:f9:6c:d6:e5:c1:03:bb:2b:98:2c:81: 65:ff:74:15:34:b8:ce:c6:66:22:7d:19:53:00:c8: aa:4e:d2:b6:b4:63:98:72:b4:e0:93:ec:54:93:27: 1e:ca:43:83:0e:e2:ec:1e:6a:ac:df:77:f3:0f:70: c8:7a:cd:b4:ed:09:a2:a0:3c:7d:ff:8f:50:be:dd: e7:dd:a7:85:fa:3a:e6:89:a7:15:dc:e0:a3:46:9e: 65:d9:6e:9f:6d:c1:4a:42:c4:1b:ad:3a:b6:9f:a6: c3:e9:21:a5:6b:83:57:7b:91:43:d5:2e:90:42:e1: 4c:88:6d:08:00:41:12:c6:17:73:44:88:9a:72:fd: 1d:48:27:65:78:2f:8f:ea:b5:17:78:6e:d4:56:99: a7:10:8c:ed:55:ef:7d:2c:61:2c:71:b6:84:2e:21: 91:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:AC:32:12:55:79:2F:7D:92:34:86:8D:BD:46:B8:26:CC:07:06:EF X509v3 Authority Key Identifier: keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:9e:c0:03:dd:0f:37:68:ef:f5:74:6f:db:35:0f:c1:20:08: 29:43:72:e8:24:c2:1a:95:01:0d:f9:ea:4c:ce:9e:cb:c0:2f: af:32:bf:cc:24:a3:75:7f:30:08:ec:67:c6:42:94:54:f5:78: c7:7a:a3:70:ed:1d:d5:bb:71:ea:68:b0:b0:8c:c6:b5:d7:de: cc:da:6f:cb:26:02:28:92:53:19:00:3f:14:26:44:f4:30:40: 6c:55:ea:1d:ef:3b:38:47:17:0d:64:c6:d7:7d:fa:b0:3f:1b: 12:62:a7:81:6b:f4:06:6e:80:9a:7d:6e:df:35:a2:dc:ca:bf: cd:9c:9c:a8:b8:59:34:73:11:37:f1:04:30:66:40:53:59:b8: a7:c6:dd:a0:53:a2:00:0c:89:f2:f0:83:65:2e:36:31:89:2d: 34:db:ef:96:cb:a3:6a:ff:2c:fb:5f:eb:27:e2:f7:a3:3a:ef: 84:31:cc:1d:ef:d1:21:7b:7d:59:ad:1a:a0:c6:97:79:ee:79: 67:ec:72:2c:88:92:30:d8:41:96:e7:d0:06:24:d8:99:e9:df: fb:a3:f5:44:4a:14:d7:6d:a4:3f:4c:cc:f2:71:5b:06:58:75: 2a:c0:97:2f:f2:6d:58:1b:26:03:6d:c0:21:96:fc:33:6e:87: f2:6d:30:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLrgwLRRFrWcj1PnogtdXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0 ZmEwNzYwHhcNMjUxMjA2MDEwMjQyWhcNMjUxMjA3MDEwMjQyWjAzMTEwLwYDVQQD EyhmZGFjMzIxMjU1NzkyZjdkOTIzNDg2OGRiZDQ2YjgyNmNjMDcwNmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cfMPqBGf2hTrSImJBOdWtM/gW6g uUepTQ6pH+gGl+Jd4Eoi2MiQNOpI775MdOTQ94cR6PwYXqms2x5uRCayhCRI1zht 9VJTGstBuEtTz63xgGTw3HYKunxKmF+3+WzW5cEDuyuYLIFl/3QVNLjOxmYifRlT AMiqTtK2tGOYcrTgk+xUkyceykODDuLsHmqs33fzD3DIes207QmioDx9/49Qvt3n 3aeF+jrmiacV3OCjRp5l2W6fbcFKQsQbrTq2n6bD6SGla4NXe5FD1S6QQuFMiG0I AEESxhdzRIiacv0dSCdleC+P6rUXeG7UVpmnEIztVe99LGEscbaELiGRUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP2sMhJVeS99kjSGjb1GuCbMBwbvMB8GA1UdIwQY MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3 LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc57AA90P N2jv9XRv2zUPwSAIKUNy6CTCGpUBDfnqTM6ey8AvrzK/zCSjdX8wCOxnxkKUVPV4 x3qjcO0d1btx6miwsIzGtdfezNpvyyYCKJJTGQA/FCZE9DBAbFXqHe87OEcXDWTG 1336sD8bEmKngWv0Bm6Amn1u3zWi3Mq/zZycqLhZNHMRN/EEMGZAU1m4p8bdoFOi AAyJ8vCDZS42MYktNNvvlsujav8s+1/rJ+L3ozrvhDHMHe/RIXt9Wa0aoMaXee55 Z+xyLIiSMNhBlufQBiTYmenf+6P1REoU122kP0zM8nFbBlh1KsCXL/JtWBsmA23A IZb8M26H8m0wMA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:35:56 2025 by rpki-client