This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft File: pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json) Hash identifier: pqDukLkIpkjsmrB1J3WjC6w5ALE8LPsDrmbwLJaEgZw= Subject key identifier: 91:52:6F:39:BB:FA:ED:2E:4B:34:7D:09:2C:CD:9E:BC:8B:12:4D:92 Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA Certificate issuer: /CN=a714c621d57ce42e25093ece857bdb875e3aceaa Certificate serial: 019AF1D17F448364980CC4B71C2D5BAFD27A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft Manifest number: 042E Signing time: Sat 06 Dec 2025 04:00:29 +0000 Manifest this update: Sat 06 Dec 2025 04:00:29 +0000 Manifest next update: Sun 07 Dec 2025 04:00:29 +0000 Files and hashes: 1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: KCdzVRqceKk76gSbwcFp61dpELrLqDzpdfrQROyJeNs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:7f:44:83:64:98:0c:c4:b7:1c:2d:5b:af:d2:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa Validity Not Before: Dec 6 04:00:29 2025 GMT Not After : Dec 7 04:00:29 2025 GMT Subject: CN=91526f39bbfaed2e4b347d092ccd9ebc8b124d92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:e4:2d:f2:59:da:19:7f:99:bd:8b:41:b3:a4: cc:ba:05:97:a1:83:6d:51:01:f6:da:9a:fc:4c:0a: 00:71:33:db:a6:cc:3b:26:fe:25:ed:b1:d4:5d:4f: 5a:d1:2a:41:15:ee:e6:89:39:9c:44:44:00:83:7b: 9d:21:87:18:74:b4:73:66:9b:fa:fd:ae:ab:0b:44: 04:5b:62:eb:a5:03:33:04:82:98:ac:0d:40:2f:df: 70:38:e1:9c:ea:ec:0d:9a:f1:02:b5:f0:2b:c8:f4: 61:e1:5a:67:fe:b5:ce:7b:98:3c:63:07:c9:74:53: e6:b4:10:0c:19:52:62:c3:7f:25:59:90:e5:dd:6a: c5:5a:71:db:56:fc:29:a9:73:05:af:6c:03:49:b2: c4:44:70:5b:b2:ae:45:27:de:a2:d3:2a:88:3d:75: e4:55:ea:eb:b3:28:7e:a2:b7:7e:ee:72:77:64:bd: 3e:93:8a:b6:61:de:61:44:be:3a:e9:4b:28:10:f1: d5:6e:5d:4d:71:e8:7e:f3:4f:4b:02:e0:64:bc:b1: 9b:9d:1e:1a:78:8e:75:a4:b1:14:8f:53:7e:0a:29: b8:0d:63:2a:b0:b9:6f:ab:93:9a:0a:d6:2f:80:10: 19:88:15:f0:63:ea:cd:4e:fd:f5:1f:c0:0f:ca:76: e0:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:52:6F:39:BB:FA:ED:2E:4B:34:7D:09:2C:CD:9E:BC:8B:12:4D:92 X509v3 Authority Key Identifier: keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:61:e6:96:55:75:2b:3b:8d:db:7b:33:03:b1:2a:b3:26:d3: a5:8f:91:0a:1d:7b:e9:48:df:d1:52:ee:7f:5c:52:58:76:60: 96:fa:41:5b:e8:6b:21:e8:7c:fe:bf:3d:5e:63:74:73:b7:b3: 7c:65:37:9f:d0:23:cb:e6:6f:44:5e:c1:82:a4:70:98:7c:6c: 4b:c9:9f:e3:50:39:f1:f5:6a:79:e2:94:10:68:fc:93:0f:73: ff:6a:25:b4:b0:63:8a:6e:1a:b5:fd:23:b0:ca:75:73:11:ea: ea:04:85:29:26:fe:8b:75:96:4f:0d:be:36:da:f2:f4:a4:0e: 5f:29:7a:8c:2f:2a:1c:fe:08:4c:23:05:48:ac:b0:71:88:0c: 93:6c:a3:ab:22:d1:d1:79:6c:9d:f7:ea:93:d5:bf:20:f6:1e: 05:5e:c8:23:29:8d:16:00:b9:2a:c2:3d:d9:e3:73:d3:5a:28: ae:26:41:c3:af:71:73:a8:75:00:28:56:28:ba:39:da:ee:a4: 39:b4:0f:e9:5d:4a:db:1e:87:5a:e7:4b:5a:96:a1:9c:4c:f9: e6:89:5b:cd:94:47:19:eb:8d:86:91:80:25:14:3e:2e:ac:85: ab:93:b3:fd:18:16:f1:2b:25:d4:b5:25:16:e9:7f:e5:a3:a4: 47:05:91:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0X9Eg2SYDMS3HC1br9J6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz YWNlYWEwHhcNMjUxMjA2MDQwMDI5WhcNMjUxMjA3MDQwMDI5WjAzMTEwLwYDVQQD Eyg5MTUyNmYzOWJiZmFlZDJlNGIzNDdkMDkyY2NkOWViYzhiMTI0ZDkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uQt8lnaGX+ZvYtBs6TMugWXoYNt UQH22pr8TAoAcTPbpsw7Jv4l7bHUXU9a0SpBFe7miTmcREQAg3udIYcYdLRzZpv6 /a6rC0QEW2LrpQMzBIKYrA1AL99wOOGc6uwNmvECtfAryPRh4Vpn/rXOe5g8YwfJ dFPmtBAMGVJiw38lWZDl3WrFWnHbVvwpqXMFr2wDSbLERHBbsq5FJ96i0yqIPXXk Verrsyh+ord+7nJ3ZL0+k4q2Yd5hRL466UsoEPHVbl1Nceh+809LAuBkvLGbnR4a eI51pLEUj1N+Cim4DWMqsLlvq5OaCtYvgBAZiBXwY+rNTv31H8APynbgwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJFSbzm7+u0uSzR9CSzNnryLEk2SMB8GA1UdIwQY MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo2HmllV1 KzuN23szA7EqsybTpY+RCh176Ujf0VLuf1xSWHZglvpBW+hrIeh8/r89XmN0c7ez fGU3n9Ajy+ZvRF7BgqRwmHxsS8mf41A58fVqeeKUEGj8kw9z/2oltLBjim4atf0j sMp1cxHq6gSFKSb+i3WWTw2+Ntry9KQOXyl6jC8qHP4ITCMFSKywcYgMk2yjqyLR 0Xlsnffqk9W/IPYeBV7IIymNFgC5KsI92eNz01ooriZBw69xc6h1AChWKLo52u6k ObQP6V1K2x6HWudLWpahnEz55olbzZRHGeuNhpGAJRQ+LqyFq5Oz/RgW8Ssl1LUl Ful/5aOkRwWRJA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:52 2025 by rpki-client