This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json) Hash identifier: Bd4CrV9I83OQTHNhbNZGmd1T3ohTnERgoe1A9P0pGPI= Subject key identifier: B2:A5:70:BE:78:56:1F:8C:DD:D2:36:E7:65:92:7C:80:EC:8D:D6:73 Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Certificate serial: 019AF49C59583FF973EDC343635B1D0505F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft Manifest number: 0AC0 Signing time: Sat 06 Dec 2025 17:01:18 +0000 Manifest this update: Sat 06 Dec 2025 17:01:18 +0000 Manifest next update: Sun 07 Dec 2025 17:01:18 +0000 Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=) 2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: RPEWU2lt7GAD1zelHzd9HR6+5FGHzrTvM8zO/1jdj9s=) 3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:59:58:3f:f9:73:ed:c3:43:63:5b:1d:05:05:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Validity Not Before: Dec 6 17:01:18 2025 GMT Not After : Dec 7 17:01:18 2025 GMT Subject: CN=b2a570be78561f8cddd236e765927c80ec8dd673 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:40:78:c7:34:c7:fb:83:f9:6b:6b:c7:59:1f: e1:11:60:47:e3:bc:0a:e3:e6:80:c8:d0:72:ac:ce: db:75:fd:12:a8:b1:4a:9b:44:1a:33:82:a3:29:71: a8:eb:c1:44:ee:8f:f3:e2:43:0f:7e:08:be:32:ea: 31:9e:73:02:52:0a:0b:ab:89:12:08:26:88:59:61: 20:aa:92:ca:40:09:83:25:1d:9e:1d:49:43:3e:4c: 5f:38:fb:98:0b:21:89:60:24:99:32:ea:be:d4:03: b1:d5:f7:ce:f5:47:63:7a:42:a8:c3:87:51:02:43: 6e:6b:bf:76:6b:8e:4e:59:6e:a2:5c:4b:7e:94:ae: 69:cb:f0:bc:b2:91:ec:cc:ec:83:ec:13:98:f5:f3: 15:ff:b5:f7:f1:f1:dc:b7:c7:64:11:b3:f4:37:ba: 50:78:b6:f5:dd:1f:33:b0:60:47:51:a3:4f:7f:55: 9b:81:e8:20:d9:f1:9c:47:48:7c:ef:dc:26:9f:09: d2:2a:f8:05:4c:fd:d9:c6:4d:a2:ee:bb:56:8c:9b: 49:d0:d6:80:bb:88:9a:cd:b5:c9:b1:42:da:e6:a4: 44:5a:65:5e:7e:e5:53:9a:c2:46:98:05:9c:03:81: 08:ab:46:58:a8:ee:77:8c:a5:fc:99:8f:bd:1f:27: e1:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A5:70:BE:78:56:1F:8C:DD:D2:36:E7:65:92:7C:80:EC:8D:D6:73 X509v3 Authority Key Identifier: keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:9a:f7:66:86:a9:10:8f:48:b0:69:f2:2c:0d:97:a0:3d:a3: 59:dd:4e:0d:5a:72:84:28:74:70:3a:c8:9f:c2:90:ca:a0:27: da:2c:9d:c9:89:a2:f6:4d:4e:63:96:ee:7c:e8:a1:d3:0f:63: c8:c3:5a:cb:86:e5:15:b0:c0:f6:46:06:1b:4a:b5:25:22:f7: f7:58:f8:39:46:e0:21:3d:02:66:19:04:6f:90:d1:08:13:1d: 6e:06:ab:6f:3a:d2:51:27:06:f4:8b:5e:4f:ae:1e:d9:e5:26: 11:ae:30:65:6a:d7:02:37:60:d6:27:b2:c0:2d:bf:ce:28:24: 14:4b:a6:90:ea:3b:15:0f:00:12:75:0e:a2:c0:2a:1b:24:69: a8:87:27:1b:91:89:19:be:1a:5c:d0:35:43:39:26:e0:40:92: 94:49:98:1d:b5:c0:1a:14:4a:da:69:ed:86:7f:d2:b2:17:d4: a1:8b:f4:3c:8d:f8:86:f5:1a:3a:52:0a:d5:39:8e:f5:33:14: 41:d8:6e:8e:48:a1:5a:c0:65:99:39:bd:c1:14:65:0a:d7:31: 44:44:4d:6c:ea:f7:a4:28:71:af:d7:70:b1:f4:32:ed:26:df: e1:cc:2e:7b:60:8d:9d:04:6e:2f:54:2a:e6:86:78:45:98:7a: ae:ff:7f:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nFlYP/lz7cNDY1sdBQXxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky MThlZjYwHhcNMjUxMjA2MTcwMTE4WhcNMjUxMjA3MTcwMTE4WjAzMTEwLwYDVQQD EyhiMmE1NzBiZTc4NTYxZjhjZGRkMjM2ZTc2NTkyN2M4MGVjOGRkNjczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70B4xzTH+4P5a2vHWR/hEWBH47wK 4+aAyNByrM7bdf0SqLFKm0QaM4KjKXGo68FE7o/z4kMPfgi+MuoxnnMCUgoLq4kS CCaIWWEgqpLKQAmDJR2eHUlDPkxfOPuYCyGJYCSZMuq+1AOx1ffO9UdjekKow4dR AkNua792a45OWW6iXEt+lK5py/C8spHszOyD7BOY9fMV/7X38fHct8dkEbP0N7pQ eLb13R8zsGBHUaNPf1Wbgegg2fGcR0h879wmnwnSKvgFTP3Zxk2i7rtWjJtJ0NaA u4iazbXJsULa5qREWmVefuVTmsJGmAWcA4EIq0ZYqO53jKX8mY+9HyfhaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKlcL54Vh+M3dI252WSfIDsjdZzMB8GA1UdIwQY MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0 LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5r3Zoap EI9IsGnyLA2XoD2jWd1ODVpyhCh0cDrIn8KQyqAn2iydyYmi9k1OY5bufOih0w9j yMNay4blFbDA9kYGG0q1JSL391j4OUbgIT0CZhkEb5DRCBMdbgarbzrSUScG9Ite T64e2eUmEa4wZWrXAjdg1ieywC2/zigkFEumkOo7FQ8AEnUOosAqGyRpqIcnG5GJ Gb4aXNA1Qzkm4ECSlEmYHbXAGhRK2mnthn/SshfUoYv0PI34hvUaOlIK1TmO9TMU QdhujkihWsBlmTm9wRRlCtcxRERNbOr3pChxr9dwsfQy7Sbf4cwue2CNnQRuL1Qq 5oZ4RZh6rv9/uA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:57:17 2025 by rpki-client