This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft File: PI0Z2SQBkcNql0ti35PCIUNtm90.mft (raw, json) Hash identifier: Wlj1wJUFWTAdYA1utxtcYcBf+V05DBCzHxBCqRG6jW0= Subject key identifier: 4D:20:7C:58:87:41:AC:93:51:5F:FF:1E:D0:04:B8:B3:8C:76:9A:B7 Authority key identifier: 3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD Certificate issuer: /CN=3c8d19d9240191c36a974b62df93c221436d9bdd Certificate serial: 019AF31C7A9C2582877125134C98C074B36E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft Manifest number: 0B9C Signing time: Sat 06 Dec 2025 10:02:01 +0000 Manifest this update: Sat 06 Dec 2025 10:02:01 +0000 Manifest next update: Sun 07 Dec 2025 10:02:01 +0000 Files and hashes: 1: PI0Z2SQBkcNql0ti35PCIUNtm90.crl (hash: /gEyzEKhz0gdEv/SFlSTqyGOQAhSKL15ysDxq1ClFR4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:7a:9c:25:82:87:71:25:13:4c:98:c0:74:b3:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c8d19d9240191c36a974b62df93c221436d9bdd Validity Not Before: Dec 6 10:02:01 2025 GMT Not After : Dec 7 10:02:01 2025 GMT Subject: CN=4d207c588741ac93515fff1ed004b8b38c769ab7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:ed:3d:d3:15:1f:22:94:97:56:f2:3a:08:0a: ec:ca:3d:70:f3:bd:18:f9:84:b3:94:88:cc:62:e8: 4b:e9:62:94:13:08:d5:ce:f0:91:9c:16:02:df:9d: f0:c7:ff:52:86:5e:de:7f:cc:43:1e:54:ad:8d:99: 33:13:25:ba:40:5c:76:58:a0:68:75:71:ff:ee:c5: 34:64:db:1d:1d:60:b3:04:6e:5a:a0:42:7c:2c:ee: e5:f7:4a:78:09:ac:c0:31:48:ec:e4:10:95:4c:9d: c9:ed:ce:75:ca:eb:40:5c:45:46:4c:9d:b8:c1:7b: 2d:96:65:ca:2b:0d:50:d1:f2:95:29:d9:7d:4e:64: c5:01:33:04:9e:42:6c:12:84:8a:08:ea:44:61:b7: f3:f4:ff:23:bc:fa:cb:7d:19:3d:64:24:2c:95:74: ee:cc:1c:8a:5d:9a:a5:fb:9c:a4:35:d3:2e:a7:37: d0:89:2b:fe:87:b6:3c:c9:3f:46:d2:50:d3:13:cb: 0b:82:48:23:00:e5:7a:b5:72:6d:91:ee:f5:39:31: 53:5a:e8:51:60:11:cf:96:10:63:f5:9a:5e:b2:14: 8f:eb:b5:b9:18:b2:0a:6d:d8:e3:56:72:cd:9d:59: 9c:15:34:b0:42:7d:bf:a5:51:c7:26:6e:09:a8:17: 92:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:20:7C:58:87:41:AC:93:51:5F:FF:1E:D0:04:B8:B3:8C:76:9A:B7 X509v3 Authority Key Identifier: keyid:3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:c7:5b:54:14:19:d3:bf:25:90:c4:af:ad:39:73:dd:ed:7b: 47:70:b0:88:3f:44:c1:6b:76:5e:93:4f:54:a4:51:d4:fa:6b: 48:cd:b4:7a:7f:6c:48:10:78:21:42:33:50:84:7e:1c:93:7f: 9b:ff:60:f3:66:88:19:89:81:f9:e4:61:16:8a:4e:24:ff:24: 93:73:26:ea:06:2e:91:ce:dc:2e:48:95:77:0b:bc:e8:72:3e: 07:26:f7:a2:93:8f:de:b1:33:b6:b6:1d:e3:1d:29:f1:5e:a7: 03:e0:7f:4f:b8:38:68:f2:9f:b7:35:ce:89:ff:eb:6f:5c:3c: 33:24:26:80:d6:f2:03:f7:eb:1b:01:31:51:11:d5:89:04:5f: 73:bf:30:f7:2c:47:8e:1c:f5:0b:8a:41:71:b8:c7:46:ed:c3: 0a:7c:71:f3:02:00:63:34:a0:e1:ad:37:cf:39:8a:29:4e:bd: a5:4d:16:ff:b4:3d:17:00:ea:b4:b3:d7:ee:ca:cd:c2:95:d2: 17:c2:1a:08:4e:8a:eb:46:02:5f:b8:3f:ff:03:2d:41:27:8a: 8d:2c:1a:62:12:70:bb:9b:33:67:bd:50:28:0e:90:fa:6e:1e: eb:b0:dd:82:11:99:c2:af:45:02:3f:c5:9e:c4:80:18:ce:8d: 64:e8:d6:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHHqcJYKHcSUTTJjAdLNuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjOGQxOWQ5MjQwMTkxYzM2YTk3NGI2MmRmOTNjMjIxNDM2 ZDliZGQwHhcNMjUxMjA2MTAwMjAxWhcNMjUxMjA3MTAwMjAxWjAzMTEwLwYDVQQD Eyg0ZDIwN2M1ODg3NDFhYzkzNTE1ZmZmMWVkMDA0YjhiMzhjNzY5YWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5O090xUfIpSXVvI6CArsyj1w870Y +YSzlIjMYuhL6WKUEwjVzvCRnBYC353wx/9Shl7ef8xDHlStjZkzEyW6QFx2WKBo dXH/7sU0ZNsdHWCzBG5aoEJ8LO7l90p4CazAMUjs5BCVTJ3J7c51yutAXEVGTJ24 wXstlmXKKw1Q0fKVKdl9TmTFATMEnkJsEoSKCOpEYbfz9P8jvPrLfRk9ZCQslXTu zByKXZql+5ykNdMupzfQiSv+h7Y8yT9G0lDTE8sLgkgjAOV6tXJtke71OTFTWuhR YBHPlhBj9ZpeshSP67W5GLIKbdjjVnLNnVmcFTSwQn2/pVHHJm4JqBeSWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE0gfFiHQayTUV//HtAEuLOMdpq3MB8GA1UdIwQY MBaAFDyNGdkkAZHDapdLYt+TwiFDbZvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAt MTAzNTdiODdjYjIzLzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAtMTAzNTdiODdjYjIz LzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8dbVBQZ 078lkMSvrTlz3e17R3CwiD9EwWt2XpNPVKRR1PprSM20en9sSBB4IUIzUIR+HJN/ m/9g82aIGYmB+eRhFopOJP8kk3Mm6gYukc7cLkiVdwu86HI+Byb3opOP3rEztrYd 4x0p8V6nA+B/T7g4aPKftzXOif/rb1w8MyQmgNbyA/frGwExURHViQRfc78w9yxH jhz1C4pBcbjHRu3DCnxx8wIAYzSg4a03zzmKKU69pU0W/7Q9FwDqtLPX7srNwpXS F8IaCE6K60YCX7g//wMtQSeKjSwaYhJwu5szZ71QKA6Q+m4e67DdghGZwq9FAj/F nsSAGM6NZOjWIA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:48:27 2025 by rpki-client