This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft File: PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft (raw, json) Hash identifier: PhUBNN7QFClhb+9g6xZhNf9VvGXBIOckU6EfiJ1R7G8= Subject key identifier: 87:20:D5:C0:AD:9B:18:A3:62:F5:5B:95:F0:0B:C6:ED:EC:CE:44:BA Authority key identifier: 3D:82:F1:FC:E0:08:BC:C7:25:DD:BB:E7:06:74:51:DD:82:05:93:07 Certificate issuer: /CN=3d82f1fce008bcc725ddbbe7067451dd82059307 Certificate serial: 019AF2ADDAEB814C336355670671BC66C486 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYLx_OAIvMcl3bvnBnRR3YIFkwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft Manifest number: 01B4 Signing time: Sat 06 Dec 2025 08:01:11 +0000 Manifest this update: Sat 06 Dec 2025 08:01:11 +0000 Manifest next update: Sun 07 Dec 2025 08:01:11 +0000 Files and hashes: 1: PYLx_OAIvMcl3bvnBnRR3YIFkwc.crl (hash: C6IReprzu3rBxpBkQe+xJH0PvMvPrRfAREJp0XA+HNI=) 2: TonV6li5yUkoZ-CnaxO8HKBagJ8.roa (hash: XnEwLGsQ6FECYx0FnlaZRoMgPrGS5ObC7JCUywQQ//c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft rsync://rpki.ripe.net/repository/DEFAULT/PYLx_OAIvMcl3bvnBnRR3YIFkwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:da:eb:81:4c:33:63:55:67:06:71:bc:66:c4:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d82f1fce008bcc725ddbbe7067451dd82059307 Validity Not Before: Dec 6 08:01:11 2025 GMT Not After : Dec 7 08:01:11 2025 GMT Subject: CN=8720d5c0ad9b18a362f55b95f00bc6edecce44ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:40:17:74:c6:8f:9d:84:b1:53:76:90:f9:a4: 7e:3a:d2:07:16:ad:c1:2e:00:58:5b:cb:3f:c3:12: 8f:a2:09:ba:8e:9e:f2:1d:d0:4b:43:80:81:a5:fd: 3c:b6:d2:b5:1e:8a:40:f8:7d:5a:d8:8a:fe:88:03: 1f:a0:20:3f:08:be:9c:ef:c5:7e:80:e3:0e:fb:e6: bd:76:92:77:d2:a0:28:fa:49:cc:89:cf:da:76:b3: 3f:f7:9b:71:dc:ef:88:d6:9e:db:1f:f7:f5:09:e2: cf:f8:88:78:f9:ef:91:f9:85:7f:94:d1:47:ba:2d: 30:04:e4:7d:72:ba:24:dd:fc:d8:e2:36:8d:db:33: 65:7f:32:29:a1:d6:c4:67:78:60:5f:fd:fa:6d:c8: 0d:a7:08:5d:a7:6f:cb:00:22:4c:2b:bc:0c:40:f7: 53:8a:d8:14:b6:c3:19:8b:f4:e2:87:8a:37:bb:02: 98:10:fb:e7:3b:bf:c7:05:e5:ad:1e:9b:40:71:a8: 74:1a:eb:e3:f6:69:3d:f6:a7:fb:9f:66:37:3b:68: a7:9b:41:c8:a5:7d:e6:25:9e:90:6a:76:5f:2c:dd: 86:0b:69:c8:a9:6a:e8:0c:60:7f:6a:c3:a7:9d:5e: 0f:be:88:1b:2b:01:01:fd:14:db:b3:0e:0b:79:75: d5:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:20:D5:C0:AD:9B:18:A3:62:F5:5B:95:F0:0B:C6:ED:EC:CE:44:BA X509v3 Authority Key Identifier: keyid:3D:82:F1:FC:E0:08:BC:C7:25:DD:BB:E7:06:74:51:DD:82:05:93:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYLx_OAIvMcl3bvnBnRR3YIFkwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9c4a77-0c7e-494c-a231-bf1e99c0cf3f/1/PYLx_OAIvMcl3bvnBnRR3YIFkwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:2c:23:99:61:c0:33:71:c7:1b:2c:72:e1:9c:12:f3:03:b5: 3f:cc:9a:ec:4d:7e:d5:ae:cc:3d:f6:d1:5a:8f:40:fd:58:0d: 19:23:3a:99:5c:b6:be:ec:4e:b3:f5:09:85:88:a4:0e:f1:3b: b5:bd:43:dc:e0:67:27:78:16:51:32:8b:b5:73:b5:12:02:0d: cc:34:83:cf:0e:e5:31:89:29:2d:3f:b3:ae:cd:99:71:4e:75: 23:91:e9:37:48:79:29:a1:23:0f:25:ed:f3:b3:a0:7a:9a:03: 5a:eb:72:f8:26:ba:b1:89:a9:b5:22:d4:a8:20:2a:1b:fd:8d: 6f:c9:65:6b:b9:14:f9:4a:eb:76:a2:6e:af:00:92:a3:2b:fe: f3:4b:13:27:65:38:08:31:fc:06:6e:9a:0f:34:f4:f3:45:04: 02:cd:7e:4a:bc:29:6a:58:39:cc:25:00:29:d5:42:fa:ca:5f: c9:70:ca:d7:70:9d:af:47:86:82:d1:1a:1e:10:72:4a:42:3d: c4:57:9c:5a:a2:4d:d4:18:d9:3d:4e:0d:01:32:c5:de:c9:75: 30:99:f8:5f:18:0b:69:b5:04:05:7c:a6:f9:1e:f9:25:dd:bc: 1a:12:0f:37:1d:d8:ab:2d:ad:2c:93:3d:48:d9:56:6a:de:19: 12:00:ea:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrdrrgUwzY1VnBnG8ZsSGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkODJmMWZjZTAwOGJjYzcyNWRkYmJlNzA2NzQ1MWRkODIw NTkzMDcwHhcNMjUxMjA2MDgwMTExWhcNMjUxMjA3MDgwMTExWjAzMTEwLwYDVQQD Eyg4NzIwZDVjMGFkOWIxOGEzNjJmNTViOTVmMDBiYzZlZGVjY2U0NGJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUAXdMaPnYSxU3aQ+aR+OtIHFq3B LgBYW8s/wxKPogm6jp7yHdBLQ4CBpf08ttK1HopA+H1a2Ir+iAMfoCA/CL6c78V+ gOMO++a9dpJ30qAo+knMic/adrM/95tx3O+I1p7bH/f1CeLP+Ih4+e+R+YV/lNFH ui0wBOR9crok3fzY4jaN2zNlfzIpodbEZ3hgX/36bcgNpwhdp2/LACJMK7wMQPdT itgUtsMZi/Tih4o3uwKYEPvnO7/HBeWtHptAcah0Guvj9mk99qf7n2Y3O2inm0HI pX3mJZ6QanZfLN2GC2nIqWroDGB/asOnnV4PvogbKwEB/RTbsw4LeXXVgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIcg1cCtmxijYvVblfALxu3szkS6MB8GA1UdIwQY MBaAFD2C8fzgCLzHJd275wZ0Ud2CBZMHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFlMeF9PQUl2TWNsM2J2bkJuUlIzWUlGa3djLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85YzRhNzctMGM3ZS00OTRjLWEyMzEt YmYxZTk5YzBjZjNmLzEvUFlMeF9PQUl2TWNsM2J2bkJuUlIzWUlGa3djLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi85YzRhNzctMGM3ZS00OTRjLWEyMzEtYmYxZTk5YzBjZjNm LzEvUFlMeF9PQUl2TWNsM2J2bkJuUlIzWUlGa3djLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjCwjmWHA M3HHGyxy4ZwS8wO1P8ya7E1+1a7MPfbRWo9A/VgNGSM6mVy2vuxOs/UJhYikDvE7 tb1D3OBnJ3gWUTKLtXO1EgINzDSDzw7lMYkpLT+zrs2ZcU51I5HpN0h5KaEjDyXt 87OgepoDWuty+Ca6sYmptSLUqCAqG/2Nb8lla7kU+UrrdqJurwCSoyv+80sTJ2U4 CDH8Bm6aDzT080UEAs1+Srwpalg5zCUAKdVC+spfyXDK13Cdr0eGgtEaHhBySkI9 xFecWqJN1BjZPU4NATLF3sl1MJn4XxgLabUEBXym+R75Jd28GhIPNx3Yqy2tLJM9 SNlWat4ZEgDqiQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:00:23 2025 by rpki-client