This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft File: PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json) Hash identifier: EeKqpOCsW7d56ClDTSM0Pd5X+tceIux9b+qRBjVuf6w= Subject key identifier: A7:CF:A8:AD:00:57:17:E2:A4:EC:1B:11:CC:1A:C5:17:A2:CC:FB:59 Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6 Certificate issuer: /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6 Certificate serial: 019AF31B8422DB661AF7E272ECB292A83B84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft Manifest number: 04E6 Signing time: Sat 06 Dec 2025 10:00:58 +0000 Manifest this update: Sat 06 Dec 2025 10:00:58 +0000 Manifest next update: Sun 07 Dec 2025 10:00:58 +0000 Files and hashes: 1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: AupLJipQIosTxNhIheHhmR5oWeBR1LnW/nffQB11Opw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:84:22:db:66:1a:f7:e2:72:ec:b2:92:a8:3b:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6 Validity Not Before: Dec 6 10:00:58 2025 GMT Not After : Dec 7 10:00:58 2025 GMT Subject: CN=a7cfa8ad005717e2a4ec1b11cc1ac517a2ccfb59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:66:85:7e:9c:bf:04:2f:19:16:e4:e5:bb:ff: e3:ec:8e:d5:e5:59:06:92:11:ea:7f:55:78:6f:df: 6a:3a:b8:47:aa:96:cc:fe:ae:e9:4a:41:18:f2:c3: d6:76:60:c1:25:40:47:3b:75:e7:87:76:3d:e0:3f: 31:cc:a0:45:a9:4a:e0:0a:ac:35:79:5a:8f:a5:23: 58:b5:1b:2d:4a:c8:d6:ce:c5:87:5e:97:98:a1:0a: e3:d0:a3:a2:a1:41:71:1d:af:8c:bf:a7:6b:6d:b3: b2:44:e2:80:fa:61:50:d2:2f:31:b5:4d:57:fd:db: 77:b3:ac:cf:86:82:40:bd:47:14:04:e8:0d:6f:79: 4e:0e:2a:d0:c4:91:a2:28:cd:9a:48:94:ba:c8:a6: 9f:cd:fd:52:a7:27:6c:76:c0:9e:dc:23:7c:b7:bb: b9:ed:ec:7f:bb:f4:5c:6e:c5:2b:d6:5e:49:ee:dc: 4f:e4:b3:26:ca:7d:9a:19:db:01:3e:ed:ab:f2:d6: 97:63:9a:75:69:b5:30:f5:53:b3:69:ca:01:ed:9d: 5d:3e:5b:0e:e0:c7:e6:a0:87:c6:3e:eb:10:e6:65: f4:25:f5:63:66:df:8e:1d:91:1b:45:f6:c2:df:d8: 0d:8d:f7:39:a0:6c:37:33:c0:27:f0:aa:5c:d5:69: a1:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:CF:A8:AD:00:57:17:E2:A4:EC:1B:11:CC:1A:C5:17:A2:CC:FB:59 X509v3 Authority Key Identifier: keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:a6:cc:4e:99:ed:66:9b:92:90:01:5e:6b:df:60:93:a9:8c: 3d:6f:94:32:96:c1:b2:79:ac:b9:07:9a:fd:b2:35:0f:14:41: 3c:e8:2f:16:62:56:30:6a:65:82:42:33:da:d3:b3:ea:8e:cb: 10:22:3d:c8:59:03:08:f6:f8:39:7e:26:54:ca:bc:3a:a0:46: 43:65:98:d6:a7:32:ec:54:4c:55:91:5c:be:71:f9:d3:b1:1f: 12:4a:ae:17:d0:4b:c7:e4:2c:72:ab:06:6c:e2:f6:18:be:11: 93:15:9f:73:1f:b7:92:9c:25:30:81:8f:80:42:36:03:ba:40: 4e:3c:d0:29:67:d2:2a:bb:13:f7:1a:62:f8:76:c5:b0:84:71: 15:ee:70:50:a1:b5:b1:27:ed:57:61:65:f9:ec:6c:ec:11:dd: e3:a5:96:2d:19:60:d9:94:00:f4:48:41:13:21:3e:f0:9f:42: 6b:9b:a8:dc:b2:9f:68:31:3a:32:5c:35:72:85:6c:b4:e6:98: e9:e8:12:0d:13:1f:c1:45:48:1c:4d:4a:f5:4c:32:88:63:4c: 82:c9:bf:ee:d3:23:30:0f:dd:d8:1a:67:02:70:c9:d2:77:db: 4c:47:b6:87:33:a0:15:f0:14:34:79:72:63:ab:f2:ac:57:2e: 48:ef:71:4d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG4Qi22Ya9+Jy7LKSqDuEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy NWIzYTYwHhcNMjUxMjA2MTAwMDU4WhcNMjUxMjA3MTAwMDU4WjAzMTEwLwYDVQQD EyhhN2NmYThhZDAwNTcxN2UyYTRlYzFiMTFjYzFhYzUxN2EyY2NmYjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymaFfpy/BC8ZFuTlu//j7I7V5VkG khHqf1V4b99qOrhHqpbM/q7pSkEY8sPWdmDBJUBHO3Xnh3Y94D8xzKBFqUrgCqw1 eVqPpSNYtRstSsjWzsWHXpeYoQrj0KOioUFxHa+Mv6drbbOyROKA+mFQ0i8xtU1X /dt3s6zPhoJAvUcUBOgNb3lODirQxJGiKM2aSJS6yKafzf1SpydsdsCe3CN8t7u5 7ex/u/RcbsUr1l5J7txP5LMmyn2aGdsBPu2r8taXY5p1abUw9VOzacoB7Z1dPlsO 4MfmoIfGPusQ5mX0JfVjZt+OHZEbRfbC39gNjfc5oGw3M8An8Kpc1WmhQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKfPqK0AVxfipOwbEcwaxReizPtZMB8GA1UdIwQY MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5 LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArqbMTpnt ZpuSkAFea99gk6mMPW+UMpbBsnmsuQea/bI1DxRBPOgvFmJWMGplgkIz2tOz6o7L ECI9yFkDCPb4OX4mVMq8OqBGQ2WY1qcy7FRMVZFcvnH507EfEkquF9BLx+QscqsG bOL2GL4RkxWfcx+3kpwlMIGPgEI2A7pATjzQKWfSKrsT9xpi+HbFsIRxFe5wUKG1 sSftV2Fl+exs7BHd46WWLRlg2ZQA9EhBEyE+8J9Ca5uo3LKfaDE6Mlw1coVstOaY 6egSDRMfwUVIHE1K9UwyiGNMgsm/7tMjMA/d2BpnAnDJ0nfbTEe2hzOgFfAUNHly Y6vyrFcuSO9xTQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:24:54 2025 by rpki-client