This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft File: Pn1HTATkiliTr3HDWnfN1oJv0zk.mft (raw, json) Hash identifier: 3IkFAIAljSaD64FiX9gYtAgepCZXBWI91OcGVMHhHbQ= Subject key identifier: 75:8C:25:74:1D:D0:F3:21:2E:36:86:3A:76:39:F2:CA:67:18:BF:9B Authority key identifier: 3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39 Certificate issuer: /CN=3e7d474c04e48a5893af71c35a77cdd6826fd339 Certificate serial: 019AF0F5E7C7B4C876241F9CC182D9D44E80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft Manifest number: 060E Signing time: Sat 06 Dec 2025 00:00:38 +0000 Manifest this update: Sat 06 Dec 2025 00:00:38 +0000 Manifest next update: Sun 07 Dec 2025 00:00:38 +0000 Files and hashes: 1: Pn1HTATkiliTr3HDWnfN1oJv0zk.crl (hash: dJk+cGRCKLvXt5Zpy/dMrSYX9FzE9AWZgsQ3zBgWTI8=) 2: kq527hgVr7ukC92yfbPMdR4xku4.asa (hash: LvIhj4F/rl2CGQnbgEZFLJhN4x8R+m0+ZkR3noVX8AQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:e7:c7:b4:c8:76:24:1f:9c:c1:82:d9:d4:4e:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e7d474c04e48a5893af71c35a77cdd6826fd339 Validity Not Before: Dec 6 00:00:38 2025 GMT Not After : Dec 7 00:00:38 2025 GMT Subject: CN=758c25741dd0f3212e36863a7639f2ca6718bf9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4e:e5:ac:21:46:13:a4:24:2e:7e:40:05:44: c1:76:53:9c:ac:95:2c:36:89:46:59:9c:03:02:8c: 67:99:dc:a4:88:13:79:3c:75:10:00:d0:81:96:48: 09:1c:5d:d3:e0:11:ec:1a:37:3b:5e:53:1e:5b:1c: 33:92:59:73:e4:13:ef:8a:dd:a9:5d:25:87:c4:37: 2f:b9:24:7b:48:b2:0b:69:33:73:f8:d6:15:0d:96: 48:cc:d0:3b:00:e1:2e:5e:ca:3b:7d:87:01:c0:8a: f4:4a:60:4d:c6:85:86:84:10:9f:71:c2:74:4e:a2: 70:15:ec:9c:f0:cb:d3:58:a2:92:74:52:3c:31:e8: 84:90:32:fa:fe:97:1f:f1:16:de:31:dd:88:2e:50: 64:3d:fa:29:cc:e1:bf:b6:d8:33:71:e5:08:64:0e: b0:a8:8c:4f:ab:a7:bf:c5:5f:4a:10:51:34:d4:64: 77:e9:6b:99:66:6c:80:6b:96:96:dc:79:ad:24:f3: 64:9c:a4:fd:ed:1a:0a:40:fb:e6:25:0f:20:bb:34: 2d:96:31:e2:c5:4b:98:d8:07:ed:05:68:bc:97:fb: f7:c9:fe:98:4a:d0:42:1a:75:97:f7:7d:b9:a6:e1: 14:a2:80:9d:93:f9:0a:f2:a8:0b:1f:43:67:8a:bb: 89:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:8C:25:74:1D:D0:F3:21:2E:36:86:3A:76:39:F2:CA:67:18:BF:9B X509v3 Authority Key Identifier: keyid:3E:7D:47:4C:04:E4:8A:58:93:AF:71:C3:5A:77:CD:D6:82:6F:D3:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pn1HTATkiliTr3HDWnfN1oJv0zk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7e30e8-b835-44af-a44b-903e4f5e1225/1/Pn1HTATkiliTr3HDWnfN1oJv0zk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:45:99:d1:a2:28:9c:d5:55:0f:76:8a:df:ae:c9:e5:27:b5: a3:33:44:d9:11:d7:e7:24:22:20:27:9d:18:cb:2f:9b:ce:e2: 03:28:c6:54:e6:fa:1f:46:54:08:2a:69:a2:20:ea:5e:55:27: 65:28:e0:46:3e:e3:f3:5c:44:ca:01:6b:55:a8:1b:82:57:70: 2f:8f:4b:49:7f:ca:ed:5c:01:01:b3:d7:fe:f6:36:1d:ae:c7: e0:0d:f4:29:08:74:ea:42:a3:89:ea:34:67:b3:c9:3b:f7:b6: 28:27:b1:65:e7:a9:02:be:ff:7c:06:62:a2:2f:96:70:90:28: c4:8d:c4:d3:e1:21:28:2e:9a:f0:1c:cc:13:ba:de:a8:fa:05: 8d:58:78:12:2c:99:c1:58:f8:68:e0:8d:48:75:39:3f:36:6e: bf:7a:7c:d2:f6:1b:96:f5:d0:dc:85:99:a6:a4:c1:99:f2:3e: 2f:04:64:8c:55:0a:94:f8:b9:f2:27:53:ba:67:11:bc:7d:59: da:43:57:3c:9a:29:f3:3c:80:d1:83:86:9b:61:23:c3:6f:de: 29:7e:dd:75:4a:6c:c1:83:ba:3b:0b:26:87:b7:26:d2:87:ed: 93:dd:f4:be:4a:06:69:fa:b8:fb:d1:92:a4:f7:9a:03:ed:ef: fc:5e:2e:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9efHtMh2JB+cwYLZ1E6AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlN2Q0NzRjMDRlNDhhNTg5M2FmNzFjMzVhNzdjZGQ2ODI2 ZmQzMzkwHhcNMjUxMjA2MDAwMDM4WhcNMjUxMjA3MDAwMDM4WjAzMTEwLwYDVQQD Eyg3NThjMjU3NDFkZDBmMzIxMmUzNjg2M2E3NjM5ZjJjYTY3MThiZjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE7lrCFGE6QkLn5ABUTBdlOcrJUs NolGWZwDAoxnmdykiBN5PHUQANCBlkgJHF3T4BHsGjc7XlMeWxwzkllz5BPvit2p XSWHxDcvuSR7SLILaTNz+NYVDZZIzNA7AOEuXso7fYcBwIr0SmBNxoWGhBCfccJ0 TqJwFeyc8MvTWKKSdFI8MeiEkDL6/pcf8RbeMd2ILlBkPfopzOG/ttgzceUIZA6w qIxPq6e/xV9KEFE01GR36WuZZmyAa5aW3HmtJPNknKT97RoKQPvmJQ8guzQtljHi xUuY2AftBWi8l/v3yf6YStBCGnWX9325puEUooCdk/kK8qgLH0NniruJDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHWMJXQd0PMhLjaGOnY58spnGL+bMB8GA1UdIwQY MBaAFD59R0wE5IpYk69xw1p3zdaCb9M5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGIt OTAzZTRmNWUxMjI1LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi83ZTMwZTgtYjgzNS00NGFmLWE0NGItOTAzZTRmNWUxMjI1 LzEvUG4xSFRBVGtpbGlUcjNIRFduZk4xb0p2MHprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbUWZ0aIo nNVVD3aK367J5Se1ozNE2RHX5yQiICedGMsvm87iAyjGVOb6H0ZUCCppoiDqXlUn ZSjgRj7j81xEygFrVagbgldwL49LSX/K7VwBAbPX/vY2Ha7H4A30KQh06kKjieo0 Z7PJO/e2KCexZeepAr7/fAZioi+WcJAoxI3E0+EhKC6a8BzME7reqPoFjVh4EiyZ wVj4aOCNSHU5PzZuv3p80vYblvXQ3IWZpqTBmfI+LwRkjFUKlPi58idTumcRvH1Z 2kNXPJop8zyA0YOGm2Ejw2/eKX7ddUpswYO6Owsmh7cm0oftk930vkoGafq4+9GS pPeaA+3v/F4uBg== -----END CERTIFICATE-----Generated at Sat Dec 6 05:05:32 2025 by rpki-client