This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft File: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft (raw, json) Hash identifier: 8nySPzqruL7e9N7buhOtfKCYZc6Sb3qfXG9zJtcT8G0= Subject key identifier: 1E:86:07:77:09:94:27:02:FC:86:22:58:03:38:D8:92:0B:F9:2F:02 Authority key identifier: 3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73 Certificate issuer: /CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773 Certificate serial: 019AFA672A4F308CDC566403E4BE7077594C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft Manifest number: 0A2D Signing time: Sun 07 Dec 2025 20:00:55 +0000 Manifest this update: Sun 07 Dec 2025 20:00:55 +0000 Manifest next update: Mon 08 Dec 2025 20:00:55 +0000 Files and hashes: 1: JD1ZF1XWLuEfY_xZK_HiSB-W5Sc.roa (hash: tU/SgRvLeOcLILG1M49HHg6nzxCmwlwyRSULttNgB8k=) 2: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl (hash: Fg2rNphNOf75TbdpRtHOimi8/rnPI17GGN8q6p33lEs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 17:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fa:67:2a:4f:30:8c:dc:56:64:03:e4:be:70:77:59:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773 Validity Not Before: Dec 7 20:00:55 2025 GMT Not After : Dec 8 20:00:55 2025 GMT Subject: CN=1e86077709942702fc8622580338d8920bf92f02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:fb:08:0a:fd:99:8c:f4:c5:5a:14:e4:25:05: a1:71:06:a8:5b:1e:4e:12:8e:78:9b:09:61:82:11: 75:c8:f6:c5:f2:66:65:27:f2:3e:fa:f5:eb:21:0a: 40:03:04:e9:08:83:af:44:bf:a3:db:11:3b:bf:52: 28:a9:c8:50:f1:3d:18:35:c4:7d:c5:3e:5d:8f:02: 00:84:b0:73:9d:a0:aa:33:71:47:4f:e9:c3:9d:de: 32:8c:77:4c:05:bb:ba:2e:1d:37:23:d5:98:de:6d: aa:d1:7a:9a:69:b8:3a:6d:bd:57:bc:eb:ce:9d:46: cc:be:79:8d:80:1b:fc:be:3c:82:1d:82:b0:cc:4d: c2:62:73:10:df:4d:15:ec:64:95:51:e2:30:71:ea: 9d:96:fc:1b:00:2b:6e:8e:c5:23:c0:fe:70:b8:b8: 18:74:b3:4d:c1:70:37:c4:21:e2:f0:e9:7b:88:df: 26:5d:c5:fb:59:e9:68:b8:29:e5:24:5d:9f:03:0e: 57:1d:ae:ed:d9:b4:0a:7f:dc:bc:fb:63:d8:8b:dc: c2:3d:92:b0:81:29:50:77:5c:73:23:bc:56:d7:a6: a6:aa:b6:7c:b4:65:ae:8b:47:01:ee:e8:bc:28:22: 81:b1:67:96:eb:22:19:81:a0:81:c6:9e:27:bf:cf: 50:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:86:07:77:09:94:27:02:FC:86:22:58:03:38:D8:92:0B:F9:2F:02 X509v3 Authority Key Identifier: keyid:3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:a5:87:13:36:b7:88:5c:f0:f4:23:f2:a8:df:07:c4:c1:02: a9:3f:4d:3f:f1:66:47:93:59:16:de:ab:3b:9d:1a:52:0d:57: 33:05:51:09:3e:0b:39:9a:ac:1f:45:77:0b:ec:91:7c:db:ef: 9a:11:24:d2:c8:ce:f2:eb:49:ca:6b:80:4d:6b:e7:99:0f:5f: 06:fc:47:1d:04:9c:37:69:4c:fd:24:40:79:f7:2e:96:c6:4b: a5:31:86:76:e9:e8:17:90:9d:9a:60:4e:eb:50:8c:6d:e6:12: 9f:3f:c6:8e:f6:31:77:13:55:0f:92:ee:c0:bd:e0:07:bd:59: 63:3a:e6:c4:6c:2a:0c:3b:48:1b:4c:6f:c7:cc:9d:e9:cb:41: 53:65:f0:3f:5a:c8:26:59:1e:c1:16:e6:5c:72:1c:58:a0:ec: f6:3c:5d:01:ed:09:06:41:32:ce:9f:18:50:ec:62:dd:e5:98: 82:aa:44:54:57:2c:8b:70:d2:bc:01:19:fc:81:c8:4d:c4:c3: a0:55:cb:7b:b3:a9:ce:26:3e:a7:da:56:ce:af:77:8a:b1:55: 4b:80:f8:39:ae:32:7e:31:a2:52:49:39:14:02:64:c3:b3:55: 77:92:a3:8e:b4:f7:ad:9d:5c:26:73:0e:b4:96:26:a8:e6:ca: e9:b4:9c:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr6ZypPMIzcVmQD5L5wd1lMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkODk3YmQ4YzZkZjFjYjcxNDEwZmUxOTRiZWQ3MzlhMmY4 YTY3NzMwHhcNMjUxMjA3MjAwMDU1WhcNMjUxMjA4MjAwMDU1WjAzMTEwLwYDVQQD EygxZTg2MDc3NzA5OTQyNzAyZmM4NjIyNTgwMzM4ZDg5MjBiZjkyZjAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/sICv2ZjPTFWhTkJQWhcQaoWx5O Eo54mwlhghF1yPbF8mZlJ/I++vXrIQpAAwTpCIOvRL+j2xE7v1IoqchQ8T0YNcR9 xT5djwIAhLBznaCqM3FHT+nDnd4yjHdMBbu6Lh03I9WY3m2q0Xqaabg6bb1XvOvO nUbMvnmNgBv8vjyCHYKwzE3CYnMQ300V7GSVUeIwceqdlvwbACtujsUjwP5wuLgY dLNNwXA3xCHi8Ol7iN8mXcX7WelouCnlJF2fAw5XHa7t2bQKf9y8+2PYi9zCPZKw gSlQd1xzI7xW16amqrZ8tGWui0cB7ui8KCKBsWeW6yIZgaCBxp4nv89QmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB6GB3cJlCcC/IYiWAM42JIL+S8CMB8GA1UdIwQY MBaAFD2Je9jG3xy3FBD+GUvtc5ovimdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzkt ZjlmOTIxNTBjZDM5LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzktZjlmOTIxNTBjZDM5 LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnKWHEza3 iFzw9CPyqN8HxMECqT9NP/FmR5NZFt6rO50aUg1XMwVRCT4LOZqsH0V3C+yRfNvv mhEk0sjO8utJymuATWvnmQ9fBvxHHQScN2lM/SRAefculsZLpTGGdunoF5CdmmBO 61CMbeYSnz/GjvYxdxNVD5LuwL3gB71ZYzrmxGwqDDtIG0xvx8yd6ctBU2XwP1rI JlkewRbmXHIcWKDs9jxdAe0JBkEyzp8YUOxi3eWYgqpEVFcsi3DSvAEZ/IHITcTD oFXLe7OpziY+p9pWzq93irFVS4D4Oa4yfjGiUkk5FAJkw7NVd5KjjrT3rZ1cJnMO tJYmqObK6bScrA== -----END CERTIFICATE-----Generated at Sun Dec 7 21:34:19 2025 by rpki-client