This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.mft File: 1-puJ82fU-5UCh3AfYtSgObf2yyA.mft (raw, json) Hash identifier: irKjDgMMs1s4004MfWzvVdJm/DbroX01GG7wO5bxWD0= Subject key identifier: 08:84:DE:AA:43:22:35:E2:A3:9A:D3:F5:7A:4F:61:0E:1B:11:08:F3 Authority key identifier: FA:9B:89:F3:67:D4:FB:95:02:87:70:1F:62:D4:A0:39:B7:F6:CB:20 Certificate issuer: /CN=fa9b89f367d4fb950287701f62d4a039b7f6cb20 Certificate serial: 019AF465240397CF638FDC0627E5281998E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-puJ82fU-5UCh3AfYtSgObf2yyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.mft Manifest number: 1570 Signing time: Sat 06 Dec 2025 16:01:00 +0000 Manifest this update: Sat 06 Dec 2025 16:01:00 +0000 Manifest next update: Sun 07 Dec 2025 16:01:00 +0000 Files and hashes: 1: 1-puJ82fU-5UCh3AfYtSgObf2yyA.crl (hash: yDcmyI3CJ6XuMGiQUbygGwckVl6gK/Q4jUfX59l07ic=) 2: BkhUnEeKLpdw7zqQsCW8fb_TG_I.roa (hash: krWgcFHtgzZmGIlUNG6InVr0KfezPC+cFYoPcdTkKaw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.crl rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.mft rsync://rpki.ripe.net/repository/DEFAULT/1-puJ82fU-5UCh3AfYtSgObf2yyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:24:03:97:cf:63:8f:dc:06:27:e5:28:19:98:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fa9b89f367d4fb950287701f62d4a039b7f6cb20 Validity Not Before: Dec 6 16:01:00 2025 GMT Not After : Dec 7 16:01:00 2025 GMT Subject: CN=0884deaa432235e2a39ad3f57a4f610e1b1108f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3a:be:44:ac:06:44:a1:39:26:7a:9f:a8:b1: eb:33:b0:1b:05:9b:94:e1:06:1d:49:12:19:81:41: 8a:71:5c:4c:81:d5:f3:c4:81:6a:84:f6:c1:4d:6e: e3:4e:56:ca:a0:70:ca:70:a0:ad:d0:55:d6:7d:77: 28:23:1f:a1:09:13:92:35:a1:96:01:d9:41:25:75: 84:72:a0:ef:a5:7f:7c:48:b1:65:e5:f6:85:a8:a4: 37:63:d6:04:70:94:9e:61:1a:fd:b5:4c:71:7b:50: 47:df:a0:d3:58:56:0b:a4:32:42:cd:d6:f6:75:c5: 30:5f:9d:3d:20:10:62:be:3f:ed:b3:15:77:78:dc: fa:22:be:5d:e1:2f:51:d2:1c:f9:31:4c:39:3c:4d: 9b:cb:24:38:83:32:85:e4:f7:b2:4d:de:4b:c2:82: 01:ca:08:94:57:b1:f6:48:a2:73:85:b1:d3:91:99: 15:38:00:54:d9:fe:2c:ae:f3:2a:ab:c5:bb:7f:24: 9c:6f:4d:e3:b4:d0:76:b2:a2:1b:c7:8b:8f:b6:46: 6a:91:f0:11:e7:4c:89:91:ee:63:1a:15:ed:f2:dc: 10:ec:23:5d:0b:ee:73:8f:d6:26:75:a5:13:56:af: 37:ad:d3:07:e3:4b:b5:be:f0:16:15:d2:6a:9d:29: b6:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:84:DE:AA:43:22:35:E2:A3:9A:D3:F5:7A:4F:61:0E:1B:11:08:F3 X509v3 Authority Key Identifier: keyid:FA:9B:89:F3:67:D4:FB:95:02:87:70:1F:62:D4:A0:39:B7:F6:CB:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-puJ82fU-5UCh3AfYtSgObf2yyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/98933a-7581-4979-9121-0e1a68c7563b/1/1-puJ82fU-5UCh3AfYtSgObf2yyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:fd:de:6f:20:78:fa:71:96:64:9e:c4:df:57:ed:68:af:4c: c0:5c:6a:b7:cc:3b:94:5e:f0:dd:f4:7c:0e:7b:f2:a3:18:68: a5:95:24:b4:12:48:15:c3:df:77:dc:8c:01:86:dd:45:7b:22: c1:a1:42:58:10:0e:97:6d:37:52:93:f8:d5:ce:97:d0:f5:68: ad:e7:c9:c2:cf:dc:70:83:40:bd:cc:03:3b:91:7e:36:24:f2: a5:b5:e0:49:62:e1:0b:ca:f4:5f:69:61:a7:14:fa:ba:34:05: af:2a:bb:da:d7:6d:79:33:a8:ed:b3:d1:b6:12:5a:a4:62:e6: 92:16:96:50:dc:90:27:59:5e:20:fb:61:77:5a:1a:d5:36:c6: 6c:d7:5a:a7:01:4a:ba:a6:bc:a7:76:64:51:7b:11:7f:6e:16: 07:e3:e7:1a:fc:53:a7:59:93:18:47:70:cf:b7:0f:d9:21:3f: 82:1f:5e:d0:f5:ad:a8:ea:03:3c:c7:e3:04:a1:1e:a9:f4:7f: 25:d2:2f:41:6d:8c:86:15:91:c6:59:29:70:51:3a:c4:ce:8d: 17:14:60:16:c0:aa:ad:57:91:3a:c4:a9:a3:29:30:22:60:cc: 2c:bf:57:1c:f5:91:48:b7:29:9d:15:b1:d4:d0:6b:05:d4:6e: 3c:0e:a0:72 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZr0ZSQDl89jj9wGJ+UoGZjkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZhOWI4OWYzNjdkNGZiOTUwMjg3NzAxZjYyZDRhMDM5Yjdm NmNiMjAwHhcNMjUxMjA2MTYwMTAwWhcNMjUxMjA3MTYwMTAwWjAzMTEwLwYDVQQD EygwODg0ZGVhYTQzMjIzNWUyYTM5YWQzZjU3YTRmNjEwZTFiMTEwOGYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDq+RKwGRKE5JnqfqLHrM7AbBZuU 4QYdSRIZgUGKcVxMgdXzxIFqhPbBTW7jTlbKoHDKcKCt0FXWfXcoIx+hCROSNaGW AdlBJXWEcqDvpX98SLFl5faFqKQ3Y9YEcJSeYRr9tUxxe1BH36DTWFYLpDJCzdb2 dcUwX509IBBivj/tsxV3eNz6Ir5d4S9R0hz5MUw5PE2byyQ4gzKF5PeyTd5LwoIB ygiUV7H2SKJzhbHTkZkVOABU2f4srvMqq8W7fyScb03jtNB2sqIbx4uPtkZqkfAR 50yJke5jGhXt8twQ7CNdC+5zj9YmdaUTVq83rdMH40u1vvAWFdJqnSm2nwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFAiE3qpDIjXio5rT9XpPYQ4bEQjzMB8GA1UdIwQY MBaAFPqbifNn1PuVAodwH2LUoDm39ssgMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1wdUo4MmZVLTVVQ2gzQWZZdFNnT2JmMnl5QS5jZXIw gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvOTg5MzNhLTc1ODEtNDk3OS05MTIx LTBlMWE2OGM3NTYzYi8xLzEtcHVKODJmVS01VUNoM0FmWXRTZ09iZjJ5eUEubWZ0 MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np dG9yeS9ERUZBVUxULzY1Lzk4OTMzYS03NTgxLTQ5NzktOTEyMS0wZTFhNjhjNzU2 M2IvMS8xLXB1SjgyZlUtNVVDaDNBZll0U2dPYmYyeXlBLmNybDAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/3e byB4+nGWZJ7E31ftaK9MwFxqt8w7lF7w3fR8DnvyoxhopZUktBJIFcPfd9yMAYbd RXsiwaFCWBAOl203UpP41c6X0PVorefJws/ccINAvcwDO5F+NiTypbXgSWLhC8r0 X2lhpxT6ujQFryq72tdteTOo7bPRthJapGLmkhaWUNyQJ1leIPthd1oa1TbGbNda pwFKuqa8p3ZkUXsRf24WB+PnGvxTp1mTGEdwz7cP2SE/gh9e0PWtqOoDPMfjBKEe qfR/JdIvQW2MhhWRxlkpcFE6xM6NFxRgFsCqrVeROsSpoykwImDMLL9XHPWRSLcp nRWx1NBrBdRuPA6gcg== -----END CERTIFICATE-----Generated at Sat Dec 6 21:05:41 2025 by rpki-client