This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft File: pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json) Hash identifier: iZSE5cjwv9LMix7sSA+fnEVjrRM66AjEfLxKxi0emHo= Subject key identifier: E4:DD:A8:4B:ED:07:3D:E8:B6:BC:40:F7:41:A5:46:63:1F:91:10:BC Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56 Certificate issuer: /CN=a6e91a9d7caef4818674c5d6262813615c89de56 Certificate serial: 019AF31CDE2332617FD48379FF129B4C15FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft Manifest number: 10D5 Signing time: Sat 06 Dec 2025 10:02:26 +0000 Manifest this update: Sat 06 Dec 2025 10:02:26 +0000 Manifest next update: Sun 07 Dec 2025 10:02:26 +0000 Files and hashes: 1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: 9TozBjsb4gybCwO2VxtRQ6sM6KWBzYPsGiCFMEJxNwA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:de:23:32:61:7f:d4:83:79:ff:12:9b:4c:15:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56 Validity Not Before: Dec 6 10:02:26 2025 GMT Not After : Dec 7 10:02:26 2025 GMT Subject: CN=e4dda84bed073de8b6bc40f741a546631f9110bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:ec:3e:94:e0:48:ad:cc:34:9c:75:99:6d:c1: 40:28:dd:9d:9f:2f:18:57:49:84:28:6a:60:79:6a: a4:e0:8d:16:84:0c:d5:3b:91:51:ef:80:96:a0:0f: 3b:97:4a:b9:93:4a:fa:c7:1b:bc:35:53:77:41:2e: af:5f:6f:c4:96:b9:4b:da:f8:61:12:28:8f:53:a1: f2:6f:83:1b:b6:eb:e2:c4:9d:6b:2f:75:56:30:47: 62:27:14:bc:a5:8d:c2:f4:b4:dd:84:46:07:06:e1: 6c:f8:7f:c9:7e:f1:a8:01:22:64:e3:7e:00:a4:78: ab:b4:0e:11:08:18:d4:90:c0:f8:16:1a:52:31:bf: 7b:5e:9d:82:de:a8:d9:63:0c:e7:64:2e:97:0d:bd: 12:62:10:5b:86:cc:9b:b8:02:39:a8:5f:a0:bf:65: 61:85:0d:9d:c9:ae:b2:1b:af:54:3e:3f:f3:1a:9d: 91:a3:f2:65:be:82:15:e0:39:19:df:63:3f:52:b9: 08:0c:64:c8:9f:cd:a3:eb:c7:21:c0:60:51:11:35: c7:95:a8:02:7e:95:59:ba:3b:fb:0f:80:0c:92:43: 58:ea:66:d1:ed:f1:67:0c:88:0a:17:96:e5:6c:10: 0f:54:ea:3e:9e:4b:c3:92:fa:26:fb:07:fc:27:0d: 9a:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:DD:A8:4B:ED:07:3D:E8:B6:BC:40:F7:41:A5:46:63:1F:91:10:BC X509v3 Authority Key Identifier: keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:16:af:b9:5f:71:5d:4b:9c:f7:60:48:6a:89:a6:f1:8a:0e: 62:d6:af:3c:d5:34:80:3c:15:43:aa:18:d1:8c:b3:3f:49:eb: 69:a3:3c:10:ec:38:42:d8:80:a2:99:18:16:c2:19:d0:e7:ba: f5:de:c4:24:16:39:5d:5a:6b:4b:94:df:ce:94:81:09:fb:7e: 14:56:3e:57:0a:b8:0d:c7:f2:da:33:f2:6e:4f:15:1e:9d:32: 98:ad:77:eb:8c:61:0a:22:65:2f:a1:9c:7e:67:92:ad:83:92: b0:69:8c:fc:37:b6:0f:83:bc:fc:4a:dc:db:12:b6:58:99:a1: 28:c7:97:2c:3a:aa:f1:b7:26:64:5c:6b:33:f3:37:99:91:b7: 70:c3:32:13:13:0d:c1:47:84:6b:e8:79:68:42:b7:31:01:0b: 4e:e2:74:d0:f9:65:2e:87:fd:f4:a4:42:d8:aa:ac:51:ca:aa: 7d:fb:80:ed:50:2e:65:a4:51:af:5f:f8:dd:eb:1f:7e:4d:bd: df:58:f7:4c:bc:57:2e:87:09:6b:cb:cf:2d:06:71:04:ec:2d: 66:ce:60:c8:a9:a3:da:a0:3e:2e:41:05:fd:66:f7:23:7e:ef: 92:64:02:f6:12:ba:80:f0:8d:d4:87:9c:df:bd:58:0f:ba:84: 33:20:67:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHN4jMmF/1IN5/xKbTBX6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4 OWRlNTYwHhcNMjUxMjA2MTAwMjI2WhcNMjUxMjA3MTAwMjI2WjAzMTEwLwYDVQQD EyhlNGRkYTg0YmVkMDczZGU4YjZiYzQwZjc0MWE1NDY2MzFmOTExMGJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ow+lOBIrcw0nHWZbcFAKN2dny8Y V0mEKGpgeWqk4I0WhAzVO5FR74CWoA87l0q5k0r6xxu8NVN3QS6vX2/ElrlL2vhh EiiPU6Hyb4MbtuvixJ1rL3VWMEdiJxS8pY3C9LTdhEYHBuFs+H/JfvGoASJk434A pHirtA4RCBjUkMD4FhpSMb97Xp2C3qjZYwznZC6XDb0SYhBbhsybuAI5qF+gv2Vh hQ2dya6yG69UPj/zGp2Ro/JlvoIV4DkZ32M/UrkIDGTIn82j68chwGBRETXHlagC fpVZujv7D4AMkkNY6mbR7fFnDIgKF5blbBAPVOo+nkvDkvom+wf8Jw2alQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOTdqEvtBz3otrxA90GlRmMfkRC8MB8GA1UdIwQY MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRavuV9x XUuc92BIaomm8YoOYtavPNU0gDwVQ6oY0YyzP0nraaM8EOw4QtiAopkYFsIZ0Oe6 9d7EJBY5XVprS5TfzpSBCft+FFY+Vwq4Dcfy2jPybk8VHp0ymK1364xhCiJlL6Gc fmeSrYOSsGmM/De2D4O8/Erc2xK2WJmhKMeXLDqq8bcmZFxrM/M3mZG3cMMyExMN wUeEa+h5aEK3MQELTuJ00PllLof99KRC2KqsUcqqffuA7VAuZaRRr1/43esffk29 31j3TLxXLocJa8vPLQZxBOwtZs5gyKmj2qA+LkEF/Wb3I37vkmQC9hK6gPCN1Iec 371YD7qEMyBnpw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:59:27 2025 by rpki-client