This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft File: PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft (raw, json) Hash identifier: wcg750Us8kDFt56BC6g7jXMsvz2f7RbnL+QneaHQt0s= Subject key identifier: 3D:70:68:CB:F4:18:4F:67:79:8C:63:AE:31:C0:B5:D1:34:A0:35:80 Authority key identifier: 3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A Certificate issuer: /CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a Certificate serial: 019AF3BFF7D5818918CFC6141EA29A8A48AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 13:00:35 +0000 Manifest this update: Sat 06 Dec 2025 13:00:35 +0000 Manifest next update: Sun 07 Dec 2025 13:00:35 +0000 Files and hashes: 1: PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl (hash: VXb8fskHTFRVaYTO/B9olPZZzZypyhlA4zvg/UqMujQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:bf:f7:d5:81:89:18:cf:c6:14:1e:a2:9a:8a:48:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a Validity Not Before: Dec 6 13:00:35 2025 GMT Not After : Dec 7 13:00:35 2025 GMT Subject: CN=3d7068cbf4184f67798c63ae31c0b5d134a03580 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:36:c7:ae:8e:44:a2:3d:1d:fb:2b:ab:4c:d6: 70:41:c0:7e:f5:6b:ca:f5:fc:ce:a9:db:7e:e0:0c: 56:28:41:6b:9d:05:b7:7e:5c:d3:5a:b7:37:d1:46: de:98:85:dc:53:4c:bf:1b:67:66:9c:d0:76:86:44: 38:a1:1b:5e:83:96:40:ba:91:da:a4:39:d9:50:c9: da:3d:a6:b6:00:58:fc:be:af:72:b5:ed:36:d0:ff: fd:fe:ab:63:e9:2c:26:19:34:7d:25:3b:b2:dd:9b: 4f:c6:87:50:29:70:74:19:8e:34:ba:60:9c:a6:79: 88:55:58:d8:88:ae:f4:34:21:ed:be:ee:b0:24:0f: e2:ea:d6:2f:d5:9c:be:e2:df:bd:bb:b2:2f:4f:aa: 15:67:51:0a:40:86:f1:94:b3:b7:4d:de:85:17:4c: 3b:45:4c:bb:a3:c1:fa:98:82:25:b5:a8:ba:e6:f6: dc:b5:d3:a1:ca:12:3c:be:6b:82:16:a3:bd:7e:d6: a0:af:8d:84:c2:e9:05:e5:3b:36:f3:8c:d8:06:6d: 74:f0:8f:b5:10:d8:56:58:dd:98:5c:82:2f:48:c5: 8c:f6:f3:dd:3b:7c:c5:bf:a6:e7:dd:e4:1b:96:c6: 91:ba:ed:71:56:77:2c:f6:0d:1d:3e:c9:e4:08:4d: 1c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:70:68:CB:F4:18:4F:67:79:8C:63:AE:31:C0:B5:D1:34:A0:35:80 X509v3 Authority Key Identifier: keyid:3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:19:5c:36:ad:a3:80:3e:51:27:85:3e:86:fc:1e:90:14:99: ac:2f:95:85:8c:01:55:cc:e4:f1:4a:02:91:10:24:f8:1e:18: 83:2f:84:e7:da:6b:cb:fe:60:3e:7c:f0:52:8a:3c:bf:70:a2: 47:70:57:0b:68:96:4b:7b:4f:e4:cb:2e:2c:bf:4b:fe:7c:72: b6:50:2e:73:51:cd:ae:a8:84:6a:50:6d:88:17:80:1f:2d:c6: 9d:49:a9:0d:4c:b0:30:cf:6a:59:7f:30:9b:b3:18:c0:c8:75: 4d:35:96:f8:ca:55:39:a4:89:60:7e:31:5f:47:2f:17:07:4d: d1:66:71:b2:c9:3a:1a:df:ea:be:ee:f1:82:de:da:a1:18:df: 46:5b:a8:b4:9a:5f:b4:78:85:18:8b:ad:69:cb:58:56:15:f9: 83:ff:49:95:ec:be:f9:e4:8a:78:68:e4:d2:a2:54:85:8f:0e: 51:02:31:1b:5f:a8:22:cf:fc:e8:09:08:c9:5a:f6:6a:6c:8f: 56:88:12:0c:c1:bb:b5:d3:d9:e5:b8:87:99:1f:52:4b:56:5a: 7b:a4:fe:ba:b4:b5:85:28:0a:d9:64:a8:6f:42:a7:fc:15:3d: 66:2f:cc:1c:54:ab:55:fc:b3:0a:b5:0b:d9:21:85:86:55:d6: ca:87:8e:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzv/fVgYkYz8YUHqKaikivMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmMjNhYjczMDUzMDQ3OTJkYzJjZTgxNzgwYjVkYjg4OWQ4 ZjdmM2EwHhcNMjUxMjA2MTMwMDM1WhcNMjUxMjA3MTMwMDM1WjAzMTEwLwYDVQQD EygzZDcwNjhjYmY0MTg0ZjY3Nzk4YzYzYWUzMWMwYjVkMTM0YTAzNTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TbHro5Eoj0d+yurTNZwQcB+9WvK 9fzOqdt+4AxWKEFrnQW3flzTWrc30UbemIXcU0y/G2dmnNB2hkQ4oRteg5ZAupHa pDnZUMnaPaa2AFj8vq9yte020P/9/qtj6SwmGTR9JTuy3ZtPxodQKXB0GY40umCc pnmIVVjYiK70NCHtvu6wJA/i6tYv1Zy+4t+9u7IvT6oVZ1EKQIbxlLO3Td6FF0w7 RUy7o8H6mIIltai65vbctdOhyhI8vmuCFqO9ftagr42EwukF5Ts284zYBm108I+1 ENhWWN2YXIIvSMWM9vPdO3zFv6bn3eQblsaRuu1xVncs9g0dPsnkCE0cZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1waMv0GE9neYxjrjHAtdE0oDWAMB8GA1UdIwQY MBaAFD8jq3MFMEeS3CzoF4C124idj386MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzIt NjAwMzNkNWIwM2JiLzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzItNjAwMzNkNWIwM2Ji LzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRlcNq2j gD5RJ4U+hvwekBSZrC+VhYwBVczk8UoCkRAk+B4Ygy+E59pry/5gPnzwUoo8v3Ci R3BXC2iWS3tP5MsuLL9L/nxytlAuc1HNrqiEalBtiBeAHy3GnUmpDUywMM9qWX8w m7MYwMh1TTWW+MpVOaSJYH4xX0cvFwdN0WZxssk6Gt/qvu7xgt7aoRjfRluotJpf tHiFGIutactYVhX5g/9Jley++eSKeGjk0qJUhY8OUQIxG1+oIs/86AkIyVr2amyP VogSDMG7tdPZ5biHmR9SS1Zae6T+urS1hSgK2WSob0Kn/BU9Zi/MHFSrVfyzCrUL 2SGFhlXWyoeOrg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:09:57 2025 by rpki-client