This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft File: PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json) Hash identifier: 471KnyxcOG4X93GI6zYMtQnDSBo2O5AYD7UT22lOoFw= Subject key identifier: 86:31:1C:E7:4D:93:4D:70:90:E8:11:80:A3:FD:91:A8:BF:7C:52:60 Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6 Certificate issuer: /CN=3c59555ec232826c7dd6d9a926b53602837949f6 Certificate serial: 019AF2ADEE3EE1FD839E721FE0E1DF8C558E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft Manifest number: 0316 Signing time: Sat 06 Dec 2025 08:01:16 +0000 Manifest this update: Sat 06 Dec 2025 08:01:16 +0000 Manifest next update: Sun 07 Dec 2025 08:01:16 +0000 Files and hashes: 1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: KA6yVt7rteChiUiHqWLGAG4gxpbkoppxavUlVkkviyw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:ee:3e:e1:fd:83:9e:72:1f:e0:e1:df:8c:55:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6 Validity Not Before: Dec 6 08:01:16 2025 GMT Not After : Dec 7 08:01:16 2025 GMT Subject: CN=86311ce74d934d7090e81180a3fd91a8bf7c5260 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:27:61:bb:8a:59:50:82:e4:54:f2:91:20:d7: 34:2d:56:4a:bc:1f:cc:2c:d9:0a:b6:3d:8f:08:49: 0d:c1:c5:a3:e0:cd:da:d8:86:bf:dd:8f:48:7f:81: 5a:40:a9:ad:24:b5:0b:78:c8:cd:d5:ff:76:f3:41: 26:ba:b4:f7:48:e3:96:cd:7c:78:ef:08:d3:42:2c: 33:fb:60:b2:9f:a4:41:9b:a5:81:6d:90:30:ae:bd: 28:4d:71:29:99:0b:6b:18:18:d3:f9:82:fa:77:8e: 78:25:d6:d1:66:4c:85:b6:4a:02:2d:f2:38:98:4d: ce:ca:e4:53:39:b5:0f:50:22:94:f0:68:7f:32:94: 1f:40:d4:02:ea:75:ec:ff:99:d9:d7:b1:3a:c2:5f: 4d:df:07:44:92:5f:72:5b:63:95:35:34:5f:a6:1d: 5d:06:fd:d5:19:3d:19:8e:e9:9f:e6:03:4d:41:07: 74:fd:0f:0e:15:f4:ad:64:3d:14:d3:55:38:35:bd: e5:23:b5:75:0d:76:c8:6b:d6:f6:fb:be:62:3e:26: 30:19:dd:34:3b:d7:3c:43:23:7c:6f:dc:cd:55:5b: ad:ff:2b:b7:4a:e6:34:5b:cf:02:12:9d:e1:70:7e: f1:40:ea:a6:be:01:d2:45:2f:18:a2:e4:11:48:47: e3:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:31:1C:E7:4D:93:4D:70:90:E8:11:80:A3:FD:91:A8:BF:7C:52:60 X509v3 Authority Key Identifier: keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:0f:e4:46:cc:7c:d0:38:a7:e4:10:d5:60:db:bb:8b:c2:06: c9:c5:2d:c6:2d:af:5f:ba:32:96:b0:31:7f:0e:74:03:eb:e9: 81:38:9e:52:c6:4c:23:9c:e2:3e:22:98:e8:f7:12:29:b3:08: 78:0a:9c:3c:ad:00:6e:5e:60:3d:28:9a:5d:01:05:d8:10:3c: 8b:38:47:6b:d8:fb:74:3e:f1:de:58:c4:db:d8:de:77:a6:22: 38:e1:95:2e:82:b3:55:60:3f:b7:93:73:89:0a:66:fb:d8:04: 28:41:d5:32:67:f6:54:b7:85:4a:0a:08:3a:1b:52:f3:8f:2e: 44:72:f6:26:db:f7:c3:a1:91:75:a0:65:0e:6c:aa:b7:01:3e: 6c:fe:d9:4e:bb:b4:1e:4c:37:fc:e3:a5:3c:ab:c7:96:6e:0b: b8:a5:44:c6:14:17:84:84:25:3a:30:6d:0d:b7:72:de:4f:90: cd:d1:b0:2a:74:55:a3:52:bb:a7:8c:4f:34:e7:bc:4f:3d:77: 67:38:78:3f:05:7d:5c:78:51:74:ea:f4:8d:5d:2d:28:ed:f9: c0:5d:77:8b:a9:b0:a5:a7:c3:86:23:f1:c1:cd:19:67:55:59: 40:7e:ed:cf:1a:a3:37:6f:4f:71:28:aa:5a:d8:13:b2:75:7a: e4:58:06:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryre4+4f2DnnIf4OHfjFWOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3 OTQ5ZjYwHhcNMjUxMjA2MDgwMTE2WhcNMjUxMjA3MDgwMTE2WjAzMTEwLwYDVQQD Eyg4NjMxMWNlNzRkOTM0ZDcwOTBlODExODBhM2ZkOTFhOGJmN2M1MjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSdhu4pZUILkVPKRINc0LVZKvB/M LNkKtj2PCEkNwcWj4M3a2Ia/3Y9If4FaQKmtJLULeMjN1f9280EmurT3SOOWzXx4 7wjTQiwz+2Cyn6RBm6WBbZAwrr0oTXEpmQtrGBjT+YL6d454JdbRZkyFtkoCLfI4 mE3OyuRTObUPUCKU8Gh/MpQfQNQC6nXs/5nZ17E6wl9N3wdEkl9yW2OVNTRfph1d Bv3VGT0Zjumf5gNNQQd0/Q8OFfStZD0U01U4Nb3lI7V1DXbIa9b2+75iPiYwGd00 O9c8QyN8b9zNVVut/yu3SuY0W88CEp3hcH7xQOqmvgHSRS8YouQRSEfjRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIYxHOdNk01wkOgRgKP9kai/fFJgMB8GA1UdIwQY MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5 LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYQ/kRsx8 0Din5BDVYNu7i8IGycUtxi2vX7oylrAxfw50A+vpgTieUsZMI5ziPiKY6PcSKbMI eAqcPK0Abl5gPSiaXQEF2BA8izhHa9j7dD7x3ljE29jed6YiOOGVLoKzVWA/t5Nz iQpm+9gEKEHVMmf2VLeFSgoIOhtS848uRHL2Jtv3w6GRdaBlDmyqtwE+bP7ZTru0 Hkw3/OOlPKvHlm4LuKVExhQXhIQlOjBtDbdy3k+QzdGwKnRVo1K7p4xPNOe8Tz13 Zzh4PwV9XHhRdOr0jV0tKO35wF13i6mwpafDhiPxwc0ZZ1VZQH7tzxqjN29PcSiq WtgTsnV65FgGNA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:15:34 2025 by rpki-client