This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft File: PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft (raw, json) Hash identifier: lMtwPycVdcCh9NSOpEyRmYDN1sNvPsH8bacjxJq0uSE= Subject key identifier: 2B:3B:89:DF:04:33:06:B0:88:4D:E6:19:1B:F0:E5:BE:F7:41:E4:CA Authority key identifier: 3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF Certificate issuer: /CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef Certificate serial: 019AF12DDF150314E5E664D5F21A24D2F8DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft Manifest number: 154F Signing time: Sat 06 Dec 2025 01:01:46 +0000 Manifest this update: Sat 06 Dec 2025 01:01:46 +0000 Manifest next update: Sun 07 Dec 2025 01:01:46 +0000 Files and hashes: 1: PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl (hash: iALZqaDjTyJBKGcM0vXhx4u5S1sDJtW9TPRg/D3KXKE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:df:15:03:14:e5:e6:64:d5:f2:1a:24:d2:f8:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef Validity Not Before: Dec 6 01:01:46 2025 GMT Not After : Dec 7 01:01:46 2025 GMT Subject: CN=2b3b89df043306b0884de6191bf0e5bef741e4ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:4e:66:74:17:fe:bf:f0:84:30:b9:cc:80:de: da:a4:a4:a2:a1:16:84:70:b6:6a:18:53:ef:14:7e: 34:29:5a:53:e0:17:0a:b4:4b:53:70:d3:9e:08:09: d7:1c:84:9a:87:48:09:a3:ae:17:a5:09:20:71:63: db:be:d8:4f:e4:37:6e:ba:70:39:e6:c8:1f:2f:ad: 17:0d:52:25:a0:34:ac:ec:90:bf:39:35:cd:64:84: 97:66:64:d5:df:9b:52:3d:fb:29:8a:40:4e:07:8d: 47:ee:da:b9:80:50:ae:de:d7:c4:c0:d6:39:60:2e: 72:d2:42:05:7c:29:02:42:87:d5:b5:a5:2b:f8:d6: 31:42:c0:44:ed:3b:a1:b7:e9:63:01:4d:dc:9e:52: 63:99:0f:f3:c6:a1:96:24:3c:3e:98:46:f3:d7:40: 3c:8e:8e:55:e7:6d:d6:b3:b1:64:b8:04:0f:12:11: 87:fc:ab:bf:3a:9e:64:ce:ec:38:19:89:3c:41:60: e5:aa:c4:bc:2e:8d:a6:d0:18:70:28:7d:54:98:2b: 63:dd:db:06:f8:bc:55:ff:bc:86:87:8e:f1:4d:b7: 4b:80:51:1c:1d:78:62:c1:70:6a:13:e8:26:ad:2a: 1c:16:11:82:2c:e6:f7:76:0a:c1:dc:1a:97:7c:4d: 62:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:3B:89:DF:04:33:06:B0:88:4D:E6:19:1B:F0:E5:BE:F7:41:E4:CA X509v3 Authority Key Identifier: keyid:3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:9b:e7:c6:5c:2d:70:5b:24:87:a8:43:84:1a:23:90:8f:d4: e2:79:e1:84:1f:22:94:e5:7d:23:6a:8c:fe:89:5c:5c:89:42: cb:a9:2b:48:cf:20:31:5f:1f:07:39:8d:2a:13:42:fc:c3:01: a9:05:4f:38:11:c2:9b:f3:f8:d9:4d:d5:83:1e:72:d1:ff:27: df:5e:06:c0:20:92:d1:3d:00:97:b5:5b:6f:e0:4e:99:fd:83: 17:e1:3d:cd:dc:0e:4b:c3:cb:21:c0:fa:68:ec:cd:80:ad:19: df:18:01:1f:5d:0c:03:9c:55:dd:69:89:b7:da:bb:4e:81:ef: dd:8d:34:ab:f4:8f:37:68:64:38:bf:2c:f5:fa:3e:c4:fc:bc: 8e:12:d5:74:81:c8:3d:e1:48:f3:c1:5a:a1:62:d3:e9:fb:52: aa:0b:78:53:d8:1f:32:d5:3e:40:19:b0:09:8e:78:94:ed:86: 6a:bd:5c:aa:32:9e:0c:3f:62:8c:c3:67:3f:11:00:d1:28:54: 1a:89:fe:05:c9:b0:b1:a3:fb:1c:e2:1d:d7:86:fc:fa:58:67: f1:e7:7c:c6:96:40:a3:62:05:5c:60:a8:7b:80:48:4f:f4:a0: 7e:d4:e8:be:cd:a2:b6:13:bf:bd:d6:ac:ea:44:35:07:60:5b: 49:9f:78:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLd8VAxTl5mTV8hok0vjaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkM2Q2OWFiNjJjOGQ4ODI1ZjJiYTRiNDgzZDBlMzkzZTI1 MzRlZWYwHhcNMjUxMjA2MDEwMTQ2WhcNMjUxMjA3MDEwMTQ2WjAzMTEwLwYDVQQD EygyYjNiODlkZjA0MzMwNmIwODg0ZGU2MTkxYmYwZTViZWY3NDFlNGNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw05mdBf+v/CEMLnMgN7apKSioRaE cLZqGFPvFH40KVpT4BcKtEtTcNOeCAnXHISah0gJo64XpQkgcWPbvthP5DduunA5 5sgfL60XDVIloDSs7JC/OTXNZISXZmTV35tSPfspikBOB41H7tq5gFCu3tfEwNY5 YC5y0kIFfCkCQofVtaUr+NYxQsBE7Tuht+ljAU3cnlJjmQ/zxqGWJDw+mEbz10A8 jo5V523Ws7FkuAQPEhGH/Ku/Op5kzuw4GYk8QWDlqsS8Lo2m0BhwKH1UmCtj3dsG +LxV/7yGh47xTbdLgFEcHXhiwXBqE+gmrSocFhGCLOb3dgrB3BqXfE1ixwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCs7id8EMwawiE3mGRvw5b73QeTKMB8GA1UdIwQY MBaAFD09aatiyNiCXyuktIPQ45PiU07vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAt MDcwNWJjY2QxZjJhLzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAtMDcwNWJjY2QxZjJh LzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppvnxlwt cFskh6hDhBojkI/U4nnhhB8ilOV9I2qM/olcXIlCy6krSM8gMV8fBzmNKhNC/MMB qQVPOBHCm/P42U3Vgx5y0f8n314GwCCS0T0Al7Vbb+BOmf2DF+E9zdwOS8PLIcD6 aOzNgK0Z3xgBH10MA5xV3WmJt9q7ToHv3Y00q/SPN2hkOL8s9fo+xPy8jhLVdIHI PeFI88FaoWLT6ftSqgt4U9gfMtU+QBmwCY54lO2Gar1cqjKeDD9ijMNnPxEA0ShU Gon+BcmwsaP7HOId14b8+lhn8ed8xpZAo2IFXGCoe4BIT/SgftTovs2ithO/vdas 6kQ1B2BbSZ94Zg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:10:41 2025 by rpki-client