This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json) Hash identifier: fznb4w9IwODtdYvdaNbmQdlu+CXm5VKL9pTXQ/mcbPk= Subject key identifier: 4C:6B:34:F2:0F:5A:37:DB:51:B2:20:1B:E3:E0:A3:38:97:1B:B1:61 Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d Certificate serial: 019AF6F829C2EA1C8EEA67AA84A5F32CF5A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft Manifest number: 01F4 Signing time: Sun 07 Dec 2025 04:00:49 +0000 Manifest this update: Sun 07 Dec 2025 04:00:49 +0000 Manifest next update: Mon 08 Dec 2025 04:00:49 +0000 Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: GlnioY+pp+ciWF6xb1tDt0bFt6HFM+KtZzxoqaw7oNA=) 2: wtKFjn0luOKNhpCBH0YWKLpKHKU.roa (hash: Z6YfBfkr08FSM8yJ/BnA5aNSDpKZqhovD8OdV3xTXpI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 04:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f8:29:c2:ea:1c:8e:ea:67:aa:84:a5:f3:2c:f5:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d43340fad246465de8e614d039563a699657d8d Validity Not Before: Dec 7 04:00:49 2025 GMT Not After : Dec 8 04:00:49 2025 GMT Subject: CN=4c6b34f20f5a37db51b2201be3e0a338971bb161 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:2a:ef:ba:85:87:5f:2d:6b:24:20:11:13:d5: 4e:6c:16:39:85:41:09:66:b8:76:16:f3:68:e0:20: d5:80:6b:6f:f9:c9:6b:94:46:20:99:24:5b:bf:47: 72:61:aa:ca:51:34:5b:b3:ff:3b:26:4f:89:d3:85: d7:fd:c7:8e:78:e3:4a:94:09:25:98:4b:7d:9b:d5: bd:c7:e1:c8:bf:c4:63:e9:34:e6:83:c4:67:db:84: 8d:b4:a6:f3:06:d5:c5:29:26:4d:18:09:e5:8a:fa: 9c:f5:43:28:b6:3b:be:37:ec:27:df:7b:d9:17:52: ad:54:76:ef:33:81:86:c5:6c:42:76:62:30:e2:05: ad:67:65:6c:af:a7:5c:2e:93:66:2d:b0:3f:55:eb: 0e:aa:d5:7e:b0:ed:f1:f5:02:0a:0e:66:e5:de:1a: 61:37:59:a7:e5:cd:00:52:f2:66:6c:d5:c4:3f:33: ae:5f:91:42:12:90:de:33:ed:f5:74:e7:83:10:d7: d2:99:83:ab:0d:b1:73:b9:00:bf:d5:7e:b3:af:4e: 67:d0:51:2e:8d:e8:b2:09:a0:b3:3b:b1:d5:24:35: df:dc:d3:a6:b4:0a:2e:3c:9c:fe:b4:73:81:1b:4c: 08:fc:23:84:9d:ae:38:84:08:55:c5:a2:83:92:56: 22:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:6B:34:F2:0F:5A:37:DB:51:B2:20:1B:E3:E0:A3:38:97:1B:B1:61 X509v3 Authority Key Identifier: keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:ab:ea:fc:9c:1c:45:7e:9e:7e:f0:72:ea:f1:74:c6:6e:2a: 69:8d:54:95:1f:47:56:56:17:27:3c:48:2a:2a:be:73:e2:ec: 08:fd:9f:95:37:3e:48:1c:ac:79:46:94:30:f0:f7:87:ba:6d: 32:89:b4:6e:56:5c:2f:c6:65:32:eb:ab:b1:18:2d:c0:57:9b: a3:87:54:77:51:14:07:28:fe:46:0a:d7:f2:f8:cd:ca:a6:56: a5:7b:39:57:66:47:f0:ce:54:0e:54:ca:81:05:d9:b8:eb:82: d4:72:72:7c:bc:7d:8d:d9:1c:eb:44:81:86:eb:7d:f2:69:42: 4c:cb:95:d4:ed:17:d2:4d:ae:37:a4:3a:ea:22:d8:12:ca:8e: b6:b3:b8:e1:63:3d:09:18:e0:72:4a:13:8b:95:20:14:5a:d6: a3:db:d4:25:13:19:a9:a1:50:b3:2a:6c:80:21:b5:80:49:90: 02:47:25:c3:f5:f3:ed:4b:dd:c1:19:9e:94:e8:5d:6f:3f:c6: c3:4e:80:28:29:73:01:fe:d9:f8:3b:75:a5:a7:2f:55:8a:5c: d4:c2:23:cc:ea:bb:69:3e:32:ec:60:0e:b7:14:cf:7b:40:bb: 0f:29:1f:30:73:9c:48:76:fb:5c:22:91:bb:3f:b3:0a:4a:e4: 62:41:7b:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+CnC6hyO6meqhKXzLPWnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2 NTdkOGQwHhcNMjUxMjA3MDQwMDQ5WhcNMjUxMjA4MDQwMDQ5WjAzMTEwLwYDVQQD Eyg0YzZiMzRmMjBmNWEzN2RiNTFiMjIwMWJlM2UwYTMzODk3MWJiMTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryrvuoWHXy1rJCARE9VObBY5hUEJ Zrh2FvNo4CDVgGtv+clrlEYgmSRbv0dyYarKUTRbs/87Jk+J04XX/ceOeONKlAkl mEt9m9W9x+HIv8Rj6TTmg8Rn24SNtKbzBtXFKSZNGAnlivqc9UMotju+N+wn33vZ F1KtVHbvM4GGxWxCdmIw4gWtZ2Vsr6dcLpNmLbA/VesOqtV+sO3x9QIKDmbl3hph N1mn5c0AUvJmbNXEPzOuX5FCEpDeM+31dOeDENfSmYOrDbFzuQC/1X6zr05n0FEu jeiyCaCzO7HVJDXf3NOmtAouPJz+tHOBG0wI/COEna44hAhVxaKDklYiFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFExrNPIPWjfbUbIgG+PgoziXG7FhMB8GA1UdIwQY MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn6vq/Jwc RX6efvBy6vF0xm4qaY1UlR9HVlYXJzxIKiq+c+LsCP2flTc+SByseUaUMPD3h7pt Mom0blZcL8ZlMuursRgtwFebo4dUd1EUByj+RgrX8vjNyqZWpXs5V2ZH8M5UDlTK gQXZuOuC1HJyfLx9jdkc60SBhut98mlCTMuV1O0X0k2uN6Q66iLYEsqOtrO44WM9 CRjgckoTi5UgFFrWo9vUJRMZqaFQsypsgCG1gEmQAkclw/Xz7UvdwRmelOhdbz/G w06AKClzAf7Z+Dt1pacvVYpc1MIjzOq7aT4y7GAOtxTPe0C7DykfMHOcSHb7XCKR uz+zCkrkYkF7Kg== -----END CERTIFICATE-----Generated at Sun Dec 7 10:19:14 2025 by rpki-client