This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft File: PqlK-DEYyT_-izYnXtU0mU1not0.mft (raw, json) Hash identifier: q0kzbPiiznq2WGbCLVoHVsPKuEcunYaSgDzxtNd+iys= Subject key identifier: A3:74:29:93:B1:79:49:94:46:2C:AF:24:10:CC:F3:34:F9:DD:A6:1F Authority key identifier: 3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD Certificate issuer: /CN=3ea94af83118c93ffe8b36275ed534994d67a2dd Certificate serial: 019AF0513B195CBBDCE7F903B9A39ED170FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft Manifest number: 1351 Signing time: Fri 05 Dec 2025 21:00:46 +0000 Manifest this update: Fri 05 Dec 2025 21:00:46 +0000 Manifest next update: Sat 06 Dec 2025 21:00:46 +0000 Files and hashes: 1: PqlK-DEYyT_-izYnXtU0mU1not0.crl (hash: mC0juT8QHvfeCsex4iYLXCgIzeUngDkNb3AboQQH+8g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:3b:19:5c:bb:dc:e7:f9:03:b9:a3:9e:d1:70:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ea94af83118c93ffe8b36275ed534994d67a2dd Validity Not Before: Dec 5 21:00:46 2025 GMT Not After : Dec 6 21:00:46 2025 GMT Subject: CN=a3742993b1794994462caf2410ccf334f9dda61f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:2d:90:89:76:97:bf:08:69:81:c8:7e:f1:62: 84:a3:49:74:85:83:a1:0e:9e:d4:f4:1a:55:ca:26: dc:d8:15:f9:47:26:4c:2e:9d:21:ef:2a:42:62:e6: 7c:5b:89:c8:97:13:06:3d:69:45:a0:6b:4d:ff:be: 44:2d:51:7c:a3:cf:c1:85:ba:29:c0:23:a1:da:f7: a9:b4:7a:97:96:44:df:30:73:aa:03:dc:b1:a1:06: f1:5d:2c:f1:23:24:e8:f2:68:b2:70:c1:1d:88:dc: ad:13:7f:2a:14:52:36:05:5f:4c:1b:2e:95:c7:b6: be:93:41:4b:42:9f:df:ca:69:49:49:6c:fc:d9:c8: d1:02:f1:d1:73:11:a9:f3:da:06:58:ff:e0:ec:21: 61:9e:c0:7b:30:16:68:4b:bf:fa:dd:f3:7a:eb:c3: 6b:20:3f:2b:b7:cd:5f:ea:e2:71:c0:eb:fe:fb:3c: 5f:f8:28:8f:51:36:5c:d7:c9:2e:68:41:61:55:2f: 35:1a:e3:d2:aa:60:82:dc:76:af:b0:01:92:68:a4: 66:d0:ea:7b:70:f9:bf:9d:f8:27:b3:9d:88:cd:b8: 93:85:58:0c:10:96:8f:4d:b1:c6:a9:5a:9d:7f:c2: d8:e7:2a:3b:03:0a:0c:e5:bd:a0:66:17:f1:6d:31: 5a:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:74:29:93:B1:79:49:94:46:2C:AF:24:10:CC:F3:34:F9:DD:A6:1F X509v3 Authority Key Identifier: keyid:3E:A9:4A:F8:31:18:C9:3F:FE:8B:36:27:5E:D5:34:99:4D:67:A2:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqlK-DEYyT_-izYnXtU0mU1not0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ff4191-b9f3-4382-bee1-2957afb14794/1/PqlK-DEYyT_-izYnXtU0mU1not0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d9:5f:9d:56:86:25:bc:50:d1:76:f3:33:1d:0c:42:20:89:ca: e4:2e:9c:cc:1b:2b:b7:35:67:11:e4:ad:90:10:30:b8:12:f6: 4a:29:77:55:70:42:bf:73:a5:1b:b7:84:da:96:ec:6d:c0:50: be:7c:a2:d6:a9:b4:80:47:79:68:1f:fd:64:a0:fb:dd:df:85: 6e:b7:78:9e:0c:9b:95:be:a3:f6:d5:92:3c:de:68:3a:21:3b: ee:be:f3:9a:c3:f2:7e:13:7d:fd:49:3e:65:47:3f:33:7b:ce: 78:11:0c:89:df:c4:8b:8b:de:f8:08:f5:6e:01:4c:c7:43:a2: f6:00:fb:f7:3a:77:88:f5:56:30:c6:fc:3b:47:7b:d0:4c:f0: 40:42:5a:55:54:4e:ea:8a:bf:29:da:5c:28:dc:1f:e4:3f:2f: d5:a8:1a:0c:57:c5:22:ef:c0:c4:df:6c:71:76:09:38:97:b5: f3:df:6c:38:b6:02:32:4b:02:00:1e:82:32:57:1d:55:a9:69: 4b:57:76:52:c0:ce:bc:44:ee:b2:0f:3e:f6:e9:51:2b:26:3f: d0:05:0c:2c:77:66:4d:34:c3:1e:bd:90:fe:10:c5:bb:a6:b8: 9d:98:84:c0:b3:b6:73:41:58:41:cf:8b:e9:e1:79:a6:43:3f: 4b:66:b8:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUTsZXLvc5/kDuaOe0XD8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYTk0YWY4MzExOGM5M2ZmZThiMzYyNzVlZDUzNDk5NGQ2 N2EyZGQwHhcNMjUxMjA1MjEwMDQ2WhcNMjUxMjA2MjEwMDQ2WjAzMTEwLwYDVQQD EyhhMzc0Mjk5M2IxNzk0OTk0NDYyY2FmMjQxMGNjZjMzNGY5ZGRhNjFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i2QiXaXvwhpgch+8WKEo0l0hYOh Dp7U9BpVyibc2BX5RyZMLp0h7ypCYuZ8W4nIlxMGPWlFoGtN/75ELVF8o8/Bhbop wCOh2veptHqXlkTfMHOqA9yxoQbxXSzxIyTo8miycMEdiNytE38qFFI2BV9MGy6V x7a+k0FLQp/fymlJSWz82cjRAvHRcxGp89oGWP/g7CFhnsB7MBZoS7/63fN668Nr ID8rt81f6uJxwOv++zxf+CiPUTZc18kuaEFhVS81GuPSqmCC3HavsAGSaKRm0Op7 cPm/nfgns52IzbiThVgMEJaPTbHGqVqdf8LY5yo7AwoM5b2gZhfxbTFagwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKN0KZOxeUmURiyvJBDM8zT53aYfMB8GA1UdIwQY MBaAFD6pSvgxGMk//os2J17VNJlNZ6LdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEt Mjk1N2FmYjE0Nzk0LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC9mZjQxOTEtYjlmMy00MzgyLWJlZTEtMjk1N2FmYjE0Nzk0 LzEvUHFsSy1ERVl5VF8taXpZblh0VTBtVTFub3QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2V+dVoYl vFDRdvMzHQxCIInK5C6czBsrtzVnEeStkBAwuBL2Sil3VXBCv3OlG7eE2pbsbcBQ vnyi1qm0gEd5aB/9ZKD73d+Fbrd4ngyblb6j9tWSPN5oOiE77r7zmsPyfhN9/Uk+ ZUc/M3vOeBEMid/Ei4ve+Aj1bgFMx0Oi9gD79zp3iPVWMMb8O0d70EzwQEJaVVRO 6oq/KdpcKNwf5D8v1agaDFfFIu/AxN9scXYJOJe1899sOLYCMksCAB6CMlcdValp S1d2UsDOvETusg8+9ulRKyY/0AUMLHdmTTTDHr2Q/hDFu6a4nZiEwLO2c0FYQc+L 6eF5pkM/S2a40A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:45 2025 by rpki-client