This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft File: pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json) Hash identifier: TUaSn2ka4v5jLUQRdm69eKjnl76KkRN8oAbm7ZG1ulk= Subject key identifier: F2:15:3A:99:62:34:6F:D1:93:F4:3B:3D:09:4A:04:87:DD:DC:8D:20 Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D Certificate issuer: /CN=a67caa06c0a8f754016e614480bbb3877e40891d Certificate serial: 019AF42E77C00719D3F17A38C0A59FC376DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft Manifest number: 048C Signing time: Sat 06 Dec 2025 15:01:17 +0000 Manifest this update: Sat 06 Dec 2025 15:01:17 +0000 Manifest next update: Sun 07 Dec 2025 15:01:17 +0000 Files and hashes: 1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: 26esgpVGOxVvtRQc9ND6MYBVfTs9dwzMfHbAz9It0yA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:77:c0:07:19:d3:f1:7a:38:c0:a5:9f:c3:76:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d Validity Not Before: Dec 6 15:01:17 2025 GMT Not After : Dec 7 15:01:17 2025 GMT Subject: CN=f2153a9962346fd193f43b3d094a0487dddc8d20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:28:ee:a3:1b:d3:ce:22:1a:0b:7c:48:13:14: 7e:59:66:b7:6d:a0:9a:60:47:ed:c3:a8:11:97:75: f2:1b:86:bd:4a:e0:0d:fb:52:70:20:bd:a2:30:aa: 9f:e9:7b:16:2c:29:ce:b9:2d:1b:05:a5:bf:0b:d7: 91:a5:82:51:36:2c:30:7a:15:aa:a5:43:d3:8d:75: 32:45:cf:59:1b:8c:3d:23:62:23:97:10:2e:da:78: 6c:dd:0f:b2:54:b0:81:80:4f:ef:82:ee:27:e8:f3: 8f:d7:7f:03:06:3d:45:cf:60:94:b9:8c:5a:ec:0f: 44:ab:fe:67:96:5f:5f:ac:49:e0:6f:6e:f5:58:68: 05:d7:70:bf:30:cb:a1:65:b1:f1:e8:c3:e8:4f:96: f6:3b:8a:7f:f0:02:60:c9:98:31:7c:2f:79:3f:65: 9b:51:04:8c:53:ed:ca:d8:2f:30:5d:5e:fa:80:f5: 2c:03:bd:47:bc:0b:a0:43:75:58:10:96:b9:46:29: e7:5e:a4:01:92:a5:f3:e6:7e:3b:22:b0:58:40:6a: 93:16:99:aa:51:cf:87:44:9c:ba:50:22:fa:ec:05: 1a:f0:1a:0e:a8:96:d1:30:bd:c6:f2:8d:70:f4:81: ef:67:54:d1:06:22:3b:f4:53:8b:70:b7:38:9a:c3: 94:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:15:3A:99:62:34:6F:D1:93:F4:3B:3D:09:4A:04:87:DD:DC:8D:20 X509v3 Authority Key Identifier: keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:bb:2d:1a:e1:d3:58:75:a8:42:d4:3e:13:9a:12:00:d2:f9: 6f:d5:e4:24:e4:40:35:c2:eb:a5:b7:24:ae:d1:eb:9d:67:f6: aa:1e:6d:a1:af:2f:04:44:be:ee:d6:c7:7b:82:0b:7c:48:86: c6:5e:d2:c6:ce:fa:93:bd:28:7c:f6:c7:32:eb:a9:de:15:0a: ab:d3:e9:44:4a:9b:24:fd:13:2a:7d:a0:0e:2d:d6:d8:e5:38: 97:91:0e:d7:42:63:97:fb:b8:88:85:02:db:46:e6:5f:34:88: 90:e7:66:91:ab:bf:e2:c5:8a:61:8f:33:eb:5f:34:bf:1b:99: d0:26:2a:8c:a1:db:16:5f:7e:23:90:4f:06:6d:b0:02:df:57: 61:8a:ee:f1:58:0f:b4:a9:70:8b:ef:0d:53:0f:23:e6:20:fd: ca:c8:86:f4:f7:cd:77:00:7b:cf:69:ce:60:c1:d9:2d:fe:26: 9f:dc:15:72:8c:56:0f:8e:23:3a:dd:1b:70:e3:8d:92:6f:21: 23:12:2b:c0:fb:73:7c:e8:35:d3:25:87:d3:0a:43:2d:a0:f6: d3:11:cc:33:fb:68:fc:49:db:fb:ac:f8:f2:c5:71:5f:13:73: 46:09:b5:51:11:9f:b1:8c:60:d4:af:5e:28:20:a7:02:13:0c: 90:89:69:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0LnfABxnT8Xo4wKWfw3baMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0 MDg5MWQwHhcNMjUxMjA2MTUwMTE3WhcNMjUxMjA3MTUwMTE3WjAzMTEwLwYDVQQD EyhmMjE1M2E5OTYyMzQ2ZmQxOTNmNDNiM2QwOTRhMDQ4N2RkZGM4ZDIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyjuoxvTziIaC3xIExR+WWa3baCa YEftw6gRl3XyG4a9SuAN+1JwIL2iMKqf6XsWLCnOuS0bBaW/C9eRpYJRNiwwehWq pUPTjXUyRc9ZG4w9I2IjlxAu2nhs3Q+yVLCBgE/vgu4n6POP138DBj1Fz2CUuYxa 7A9Eq/5nll9frEngb271WGgF13C/MMuhZbHx6MPoT5b2O4p/8AJgyZgxfC95P2Wb UQSMU+3K2C8wXV76gPUsA71HvAugQ3VYEJa5RinnXqQBkqXz5n47IrBYQGqTFpmq Uc+HRJy6UCL67AUa8BoOqJbRML3G8o1w9IHvZ1TRBiI79FOLcLc4msOURwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPIVOpliNG/Rk/Q7PQlKBIfd3I0gMB8GA1UdIwQY MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQbstGuHT WHWoQtQ+E5oSANL5b9XkJORANcLrpbckrtHrnWf2qh5toa8vBES+7tbHe4ILfEiG xl7Sxs76k70ofPbHMuup3hUKq9PpREqbJP0TKn2gDi3W2OU4l5EO10Jjl/u4iIUC 20bmXzSIkOdmkau/4sWKYY8z6180vxuZ0CYqjKHbFl9+I5BPBm2wAt9XYYru8VgP tKlwi+8NUw8j5iD9ysiG9PfNdwB7z2nOYMHZLf4mn9wVcoxWD44jOt0bcOONkm8h IxIrwPtzfOg10yWH0wpDLaD20xHMM/to/Enb+6z48sVxXxNzRgm1URGfsYxg1K9e KCCnAhMMkIlpng== -----END CERTIFICATE-----Generated at Sat Dec 6 20:39:03 2025 by rpki-client