This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft File: PnpcKTN0JfqBOVVRcmyMK35MUIc.mft (raw, json) Hash identifier: 40HCkGhcSeHzf5+6D1MWfZpWMweNqa9lnPb8pGQUnu0= Subject key identifier: B9:5D:21:2A:85:0A:41:66:8E:26:BA:1D:A6:7C:F7:DD:AC:BF:B5:1D Authority key identifier: 3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87 Certificate issuer: /CN=3e7a5c29337425fa81395551726c8c2b7e4c5087 Certificate serial: 019AF19B32F46E7372E9F6767C0BF19FA4E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft Manifest number: 04A9 Signing time: Sat 06 Dec 2025 03:01:11 +0000 Manifest this update: Sat 06 Dec 2025 03:01:11 +0000 Manifest next update: Sun 07 Dec 2025 03:01:11 +0000 Files and hashes: 1: PnpcKTN0JfqBOVVRcmyMK35MUIc.crl (hash: Awhrd9kFz+PDeIfK34+FQUfyFxuVvcP7sHb4QeOf288=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:32:f4:6e:73:72:e9:f6:76:7c:0b:f1:9f:a4:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e7a5c29337425fa81395551726c8c2b7e4c5087 Validity Not Before: Dec 6 03:01:11 2025 GMT Not After : Dec 7 03:01:11 2025 GMT Subject: CN=b95d212a850a41668e26ba1da67cf7ddacbfb51d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ae:15:5d:68:60:d3:27:ce:6e:9b:bc:de:71: 14:8c:65:af:2a:a0:94:8e:b6:3a:7c:70:9b:48:00: fa:e3:67:09:f3:49:c7:94:68:22:b7:69:e8:a9:f7: 15:73:9c:72:59:7e:c8:29:24:80:77:ad:20:7a:ae: 76:30:b4:b2:6f:23:c5:7b:d6:17:03:39:cd:ed:d7: 8b:d6:2c:dd:b6:4b:9d:ad:3c:5a:32:34:e0:dc:1e: 4b:7c:4e:e6:cd:63:de:b0:db:e9:49:da:ad:68:af: 33:62:47:8c:cd:50:1c:7d:34:a7:92:08:9e:22:f5: 3e:40:27:5e:6e:a9:a1:44:58:a5:d5:7d:0c:cd:84: ee:49:be:a3:a6:80:14:39:33:fa:47:f6:14:9a:77: d7:a1:f1:a6:9b:d0:1c:4e:e8:a9:e6:42:97:7e:85: c5:f5:18:14:0c:ce:fd:9e:27:6e:b4:c8:7c:1f:1a: 00:a2:34:94:b3:eb:1f:19:6b:7d:89:14:6b:76:63: b3:8c:d0:ed:88:5b:85:9a:d9:0b:f1:4c:c8:7a:bf: 8b:32:97:3e:d3:43:9f:29:06:80:d8:af:54:e7:ef: d6:e6:4f:e1:44:6b:da:97:b2:55:16:b8:e0:6f:aa: 96:2f:fc:24:d7:6f:60:d7:52:8f:af:c3:d9:09:23: 3a:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:5D:21:2A:85:0A:41:66:8E:26:BA:1D:A6:7C:F7:DD:AC:BF:B5:1D X509v3 Authority Key Identifier: keyid:3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:10:8e:73:39:92:f3:0b:04:50:1d:96:80:f9:03:8b:fc:a6: 42:94:48:e7:3e:46:cf:90:c1:fb:45:83:3f:22:fc:87:d9:8d: de:25:29:4e:3d:d6:9f:28:72:2d:dd:00:a0:1c:ba:bb:f9:ff: 47:c3:31:08:1c:5a:f3:ed:62:b8:4f:e5:bc:f1:52:b0:a9:dd: 40:e3:14:26:a4:94:49:9b:8b:5f:4d:55:f1:1f:95:32:33:78: ee:19:73:a7:67:67:5c:f6:91:5e:d3:48:14:58:9e:af:5b:6f: 9a:c2:bc:36:b0:06:dd:6b:5a:c9:17:ce:32:6c:35:08:4f:46: 14:32:78:40:10:60:0e:ab:da:e7:b3:78:78:aa:4c:91:c0:9e: 2c:4d:37:26:f4:47:d3:42:56:fb:e4:57:9b:ea:cd:cd:b2:d1: d2:aa:ef:f5:12:b0:78:98:ff:69:e2:a1:66:12:c3:a1:9d:f2: fd:5d:cf:ba:44:20:7e:9a:e7:52:d6:25:db:d2:5b:6d:f3:6e: c2:b1:9c:fa:1c:4d:d7:9f:1c:2f:ea:02:db:d6:95:e8:47:3c: 60:a1:fc:23:de:96:cb:ce:21:1c:51:cc:91:2b:cd:f5:c5:07: 89:6a:c8:73:48:ce:52:f2:67:bb:df:16:97:01:4c:4d:ab:3a: ba:11:d6:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmzL0bnNy6fZ2fAvxn6TmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlN2E1YzI5MzM3NDI1ZmE4MTM5NTU1MTcyNmM4YzJiN2U0 YzUwODcwHhcNMjUxMjA2MDMwMTExWhcNMjUxMjA3MDMwMTExWjAzMTEwLwYDVQQD EyhiOTVkMjEyYTg1MGE0MTY2OGUyNmJhMWRhNjdjZjdkZGFjYmZiNTFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq4VXWhg0yfObpu83nEUjGWvKqCU jrY6fHCbSAD642cJ80nHlGgit2noqfcVc5xyWX7IKSSAd60geq52MLSybyPFe9YX AznN7deL1izdtkudrTxaMjTg3B5LfE7mzWPesNvpSdqtaK8zYkeMzVAcfTSnkgie IvU+QCdebqmhRFil1X0MzYTuSb6jpoAUOTP6R/YUmnfXofGmm9AcTuip5kKXfoXF 9RgUDM79nidutMh8HxoAojSUs+sfGWt9iRRrdmOzjNDtiFuFmtkL8UzIer+LMpc+ 00OfKQaA2K9U5+/W5k/hRGval7JVFrjgb6qWL/wk129g11KPr8PZCSM6pQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLldISqFCkFmjia6HaZ8992sv7UdMB8GA1UdIwQY MBaAFD56XCkzdCX6gTlVUXJsjCt+TFCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQt Y2FhMzI5MTgxOTY0LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQtY2FhMzI5MTgxOTY0 LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhCOczmS 8wsEUB2WgPkDi/ymQpRI5z5Gz5DB+0WDPyL8h9mN3iUpTj3WnyhyLd0AoBy6u/n/ R8MxCBxa8+1iuE/lvPFSsKndQOMUJqSUSZuLX01V8R+VMjN47hlzp2dnXPaRXtNI FFier1tvmsK8NrAG3WtayRfOMmw1CE9GFDJ4QBBgDqva57N4eKpMkcCeLE03JvRH 00JW++RXm+rNzbLR0qrv9RKweJj/aeKhZhLDoZ3y/V3PukQgfprnUtYl29JbbfNu wrGc+hxN158cL+oC29aV6Ec8YKH8I96Wy84hHFHMkSvN9cUHiWrIc0jOUvJnu98W lwFMTas6uhHWjQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:57:26 2025 by rpki-client