This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json) Hash identifier: j6gCK/r8BGvC5xq83VnYHU192P5golNoCOPehx8VGR4= Subject key identifier: 58:94:3C:6C:67:EF:0D:1D:25:B7:93:C3:8F:23:5A:89:D4:DF:73:19 Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Certificate serial: 019B62B03B9A0544E9E9CB99BD19AF55377D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft Manifest number: 0AF9 Signing time: Sun 28 Dec 2025 02:01:15 +0000 Manifest this update: Sun 28 Dec 2025 02:01:15 +0000 Manifest next update: Mon 29 Dec 2025 02:01:15 +0000 Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=) 2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: LXae2Vpt2l48w0rxfEL2+xQH6xh/Gv2fZj+NpqHbSmQ=) 3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:62:b0:3b:9a:05:44:e9:e9:cb:99:bd:19:af:55:37:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Validity Not Before: Dec 28 02:01:15 2025 GMT Not After : Dec 29 02:01:15 2025 GMT Subject: CN=58943c6c67ef0d1d25b793c38f235a89d4df7319 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e6:e4:5e:20:e8:99:a7:d6:ae:e5:94:1a:1a: 03:8f:f6:10:bf:78:0c:1a:46:9d:fe:e1:94:1e:ea: a0:ab:53:4f:43:f5:d8:37:7e:60:dd:fc:4e:dc:c5: d4:1f:46:11:86:0d:ff:67:de:ca:b3:7f:2b:09:46: b2:26:ed:1e:1a:40:f9:2b:31:1d:b9:e9:07:d7:a0: 89:67:e1:b7:64:17:79:15:be:cd:dd:22:bd:e7:a3: 3a:87:de:32:f0:3e:dd:1b:e8:5f:fd:7a:69:ed:cb: 63:5b:30:c5:81:7b:dc:7a:3b:b0:fb:77:7e:5e:7a: 7c:b7:9a:fa:05:8e:11:08:03:78:19:fb:43:54:13: 14:16:21:ff:95:de:9a:7c:77:b9:24:ff:8b:e2:43: 7a:8d:20:16:bc:49:d7:12:da:ff:54:e2:ce:77:f6: 59:78:df:1b:63:01:94:bc:17:84:e2:08:5b:e0:61: 7d:7e:57:ce:60:c9:8d:58:47:55:4d:32:f8:83:8c: d2:af:ea:1d:9b:62:8f:33:5a:f2:e0:34:41:48:53: ce:63:04:f7:2d:fe:f4:d7:6e:9e:c2:e8:43:39:ef: 53:2d:b0:80:a5:a8:c1:11:4a:79:ce:ee:83:b5:f3: 41:b7:96:82:c6:90:70:15:c2:99:ba:fb:8a:d2:df: 36:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:94:3C:6C:67:EF:0D:1D:25:B7:93:C3:8F:23:5A:89:D4:DF:73:19 X509v3 Authority Key Identifier: keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:04:77:6c:a7:44:64:e4:18:0a:ab:1d:71:d8:ec:95:7e:24: e8:04:66:0a:4b:1f:a6:31:57:45:df:b7:7e:da:14:9d:3e:3a: 40:b0:9b:59:c1:c3:ee:b7:f9:bf:65:bd:9c:b9:87:b8:53:87: a9:c7:f1:99:3c:ea:73:32:c6:19:f5:76:d0:84:aa:94:7c:6f: e5:f9:58:06:91:7a:c2:01:73:b0:3e:b8:b1:28:0a:33:8e:43: e8:b8:95:b2:82:fb:9c:ba:7c:4d:8a:d1:87:37:09:6a:5e:93: e2:e2:07:85:da:2d:8d:3b:31:0a:31:f0:05:b8:37:15:93:ba: 8e:23:cd:04:a4:15:42:12:e3:37:50:4f:9c:80:02:e3:02:d6: 8a:d7:c3:22:f3:ca:8d:69:de:de:eb:fe:22:c1:8b:73:f8:c0: 2c:1c:4d:bc:ba:1e:22:33:06:f9:ef:ac:a8:b3:58:90:62:1f: 2e:fa:36:7f:cf:50:e8:7a:df:8c:d7:47:65:38:4a:3d:0e:dc: d4:8a:10:9a:92:06:aa:66:cc:d0:1a:84:ce:ea:14:4d:11:b6: 2c:4a:49:aa:bf:67:99:02:b4:cd:dd:a5:df:27:3b:ba:f1:f4: 6d:e8:cd:7d:ac:bb:43:8e:cf:1d:14:9d:eb:75:1c:30:73:f3: bd:0a:83:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtisDuaBUTp6cuZvRmvVTd9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky MThlZjYwHhcNMjUxMjI4MDIwMTE1WhcNMjUxMjI5MDIwMTE1WjAzMTEwLwYDVQQD Eyg1ODk0M2M2YzY3ZWYwZDFkMjViNzkzYzM4ZjIzNWE4OWQ0ZGY3MzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ebkXiDomafWruWUGhoDj/YQv3gM Gkad/uGUHuqgq1NPQ/XYN35g3fxO3MXUH0YRhg3/Z97Ks38rCUayJu0eGkD5KzEd uekH16CJZ+G3ZBd5Fb7N3SK956M6h94y8D7dG+hf/Xpp7ctjWzDFgXvcejuw+3d+ Xnp8t5r6BY4RCAN4GftDVBMUFiH/ld6afHe5JP+L4kN6jSAWvEnXEtr/VOLOd/ZZ eN8bYwGUvBeE4ghb4GF9flfOYMmNWEdVTTL4g4zSr+odm2KPM1ry4DRBSFPOYwT3 Lf70126ewuhDOe9TLbCApajBEUp5zu6DtfNBt5aCxpBwFcKZuvuK0t82ZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFiUPGxn7w0dJbeTw48jWonU33MZMB8GA1UdIwQY MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0 LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhgR3bKdE ZOQYCqsdcdjslX4k6ARmCksfpjFXRd+3ftoUnT46QLCbWcHD7rf5v2W9nLmHuFOH qcfxmTzqczLGGfV20ISqlHxv5flYBpF6wgFzsD64sSgKM45D6LiVsoL7nLp8TYrR hzcJal6T4uIHhdotjTsxCjHwBbg3FZO6jiPNBKQVQhLjN1BPnIAC4wLWitfDIvPK jWne3uv+IsGLc/jALBxNvLoeIjMG+e+sqLNYkGIfLvo2f89Q6HrfjNdHZThKPQ7c 1IoQmpIGqmbM0BqEzuoUTRG2LEpJqr9nmQK0zd2l3yc7uvH0bejNfay7Q47PHRSd 63UcMHPzvQqDpw== -----END CERTIFICATE-----Generated at Sun Dec 28 07:31:33 2025 by rpki-client