This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft File: pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json) Hash identifier: q00u1+K81if7+S+R9tDnBYRNFK+NXx1t5knwBcHgi+Q= Subject key identifier: BF:FA:BC:53:18:AE:BF:33:51:BE:95:B0:75:F7:04:62:36:93:BC:A0 Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B Certificate issuer: /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b Certificate serial: 019B9BC481EBCCD3CA42586EA6DE35746ED7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft Manifest number: 0737 Signing time: Thu 08 Jan 2026 04:01:45 +0000 Manifest this update: Thu 08 Jan 2026 04:01:45 +0000 Manifest next update: Fri 09 Jan 2026 04:01:45 +0000 Files and hashes: 1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: wYQxARElW0oHS3NNQz9tyhBt3uEfZR2UEBjSoKYo8cg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 04:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9b:c4:81:eb:cc:d3:ca:42:58:6e:a6:de:35:74:6e:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b Validity Not Before: Jan 8 04:01:45 2026 GMT Not After : Jan 9 04:01:45 2026 GMT Subject: CN=bffabc5318aebf3351be95b075f704623693bca0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:6c:83:26:ac:68:d9:12:3f:8a:9d:e8:c1:f4: 31:9b:4a:7e:ad:bb:fb:bd:8d:d7:02:2c:60:72:a5: 76:7a:59:db:fb:db:61:d6:7d:19:7b:e5:13:fe:de: 42:3e:b9:39:71:3c:27:86:89:22:95:7d:26:43:bc: be:31:d3:33:8d:c9:d0:81:55:85:57:8c:61:89:66: 1f:04:50:f3:a8:86:f3:53:39:15:c4:67:bd:74:1d: ff:1d:f8:de:23:8c:b2:45:79:79:ff:11:4d:23:64: f6:5b:dd:3c:95:d4:65:14:7e:0f:10:0a:75:fc:18: 5f:6b:42:4c:0d:ad:f9:79:38:94:88:86:4e:d5:1a: 80:fd:d4:e7:37:df:0d:88:fd:fc:05:bc:9a:e7:20: 2f:73:9a:7b:e1:de:61:b5:ff:0b:7c:e8:ae:66:70: b3:de:4d:5c:4d:2f:f4:6f:9e:61:03:d7:ee:3d:cf: ed:b2:fc:7e:44:f5:32:ad:1f:79:bc:e1:0e:92:a6: dc:da:2a:8b:2a:07:b2:60:fb:c4:2f:6c:2f:21:c9: 91:57:1e:07:bd:83:ab:e2:b1:71:73:bf:2b:d2:30: f7:52:9c:10:6f:b3:2d:9b:1b:f4:c2:22:27:82:18: bf:5a:09:6f:c7:ae:54:db:c3:56:dc:57:77:1a:86: cc:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:FA:BC:53:18:AE:BF:33:51:BE:95:B0:75:F7:04:62:36:93:BC:A0 X509v3 Authority Key Identifier: keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:71:31:22:e3:28:7d:a0:52:af:66:59:c7:3c:ed:45:45:92: c1:fc:19:75:60:74:ab:ac:d0:57:29:30:8b:d8:74:8f:5f:df: 35:92:1d:eb:33:35:50:f8:8e:25:4e:35:f2:76:11:59:54:2c: 5b:af:67:25:01:75:e5:15:a3:97:8c:b1:65:a1:24:74:35:84: ea:cc:31:4b:a3:55:5a:f8:3b:b4:22:b0:0c:0c:76:90:35:7c: 66:99:7c:27:b8:4b:4a:18:58:a6:62:3d:f7:89:f4:f5:fb:cc: 4c:00:34:d2:29:34:d7:2b:37:50:83:f8:86:9b:d1:d8:d6:32: ef:63:e3:75:c1:20:5c:02:13:d0:f1:aa:b8:0b:45:54:78:10: 69:9e:60:67:82:8a:bc:13:1f:38:4f:18:b8:28:56:28:16:5d: a6:93:2c:09:be:3e:98:7a:af:29:84:14:66:06:b1:05:49:59: 17:8f:14:bb:cb:62:d9:23:c2:b9:73:ff:a0:c0:b4:6a:71:33: ac:39:47:43:77:42:8d:2f:a5:5e:59:7b:2c:4d:49:11:b8:f0: bf:bd:74:f4:c6:af:14:c7:96:a8:94:fc:6c:88:7f:ba:c4:28: e3:93:c5:35:7d:81:04:81:ad:4b:b8:cc:fc:b3:4e:32:f1:8e: 9b:75:09:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZubxIHrzNPKQlhupt41dG7XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1 NGM2MGIwHhcNMjYwMTA4MDQwMTQ1WhcNMjYwMTA5MDQwMTQ1WjAzMTEwLwYDVQQD EyhiZmZhYmM1MzE4YWViZjMzNTFiZTk1YjA3NWY3MDQ2MjM2OTNiY2EwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2yDJqxo2RI/ip3owfQxm0p+rbv7 vY3XAixgcqV2elnb+9th1n0Ze+UT/t5CPrk5cTwnhokilX0mQ7y+MdMzjcnQgVWF V4xhiWYfBFDzqIbzUzkVxGe9dB3/HfjeI4yyRXl5/xFNI2T2W908ldRlFH4PEAp1 /Bhfa0JMDa35eTiUiIZO1RqA/dTnN98NiP38Bbya5yAvc5p74d5htf8LfOiuZnCz 3k1cTS/0b55hA9fuPc/tsvx+RPUyrR95vOEOkqbc2iqLKgeyYPvEL2wvIcmRVx4H vYOr4rFxc78r0jD3UpwQb7Mtmxv0wiInghi/Wglvx65U28NW3Fd3GobMZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/6vFMYrr8zUb6VsHX3BGI2k7ygMB8GA1UdIwQY MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5 LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm3ExIuMo faBSr2ZZxzztRUWSwfwZdWB0q6zQVykwi9h0j1/fNZId6zM1UPiOJU418nYRWVQs W69nJQF15RWjl4yxZaEkdDWE6swxS6NVWvg7tCKwDAx2kDV8Zpl8J7hLShhYpmI9 94n09fvMTAA00ik01ys3UIP4hpvR2NYy72PjdcEgXAIT0PGquAtFVHgQaZ5gZ4KK vBMfOE8YuChWKBZdppMsCb4+mHqvKYQUZgaxBUlZF48Uu8ti2SPCuXP/oMC0anEz rDlHQ3dCjS+lXll7LE1JEbjwv7109MavFMeWqJT8bIh/usQo45PFNX2BBIGtS7jM /LNOMvGOm3UJbA== -----END CERTIFICATE-----Generated at Thu Jan 8 13:48:16 2026 by rpki-client