This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft File: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft (raw, json) Hash identifier: +o5kqytrzXbQhF8EpW/sd9Aw/ho/t0bthQBuHB09eLw= Subject key identifier: 34:EF:04:09:1F:83:56:64:F9:95:05:A5:31:E6:40:3F:D3:36:42:34 Authority key identifier: 3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73 Certificate issuer: /CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773 Certificate serial: 019B45B8A49D6D9536D2C2C27AAAAE1DBBCF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft Manifest number: 0A54 Signing time: Mon 22 Dec 2025 11:01:27 +0000 Manifest this update: Mon 22 Dec 2025 11:01:27 +0000 Manifest next update: Tue 23 Dec 2025 11:01:27 +0000 Files and hashes: 1: JD1ZF1XWLuEfY_xZK_HiSB-W5Sc.roa (hash: tU/SgRvLeOcLILG1M49HHg6nzxCmwlwyRSULttNgB8k=) 2: PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl (hash: XiW0swq+OFsY3IcsMPvkqnufFJq6ZT6taHBLxb1v2Ks=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:b8:a4:9d:6d:95:36:d2:c2:c2:7a:aa:ae:1d:bb:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773 Validity Not Before: Dec 22 11:01:27 2025 GMT Not After : Dec 23 11:01:27 2025 GMT Subject: CN=34ef04091f835664f99505a531e6403fd3364234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:9e:fc:06:1a:ee:b1:80:12:dd:d6:2f:5a:15: 94:47:9a:af:2c:80:a5:8c:4a:db:34:95:a0:33:53: 5d:b9:bb:90:7f:00:8b:67:9b:8a:a1:8c:9e:77:34: 24:b4:04:67:bd:ac:7e:0a:14:96:7d:cb:04:00:ce: 99:0d:de:ca:d1:e5:77:9c:95:e3:b8:fe:f8:66:45: ea:c5:b6:20:cb:1e:d4:dc:0a:c8:36:da:a3:d6:d1: 98:07:3c:78:1d:19:8a:fc:86:5d:35:1a:da:b6:63: b7:a5:e9:8a:af:3b:97:12:85:7e:d5:4f:61:94:ff: 9a:21:1e:d6:64:eb:e7:2d:fd:b5:b6:dc:3b:e9:8f: 7e:be:fb:da:b5:96:04:12:86:32:44:e8:4d:b8:02: 4e:9d:7f:01:63:81:46:c6:49:aa:f1:82:db:bb:f1: d1:57:47:84:33:2e:98:94:6e:fd:55:d6:de:04:34: 97:e6:e7:f8:3b:4c:31:37:36:bc:3b:96:5b:4f:c1: f2:cb:23:47:95:0f:03:7b:61:4a:02:85:24:ca:47: fb:29:ba:29:b4:f6:04:5d:a6:ca:88:b1:df:87:65: 3b:2f:ed:e1:5d:8a:57:bf:0a:d8:8a:69:5b:9a:07: 49:09:e3:88:fd:d1:07:50:a4:74:6d:46:7e:91:27: 3b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:EF:04:09:1F:83:56:64:F9:95:05:A5:31:E6:40:3F:D3:36:42:34 X509v3 Authority Key Identifier: keyid:3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:b6:8a:eb:f5:f7:94:ae:ac:78:e8:1b:72:89:d5:19:ca:8e: d2:0b:64:2b:7f:7a:75:7f:8a:d9:6a:a4:83:d0:ac:e8:46:e2: 05:be:7d:d8:31:af:cb:06:78:e0:cd:81:14:3c:9d:04:e7:74: 83:1b:21:ad:d1:97:61:70:f9:19:10:8b:3a:9c:46:01:6d:bc: 2c:80:6e:86:6e:22:46:f0:4d:91:d3:d7:3e:e8:c4:8c:86:c2: cf:1c:18:e5:1d:28:aa:0a:be:7e:1f:ab:88:59:3a:22:4a:d1: 6f:76:d1:70:39:68:0d:78:9b:95:be:ac:cd:0b:dd:a3:de:e3: 28:5e:fb:22:b1:32:ce:6a:b4:b2:5e:58:a4:f3:c3:2b:8f:fc: ce:77:18:73:ca:36:78:95:d1:18:f5:a5:32:e0:78:4a:a7:49: 5b:5c:58:3f:d4:c4:3a:4b:a3:6a:8e:4c:cc:9a:a0:65:06:ff: 66:e0:0e:cf:c9:f2:3e:8f:e4:26:05:b7:42:6b:bb:77:25:7f: 5f:7f:be:b5:64:c1:fa:32:05:df:64:c6:0e:9c:8f:8f:76:85: 76:ed:1b:53:a1:29:cf:f0:ff:4a:b3:68:05:a5:eb:eb:e5:c5: a8:4f:78:34:c0:91:68:4b:0e:44:47:d7:7d:6f:9b:52:81:39: a3:3d:cc:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFuKSdbZU20sLCeqquHbvPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkODk3YmQ4YzZkZjFjYjcxNDEwZmUxOTRiZWQ3MzlhMmY4 YTY3NzMwHhcNMjUxMjIyMTEwMTI3WhcNMjUxMjIzMTEwMTI3WjAzMTEwLwYDVQQD EygzNGVmMDQwOTFmODM1NjY0Zjk5NTA1YTUzMWU2NDAzZmQzMzY0MjM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2578BhrusYAS3dYvWhWUR5qvLICl jErbNJWgM1NdubuQfwCLZ5uKoYyedzQktARnvax+ChSWfcsEAM6ZDd7K0eV3nJXj uP74ZkXqxbYgyx7U3ArINtqj1tGYBzx4HRmK/IZdNRratmO3pemKrzuXEoV+1U9h lP+aIR7WZOvnLf21ttw76Y9+vvvatZYEEoYyROhNuAJOnX8BY4FGxkmq8YLbu/HR V0eEMy6YlG79VdbeBDSX5uf4O0wxNza8O5ZbT8HyyyNHlQ8De2FKAoUkykf7Kbop tPYEXabKiLHfh2U7L+3hXYpXvwrYimlbmgdJCeOI/dEHUKR0bUZ+kSc7CwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDTvBAkfg1Zk+ZUFpTHmQD/TNkI0MB8GA1UdIwQY MBaAFD2Je9jG3xy3FBD+GUvtc5ovimdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzkt ZjlmOTIxNTBjZDM5LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzktZjlmOTIxNTBjZDM5 LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADbaK6/X3 lK6seOgbconVGcqO0gtkK396dX+K2Wqkg9Cs6EbiBb592DGvywZ44M2BFDydBOd0 gxshrdGXYXD5GRCLOpxGAW28LIBuhm4iRvBNkdPXPujEjIbCzxwY5R0oqgq+fh+r iFk6IkrRb3bRcDloDXiblb6szQvdo97jKF77IrEyzmq0sl5YpPPDK4/8zncYc8o2 eJXRGPWlMuB4SqdJW1xYP9TEOkujao5MzJqgZQb/ZuAOz8nyPo/kJgW3Qmu7dyV/ X3++tWTB+jIF32TGDpyPj3aFdu0bU6Epz/D/SrNoBaXr6+XFqE94NMCRaEsOREfX fW+bUoE5oz3M5w== -----END CERTIFICATE-----Generated at Mon Dec 22 12:13:45 2025 by rpki-client