This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft File: pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json) Hash identifier: gxsx6mNvNHkEkfc3khel6+Q8ZvwB0SuTm1jNq1b7Ovc= Subject key identifier: 86:07:8F:45:39:86:8D:74:62:CE:09:A3:5A:57:DB:78:E5:4E:69:0E Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56 Certificate issuer: /CN=a6e91a9d7caef4818674c5d6262813615c89de56 Certificate serial: 019B51BDC343AAD7CFC0292B381DEC801B7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft Manifest number: 1106 Signing time: Wed 24 Dec 2025 19:02:29 +0000 Manifest this update: Wed 24 Dec 2025 19:02:29 +0000 Manifest next update: Thu 25 Dec 2025 19:02:29 +0000 Files and hashes: 1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: zbWtaFDI+N13BnFpC9HIdoVy0QJEnW02tsS9FrDmOew=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bd:c3:43:aa:d7:cf:c0:29:2b:38:1d:ec:80:1b:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56 Validity Not Before: Dec 24 19:02:29 2025 GMT Not After : Dec 25 19:02:29 2025 GMT Subject: CN=86078f4539868d7462ce09a35a57db78e54e690e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:07:9e:43:e7:2d:94:78:67:47:d4:8d:2c:f2: ab:7e:9c:75:08:b3:ec:e2:e7:99:ca:6a:9a:14:99: c2:57:b1:b2:db:27:07:06:16:28:37:18:79:e2:10: 4e:c7:ff:9f:c2:07:ff:2a:09:3d:7d:8e:a1:3e:ac: 4a:ee:f2:e5:3e:05:f1:50:99:77:8a:4c:bb:df:d8: e5:5f:22:2a:9c:3c:ff:30:a1:5f:11:06:4a:7d:b0: 50:e0:1f:f4:c7:1a:2c:16:b3:48:a9:3c:00:a5:30: ef:44:90:ac:5e:58:05:96:fd:c9:8d:9b:47:ae:7b: d6:35:b7:85:dd:cd:af:82:bf:6e:46:b9:c7:dc:bc: c7:d4:53:cc:42:89:14:4f:f9:77:5b:a0:26:e3:5f: a9:d6:2d:fd:ff:19:8a:36:0b:25:3d:50:d1:ee:72: 3a:b6:9e:73:76:0e:cf:5a:a2:91:4c:08:cc:88:77: f2:a2:9f:cc:ad:17:be:49:a2:50:26:32:af:ce:22: f2:9f:2b:de:0b:00:f4:5a:aa:3b:5a:57:9a:9f:cc: c9:7f:1e:c1:d6:46:a3:cc:de:18:c3:65:f2:31:f0: 1c:fe:d7:5e:f1:16:2d:9d:04:c0:40:d5:48:4b:ec: 2d:ca:58:95:a1:c4:48:0b:3c:be:a4:32:7e:e0:a6: 11:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:07:8F:45:39:86:8D:74:62:CE:09:A3:5A:57:DB:78:E5:4E:69:0E X509v3 Authority Key Identifier: keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:5a:c8:6a:d7:40:e4:3c:9a:64:02:c0:c7:fe:fc:6a:b7:d3: 3f:72:0c:ce:68:64:0e:71:54:43:29:57:11:94:b5:84:10:ef: 04:e6:6a:b8:79:b8:b1:c6:01:43:79:b0:fd:4f:39:71:81:5f: ef:3d:89:5f:60:10:b7:2a:d0:8c:0e:8a:70:67:98:a4:27:b7: 4d:c2:73:bb:86:20:6c:d2:bf:82:71:b7:67:ae:60:ec:94:4e: 4e:92:d1:35:4b:53:14:18:dd:69:4f:1a:ad:e7:ea:05:1f:64: 2b:c1:06:b7:7b:24:89:62:c4:55:7f:fc:6d:cf:eb:66:d8:f3: f1:9d:da:5a:d3:c4:4f:21:ef:49:81:2b:f1:b4:82:ad:0a:75: 1e:9e:99:6a:ba:a0:ff:9f:85:7a:0e:e9:e5:17:43:87:8b:32: 0b:2b:c9:7a:44:68:6b:92:b7:7f:ba:15:a2:e9:3e:fd:9c:d4: ba:38:f9:a0:99:40:74:88:e7:e4:05:a7:dc:fc:7f:76:3b:99: 46:a0:70:d0:76:8c:5a:67:16:52:ee:ea:58:47:c1:7d:d4:e7: 15:3c:bb:46:29:04:4e:7f:28:ac:49:13:70:0d:a2:d7:97:88: 5c:90:54:dc:1c:23:fc:bb:20:ce:00:3c:15:76:b9:f0:a0:28: 44:91:18:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvcNDqtfPwCkrOB3sgBt7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4 OWRlNTYwHhcNMjUxMjI0MTkwMjI5WhcNMjUxMjI1MTkwMjI5WjAzMTEwLwYDVQQD Eyg4NjA3OGY0NTM5ODY4ZDc0NjJjZTA5YTM1YTU3ZGI3OGU1NGU2OTBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAeeQ+ctlHhnR9SNLPKrfpx1CLPs 4ueZymqaFJnCV7Gy2ycHBhYoNxh54hBOx/+fwgf/Kgk9fY6hPqxK7vLlPgXxUJl3 iky739jlXyIqnDz/MKFfEQZKfbBQ4B/0xxosFrNIqTwApTDvRJCsXlgFlv3JjZtH rnvWNbeF3c2vgr9uRrnH3LzH1FPMQokUT/l3W6Am41+p1i39/xmKNgslPVDR7nI6 tp5zdg7PWqKRTAjMiHfyop/MrRe+SaJQJjKvziLynyveCwD0Wqo7Wlean8zJfx7B 1kajzN4Yw2XyMfAc/tde8RYtnQTAQNVIS+wtyliVocRICzy+pDJ+4KYRCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIYHj0U5ho10Ys4Jo1pX23jlTmkOMB8GA1UdIwQY MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFrIatdA 5DyaZALAx/78arfTP3IMzmhkDnFUQylXEZS1hBDvBOZquHm4scYBQ3mw/U85cYFf 7z2JX2AQtyrQjA6KcGeYpCe3TcJzu4YgbNK/gnG3Z65g7JROTpLRNUtTFBjdaU8a refqBR9kK8EGt3skiWLEVX/8bc/rZtjz8Z3aWtPETyHvSYEr8bSCrQp1Hp6Zarqg /5+Feg7p5RdDh4syCyvJekRoa5K3f7oVouk+/ZzUujj5oJlAdIjn5AWn3Px/djuZ RqBw0HaMWmcWUu7qWEfBfdTnFTy7RikETn8orEkTcA2i15eIXJBU3Bwj/LsgzgA8 FXa58KAoRJEYFA== -----END CERTIFICATE-----Generated at Thu Dec 25 04:35:48 2025 by rpki-client