This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json) Hash identifier: FvrnhZ+bYD1b+ELBRLP8stcxCtV3atn1YBMMUbUy+oI= Subject key identifier: 07:D9:86:19:A5:C4:94:31:9C:8A:0C:90:4A:CD:DD:9C:93:E1:34:4C Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Certificate serial: 019B484B7C090BC1950864F8530AFF4036E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft Manifest number: 1176 Signing time: Mon 22 Dec 2025 23:01:05 +0000 Manifest this update: Mon 22 Dec 2025 23:01:05 +0000 Manifest next update: Tue 23 Dec 2025 23:01:05 +0000 Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: i+dlRE4TeN6lfZAFJ/y9qQ3cAQk6zpi2ZQTcgrJlLgk=) 2: gJwxB4WXRmy_Jjbo7KF4Rc3EO64.roa (hash: F0OcSRxgLQl48M74vjHq3+xTxBNsO5EKT9Des3ruvj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:4b:7c:09:0b:c1:95:08:64:f8:53:0a:ff:40:36:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Validity Not Before: Dec 22 23:01:05 2025 GMT Not After : Dec 23 23:01:05 2025 GMT Subject: CN=07d98619a5c494319c8a0c904acddd9c93e1344c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:9e:9e:d0:5b:8a:c5:1a:96:ea:43:9e:c7:4e: 38:67:a6:67:a9:80:c9:ab:f2:ab:7a:ba:e6:01:ec: 53:6c:ac:c0:4d:26:86:e7:34:a5:fd:5c:d1:45:fb: 79:2b:66:8f:09:11:9b:c7:2d:a4:ae:30:0f:9b:b6: cc:4f:69:f9:0e:43:fe:6a:96:24:0e:ff:7b:e0:d0: 91:7e:c1:3e:01:d2:3c:31:13:37:60:a9:74:23:4b: 31:e8:e1:b5:c7:24:e6:9f:11:2c:8a:d5:b9:6f:b7: bb:4a:3a:f0:06:6d:08:d0:5d:b2:9f:57:06:4c:b4: d7:67:f0:e9:9d:3b:60:ba:d0:28:0b:5b:89:30:49: 56:d3:74:b4:cd:35:1c:7e:f0:d0:c4:bb:55:26:87: 06:f9:45:a6:37:9e:53:03:66:97:81:d2:55:f2:3a: 96:1b:05:de:5b:5f:fc:23:fc:eb:f4:b0:83:7e:71: 60:95:8a:27:9c:3e:79:ae:f7:a4:c1:69:9d:94:ed: 66:aa:c6:a4:18:b7:ed:14:19:b2:e2:26:15:4a:07: 2e:ae:83:a1:ad:11:82:47:ac:6a:f3:5f:95:4a:ea: a1:60:3c:3d:15:1a:c6:e4:cb:5c:35:26:e2:89:28: 5e:df:f4:6f:aa:aa:e0:b7:28:49:39:07:da:c8:9f: b4:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:D9:86:19:A5:C4:94:31:9C:8A:0C:90:4A:CD:DD:9C:93:E1:34:4C X509v3 Authority Key Identifier: keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:cf:51:1a:b3:6b:0b:a7:a4:31:c8:e7:37:fc:3c:09:e7:3b: cf:fa:22:10:7d:63:b3:04:1d:34:7a:cb:9e:3a:5f:c3:ab:34: 15:26:8d:2a:eb:80:3d:5f:6b:b5:06:7c:76:9e:c3:6f:e3:45: 71:88:13:58:b9:8b:e8:d9:3b:c7:f0:84:31:0f:31:c7:c8:81: 7a:f9:f2:f1:0b:0f:a4:9d:a5:89:47:94:18:18:ab:c6:40:b5: ab:75:38:f0:db:fa:41:85:78:a7:c5:92:5d:76:1b:b4:5b:c1: 43:d8:32:7d:8f:77:c0:0f:90:81:d9:ac:b2:c9:c6:96:7c:e6: 64:78:bc:63:4e:de:63:f2:3c:f3:f3:d2:7f:8c:4d:92:3c:de: 18:f5:41:63:54:c9:f1:8c:c2:02:77:ab:a7:ad:05:6b:4f:e0: 5d:08:90:d2:21:94:e6:6d:6b:5f:e8:88:26:52:ad:f0:71:1c: 3c:20:9a:61:1e:bc:bd:1e:71:60:14:54:17:f7:c2:57:e7:d8: 81:16:28:32:43:45:e8:6e:f3:71:cf:0b:3c:fc:a0:c6:b5:b1: 7f:62:2c:03:9f:6d:a9:26:d0:cd:d5:09:8c:c9:a8:66:f2:d3: 7c:f0:84:75:43:09:9d:2e:cc:40:f5:3a:a1:1f:a1:de:37:76: fb:ca:17:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIS3wJC8GVCGT4Uwr/QDbjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy ZDMyYjYwHhcNMjUxMjIyMjMwMTA1WhcNMjUxMjIzMjMwMTA1WjAzMTEwLwYDVQQD EygwN2Q5ODYxOWE1YzQ5NDMxOWM4YTBjOTA0YWNkZGQ5YzkzZTEzNDRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z6e0FuKxRqW6kOex044Z6ZnqYDJ q/KrerrmAexTbKzATSaG5zSl/VzRRft5K2aPCRGbxy2krjAPm7bMT2n5DkP+apYk Dv974NCRfsE+AdI8MRM3YKl0I0sx6OG1xyTmnxEsitW5b7e7SjrwBm0I0F2yn1cG TLTXZ/DpnTtgutAoC1uJMElW03S0zTUcfvDQxLtVJocG+UWmN55TA2aXgdJV8jqW GwXeW1/8I/zr9LCDfnFglYonnD55rvekwWmdlO1mqsakGLftFBmy4iYVSgcuroOh rRGCR6xq81+VSuqhYDw9FRrG5MtcNSbiiShe3/RvqqrgtyhJOQfayJ+0fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAfZhhmlxJQxnIoMkErN3ZyT4TRMMB8GA1UdIwQY MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARs9RGrNr C6ekMcjnN/w8Cec7z/oiEH1jswQdNHrLnjpfw6s0FSaNKuuAPV9rtQZ8dp7Db+NF cYgTWLmL6Nk7x/CEMQ8xx8iBevny8QsPpJ2liUeUGBirxkC1q3U48Nv6QYV4p8WS XXYbtFvBQ9gyfY93wA+QgdmsssnGlnzmZHi8Y07eY/I88/PSf4xNkjzeGPVBY1TJ 8YzCAnerp60Fa0/gXQiQ0iGU5m1rX+iIJlKt8HEcPCCaYR68vR5xYBRUF/fCV+fY gRYoMkNF6G7zcc8LPPygxrWxf2IsA59tqSbQzdUJjMmoZvLTfPCEdUMJnS7MQPU6 oR+h3jd2+8oXfA== -----END CERTIFICATE-----Generated at Tue Dec 23 01:25:31 2025 by rpki-client