This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json) Hash identifier: IBNiDlSsGGmB8acAYQzEVpQ+j4t6EVHlMfOgpu1I3HQ= Subject key identifier: D2:EE:81:8B:BF:96:3B:94:52:84:E1:8D:95:74:45:BB:34:6B:68:8F Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d Certificate serial: 019B405ACA7E813583CCD97208B47D4EE80A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft Manifest number: 021A Signing time: Sun 21 Dec 2025 10:00:50 +0000 Manifest this update: Sun 21 Dec 2025 10:00:50 +0000 Manifest next update: Mon 22 Dec 2025 10:00:50 +0000 Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: GtYBeNUvgMS90Md17KHIoTxA13FqWiuYqIJojvjI5NA=) 2: wtKFjn0luOKNhpCBH0YWKLpKHKU.roa (hash: Z6YfBfkr08FSM8yJ/BnA5aNSDpKZqhovD8OdV3xTXpI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:ca:7e:81:35:83:cc:d9:72:08:b4:7d:4e:e8:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d43340fad246465de8e614d039563a699657d8d Validity Not Before: Dec 21 10:00:50 2025 GMT Not After : Dec 22 10:00:50 2025 GMT Subject: CN=d2ee818bbf963b945284e18d957445bb346b688f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:54:87:58:5f:b6:e3:f6:4a:a0:3b:83:a5:88: 3d:00:fc:9c:50:c9:23:3d:cc:6d:71:87:81:dc:2c: 61:8c:ce:0c:21:cc:32:78:fc:1c:a0:3d:9e:89:c9: f1:a7:fa:15:1d:4f:d2:fc:1f:f9:6e:df:82:46:71: 51:d9:c9:83:34:56:43:05:8f:4a:ee:db:7e:a7:19: fa:38:60:9a:67:74:24:69:0c:b5:2c:17:44:15:f0: 94:d5:63:c2:06:42:e8:c4:5a:de:ed:b3:81:2c:58: 19:ab:6f:6d:0d:d9:21:9b:97:87:e7:a0:25:b1:de: e1:2d:13:34:99:4e:55:ab:fb:ec:98:45:cf:03:04: c6:23:ab:00:38:6e:bd:ba:a9:7a:56:28:40:6a:b4: 0e:66:89:01:a6:b2:81:d9:5f:fa:f9:3d:f8:b3:f8: ba:b8:80:a5:7d:13:e8:19:14:15:a9:c5:33:0e:55: fb:fb:9d:b3:54:c0:44:8d:19:d2:18:6f:48:71:87: 84:37:41:03:39:2d:18:2f:ba:d9:bc:fa:ba:53:1e: b7:53:0a:62:c9:2e:59:93:1b:89:3d:34:65:d1:74: 37:92:f6:41:4e:96:cd:ee:d5:63:ec:06:42:c2:e0: b1:58:11:6d:8a:d2:f3:e6:db:a5:58:d8:00:ca:fb: 59:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:EE:81:8B:BF:96:3B:94:52:84:E1:8D:95:74:45:BB:34:6B:68:8F X509v3 Authority Key Identifier: keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:87:73:18:21:02:9b:7a:aa:9c:01:c4:6d:62:a6:7d:82:02: 41:6e:df:93:8a:8d:95:a4:c9:e5:22:9d:5c:7d:76:9c:e8:b6: 11:f4:99:19:a5:ca:df:82:f0:c1:16:8b:5d:98:e0:54:83:91: d3:38:31:df:aa:47:6a:c0:54:c7:13:f8:11:b9:86:f1:b7:3a: 57:c4:40:da:bc:8e:d5:ee:db:71:73:31:54:b7:1b:5a:64:46: c4:96:32:35:47:27:cb:ed:27:c3:3c:ff:32:49:96:7e:4a:d7: 91:c5:8d:fb:cf:ff:e2:85:ae:ac:8a:57:45:b0:c1:66:3c:0c: 43:6f:c2:76:d2:04:c4:08:8e:e5:74:7e:64:e6:45:fe:bb:22: 1e:20:8c:f6:20:bb:f4:50:ff:17:e1:2a:6e:e0:ef:02:0c:6d: 4c:09:28:d0:8c:8a:99:9a:c1:d6:38:cf:80:a8:be:1a:32:f8: 7c:1d:b8:82:5c:57:0e:2d:76:59:ae:a0:dc:cc:bd:f6:58:15: 0b:0a:ba:ed:cc:aa:eb:57:5d:5c:37:51:67:26:d5:7a:0e:1a: 3a:cb:6d:c1:10:80:47:a7:a4:87:85:35:2b:2f:c1:4d:c0:0a: 1a:bf:1b:15:51:b6:cf:9b:b0:38:4c:69:fb:8c:77:eb:ae:51: d5:c1:6d:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWsp+gTWDzNlyCLR9TugKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2 NTdkOGQwHhcNMjUxMjIxMTAwMDUwWhcNMjUxMjIyMTAwMDUwWjAzMTEwLwYDVQQD EyhkMmVlODE4YmJmOTYzYjk0NTI4NGUxOGQ5NTc0NDViYjM0NmI2ODhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFSHWF+24/ZKoDuDpYg9APycUMkj PcxtcYeB3CxhjM4MIcwyePwcoD2eicnxp/oVHU/S/B/5bt+CRnFR2cmDNFZDBY9K 7tt+pxn6OGCaZ3QkaQy1LBdEFfCU1WPCBkLoxFre7bOBLFgZq29tDdkhm5eH56Al sd7hLRM0mU5Vq/vsmEXPAwTGI6sAOG69uql6VihAarQOZokBprKB2V/6+T34s/i6 uIClfRPoGRQVqcUzDlX7+52zVMBEjRnSGG9IcYeEN0EDOS0YL7rZvPq6Ux63Uwpi yS5ZkxuJPTRl0XQ3kvZBTpbN7tVj7AZCwuCxWBFtitLz5tulWNgAyvtZZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNLugYu/ljuUUoThjZV0Rbs0a2iPMB8GA1UdIwQY MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIdzGCEC m3qqnAHEbWKmfYICQW7fk4qNlaTJ5SKdXH12nOi2EfSZGaXK34LwwRaLXZjgVIOR 0zgx36pHasBUxxP4EbmG8bc6V8RA2ryO1e7bcXMxVLcbWmRGxJYyNUcny+0nwzz/ MkmWfkrXkcWN+8//4oWurIpXRbDBZjwMQ2/CdtIExAiO5XR+ZOZF/rsiHiCM9iC7 9FD/F+EqbuDvAgxtTAko0IyKmZrB1jjPgKi+GjL4fB24glxXDi12Wa6g3My99lgV Cwq67cyq61ddXDdRZybVeg4aOsttwRCAR6ekh4U1Ky/BTcAKGr8bFVG2z5uwOExp +4x3665R1cFtPQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:20:03 2025 by rpki-client