This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft File: PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json) Hash identifier: UTOfNrKSuuFh5IVD15H7GM9tD4gaUMjkRnxjKdWQcw4= Subject key identifier: 77:4B:9E:93:8D:7A:28:10:D4:5F:B8:92:84:0D:DF:C5:E0:70:A4:8C Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7 Certificate issuer: /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7 Certificate serial: 019B32D772F00CCD6807BB6E6DD639475522 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft Manifest number: 0C71 Signing time: Thu 18 Dec 2025 19:02:18 +0000 Manifest this update: Thu 18 Dec 2025 19:02:18 +0000 Manifest next update: Fri 19 Dec 2025 19:02:18 +0000 Files and hashes: 1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: BTciGlBljRERE4N+9qfwf/KfJHlPQ4hDwfMGLiVntOo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:72:f0:0c:cd:68:07:bb:6e:6d:d6:39:47:55:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7 Validity Not Before: Dec 18 19:02:18 2025 GMT Not After : Dec 19 19:02:18 2025 GMT Subject: CN=774b9e938d7a2810d45fb892840ddfc5e070a48c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:94:f9:52:0b:2a:2f:17:e4:07:56:3f:06:da: 56:98:ab:63:c7:19:54:0d:7f:31:26:fa:aa:b5:eb: 73:80:42:30:15:07:04:70:74:a2:ed:67:c6:30:5f: b8:b8:bb:97:09:0a:c0:12:15:af:de:e8:ce:a5:c4: 2a:86:06:62:7e:d6:57:31:e2:fb:66:cf:7b:d7:ab: 9e:5f:93:70:f8:da:5b:b0:84:d8:ce:38:f9:d9:2b: 88:58:16:45:7b:a3:e1:27:58:55:a9:08:a7:7a:2c: c0:dc:aa:80:3c:31:26:c7:de:a7:3a:0f:e0:01:b8: af:0f:04:25:24:ba:d7:e2:f8:46:3a:1e:aa:35:fe: f6:22:57:9b:dd:13:dd:7c:2a:9a:3d:3a:17:6d:af: d9:8e:33:7f:58:3a:39:ed:45:3d:b6:3c:24:17:6b: 25:c6:cf:a4:60:ab:70:69:bd:d5:43:2c:1c:19:17: 41:81:a2:4d:01:ea:32:dd:72:e2:4f:d3:41:2f:36: 39:0b:42:cb:11:5e:0a:da:2f:57:c7:bf:c5:4f:6c: 15:74:aa:45:62:ed:dd:eb:02:3e:54:ed:cd:8b:ef: 69:11:74:ee:5b:e5:a6:de:43:5e:68:45:56:82:12: 8d:be:79:c2:ff:7a:a0:e6:57:fa:63:e0:31:15:62: 73:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:4B:9E:93:8D:7A:28:10:D4:5F:B8:92:84:0D:DF:C5:E0:70:A4:8C X509v3 Authority Key Identifier: keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:6d:cb:2b:4e:e8:49:28:9e:a5:93:43:bd:a7:49:15:06:cb: a0:18:6e:97:25:c2:75:ae:c9:32:f9:0c:75:0e:ff:f7:5a:f6: 04:44:b7:7e:0e:5e:8e:92:45:41:19:87:7a:bf:63:96:99:70: db:74:f9:f6:38:67:75:0f:59:20:97:84:bd:08:5d:5c:9d:cc: f6:56:36:00:bc:d1:e8:2f:05:95:7e:4a:0d:7d:6b:05:f0:2a: 54:68:73:0c:91:73:42:f6:e6:a1:32:ca:d3:0a:3b:39:a9:5c: b5:89:71:2c:c6:d2:5b:56:aa:6c:06:d7:a4:39:dd:16:a7:1e: 44:1f:7d:76:8c:cf:61:28:71:ca:7d:f7:96:55:bd:ad:12:35: 6d:07:b6:20:87:a5:01:8a:5b:fe:bd:d2:4f:14:f3:a3:06:4c: ab:01:3b:a4:83:57:cf:69:c6:49:ad:39:f0:16:fb:8e:04:a9: c2:b1:36:b8:b2:67:3a:6d:8e:f4:fe:04:5d:65:52:26:1d:36: 56:b4:eb:1f:2e:4e:01:74:5f:1d:32:f5:4d:d0:1d:b4:3f:2b: 45:f2:3f:51:35:f0:69:94:56:df:51:e8:2d:c0:73:3f:11:9f: 01:76:a5:9a:d9:f8:26:eb:94:0b:50:8e:d2:e8:12:fe:bc:3d: 16:68:e1:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy13LwDM1oB7tubdY5R1UiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm NGE0ZDcwHhcNMjUxMjE4MTkwMjE4WhcNMjUxMjE5MTkwMjE4WjAzMTEwLwYDVQQD Eyg3NzRiOWU5MzhkN2EyODEwZDQ1ZmI4OTI4NDBkZGZjNWUwNzBhNDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpT5UgsqLxfkB1Y/BtpWmKtjxxlU DX8xJvqqtetzgEIwFQcEcHSi7WfGMF+4uLuXCQrAEhWv3ujOpcQqhgZiftZXMeL7 Zs9716ueX5Nw+NpbsITYzjj52SuIWBZFe6PhJ1hVqQineizA3KqAPDEmx96nOg/g AbivDwQlJLrX4vhGOh6qNf72Ileb3RPdfCqaPToXba/ZjjN/WDo57UU9tjwkF2sl xs+kYKtwab3VQywcGRdBgaJNAeoy3XLiT9NBLzY5C0LLEV4K2i9Xx7/FT2wVdKpF Yu3d6wI+VO3Ni+9pEXTuW+Wm3kNeaEVWghKNvnnC/3qg5lf6Y+AxFWJzUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHdLnpONeigQ1F+4koQN38XgcKSMMB8GA1UdIwQY MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANm3LK07o SSiepZNDvadJFQbLoBhulyXCda7JMvkMdQ7/91r2BES3fg5ejpJFQRmHer9jlplw 23T59jhndQ9ZIJeEvQhdXJ3M9lY2ALzR6C8FlX5KDX1rBfAqVGhzDJFzQvbmoTLK 0wo7OalctYlxLMbSW1aqbAbXpDndFqceRB99dozPYShxyn33llW9rRI1bQe2IIel AYpb/r3STxTzowZMqwE7pINXz2nGSa058Bb7jgSpwrE2uLJnOm2O9P4EXWVSJh02 VrTrHy5OAXRfHTL1TdAdtD8rRfI/UTXwaZRW31HoLcBzPxGfAXalmtn4JuuUC1CO 0ugS/rw9FmjhBg== -----END CERTIFICATE-----Generated at Fri Dec 19 02:24:29 2025 by rpki-client