This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft File: pal1I5_dRDt9PYLjkqnkrjkhjvY.mft (raw, json) Hash identifier: iBKpINKfM0GvqGSmS630/rStD60TuROOUM7Sg1tPAAA= Subject key identifier: 11:D2:1D:78:15:95:B5:BA:A3:27:63:03:93:81:4D:68:4C:70:7E:EE Authority key identifier: A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 Certificate issuer: /CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Certificate serial: 019B3833B3908650E36B138B03B3043DB02F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft Manifest number: 0AE3 Signing time: Fri 19 Dec 2025 20:01:10 +0000 Manifest this update: Fri 19 Dec 2025 20:01:10 +0000 Manifest next update: Sat 20 Dec 2025 20:01:10 +0000 Files and hashes: 1: D5eci654E86WgV4QeWe0mVBSIQA.roa (hash: 9EDx7nuNfSAVu4VJ7kFsnukQOFsHdN+PaVjNZkLYUS0=) 2: pal1I5_dRDt9PYLjkqnkrjkhjvY.crl (hash: CIvR+2KEKKwg0lAKCH7aLseuArMZxnhUFn8h0toOIow=) 3: yvO64MJqKXwU9zQx1VNZmF0vwiQ.roa (hash: suqTW5OcdpqYPj7vinRk1PIGqjKi/55px0F96ecmjEo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 20:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:33:b3:90:86:50:e3:6b:13:8b:03:b3:04:3d:b0:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5a975239fdd443b7d3d82e392a9e4ae39218ef6 Validity Not Before: Dec 19 20:01:10 2025 GMT Not After : Dec 20 20:01:10 2025 GMT Subject: CN=11d21d781595b5baa327630393814d684c707eee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:33:77:e7:a8:44:ba:a3:9b:13:74:dd:a3:a1: c1:27:ce:b5:fc:fe:77:9a:71:73:61:31:43:5f:dc: f7:ef:eb:46:22:ce:ea:0d:bb:21:36:5a:16:d9:50: f4:06:1b:75:b8:14:88:7f:fd:e6:b1:9a:d8:2c:51: 38:3d:01:09:be:02:05:7a:63:2b:91:bf:0e:bf:72: 8a:98:93:14:5f:4e:df:7a:c5:84:4e:51:e0:fd:f4: f0:4c:00:2e:9d:c1:a3:ca:67:4a:20:52:d6:5d:e6: db:69:b6:ae:67:60:5e:5e:f0:47:cc:da:05:a7:8d: db:84:17:a0:72:d0:62:a0:9b:61:73:9a:26:82:5a: 54:dc:2f:d7:4e:cb:62:46:bf:7c:db:d6:aa:ec:6b: 42:15:e3:31:66:1a:50:32:6d:21:35:66:fc:c1:6c: 6f:13:ae:a6:b2:e7:c2:7b:d0:d0:88:d6:74:d6:55: e3:cb:7b:15:51:cb:3b:fe:f7:44:ad:cb:46:5f:17: 5b:05:a5:0b:1d:6b:ed:31:35:04:65:8c:7c:44:21: 44:7f:60:6f:40:96:2c:87:83:60:83:18:c9:db:d1: f0:e2:a9:61:6f:b3:fc:f9:4d:67:0b:61:ef:a2:a0: 73:20:c2:9b:b3:fa:c0:97:04:23:57:29:d1:36:1f: 07:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:D2:1D:78:15:95:B5:BA:A3:27:63:03:93:81:4D:68:4C:70:7E:EE X509v3 Authority Key Identifier: keyid:A5:A9:75:23:9F:DD:44:3B:7D:3D:82:E3:92:A9:E4:AE:39:21:8E:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pal1I5_dRDt9PYLjkqnkrjkhjvY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f2700b-9853-4172-9a61-a691448b2ec4/1/pal1I5_dRDt9PYLjkqnkrjkhjvY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:e1:ff:56:57:a4:9d:da:8b:70:96:29:96:e0:a7:bd:b7:79: b2:2d:07:e0:04:d4:06:4e:cc:c5:5a:bb:fd:af:00:29:08:a6: 7b:89:fc:f5:8f:f7:c7:48:b7:9a:41:d4:9e:b0:26:fa:ac:fc: a6:4c:45:15:66:d0:06:89:3f:10:f2:86:84:aa:b3:9a:8c:e5: dd:56:9d:56:48:8b:93:b7:0e:42:05:cf:ca:49:1b:32:25:0a: 30:73:01:3e:57:f2:66:49:47:7d:32:88:57:b7:5d:1a:69:cf: c4:10:8e:3b:ab:e1:32:22:29:36:d6:6d:73:be:78:5e:5a:cc: c7:5a:dc:ed:d8:1c:47:6a:6f:56:60:d8:06:6a:b3:f7:ce:82: 28:8d:ce:f4:60:a8:17:70:d7:33:69:f2:f8:ad:df:d6:7b:3b: f7:f0:83:9f:8b:10:3b:e5:d9:a6:9b:a1:22:39:30:d3:56:d3: 1c:f2:30:45:f1:1a:4e:12:2b:7b:9e:e9:e7:b2:c3:76:ab:ec: f5:38:c9:87:3f:72:50:82:32:26:de:50:61:29:04:d2:cb:46: d4:02:c0:38:75:0d:da:0c:2e:74:05:54:ea:93:24:d9:18:3e: 85:a9:06:35:00:b7:9d:64:c5:04:c8:b5:5f:d3:6c:de:f7:5a: 6b:86:5a:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4M7OQhlDjaxOLA7MEPbAvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YTk3NTIzOWZkZDQ0M2I3ZDNkODJlMzkyYTllNGFlMzky MThlZjYwHhcNMjUxMjE5MjAwMTEwWhcNMjUxMjIwMjAwMTEwWjAzMTEwLwYDVQQD EygxMWQyMWQ3ODE1OTViNWJhYTMyNzYzMDM5MzgxNGQ2ODRjNzA3ZWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDN356hEuqObE3Tdo6HBJ861/P53 mnFzYTFDX9z37+tGIs7qDbshNloW2VD0Bht1uBSIf/3msZrYLFE4PQEJvgIFemMr kb8Ov3KKmJMUX07fesWETlHg/fTwTAAuncGjymdKIFLWXebbabauZ2BeXvBHzNoF p43bhBegctBioJthc5omglpU3C/XTstiRr9829aq7GtCFeMxZhpQMm0hNWb8wWxv E66msufCe9DQiNZ01lXjy3sVUcs7/vdErctGXxdbBaULHWvtMTUEZYx8RCFEf2Bv QJYsh4NggxjJ29Hw4qlhb7P8+U1nC2HvoqBzIMKbs/rAlwQjVynRNh8HhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBHSHXgVlbW6oydjA5OBTWhMcH7uMB8GA1UdIwQY MBaAFKWpdSOf3UQ7fT2C45Kp5K45IY72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEt YTY5MTQ0OGIyZWM0LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mMjcwMGItOTg1My00MTcyLTlhNjEtYTY5MTQ0OGIyZWM0 LzEvcGFsMUk1X2RSRHQ5UFlMamtxbmtyamtoanZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoeH/Vlek ndqLcJYpluCnvbd5si0H4ATUBk7MxVq7/a8AKQime4n89Y/3x0i3mkHUnrAm+qz8 pkxFFWbQBok/EPKGhKqzmozl3VadVkiLk7cOQgXPykkbMiUKMHMBPlfyZklHfTKI V7ddGmnPxBCOO6vhMiIpNtZtc754XlrMx1rc7dgcR2pvVmDYBmqz986CKI3O9GCo F3DXM2ny+K3f1ns79/CDn4sQO+XZppuhIjkw01bTHPIwRfEaThIre57p57LDdqvs 9TjJhz9yUIIyJt5QYSkE0stG1ALAOHUN2gwudAVU6pMk2Rg+hakGNQC3nWTFBMi1 X9Ns3vdaa4ZaOw== -----END CERTIFICATE-----Generated at Sat Dec 20 04:54:25 2025 by rpki-client