This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft File: pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json) Hash identifier: 17UIAcUDkXCRFDpuMbCi1UY1haLCvpHP9g2Q4/PJ1Qc= Subject key identifier: 6C:A3:65:E9:1C:EE:F1:99:98:85:14:22:F1:31:42:36:4A:08:7B:6F Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56 Certificate issuer: /CN=a6e91a9d7caef4818674c5d6262813615c89de56 Certificate serial: 019B217573366F0D5B2E12384C3917D8B6FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft Manifest number: 10ED Signing time: Mon 15 Dec 2025 10:01:43 +0000 Manifest this update: Mon 15 Dec 2025 10:01:43 +0000 Manifest next update: Tue 16 Dec 2025 10:01:43 +0000 Files and hashes: 1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: Mnbv8qXapjE+q0kFXtc+D9dN1HaA23SnFZnxqXopimI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:73:36:6f:0d:5b:2e:12:38:4c:39:17:d8:b6:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56 Validity Not Before: Dec 15 10:01:43 2025 GMT Not After : Dec 16 10:01:43 2025 GMT Subject: CN=6ca365e91ceef19998851422f13142364a087b6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:1c:16:03:7f:c7:56:d4:d5:17:2b:f0:02:f4: 91:e1:8b:2a:0b:7e:b6:93:8f:17:1b:0c:7a:dc:cc: 85:69:64:a6:72:d0:10:8d:ea:26:6e:c3:be:2e:78: c0:cd:6b:82:84:ca:a2:f9:fd:62:b9:6e:2c:9b:9b: 14:5d:69:d5:2f:5b:4b:2b:cf:9e:71:f6:08:ee:39: 44:09:b8:ff:4b:ce:aa:9a:61:a5:37:eb:85:67:21: b5:6d:ab:f2:d8:49:c4:07:cc:7b:ff:3e:a4:5e:59: bf:fb:77:45:a6:d8:49:21:08:bc:3f:49:c6:76:5f: ed:23:af:64:93:d7:5a:3a:e0:41:a5:03:99:3d:09: f7:e4:07:cc:cb:4a:0d:b2:c5:59:b8:11:2f:0a:0a: 3c:75:56:0a:9a:31:26:ad:74:94:3b:b6:40:92:bf: df:44:61:ce:1a:ce:6a:b4:b7:b5:95:c8:e0:fb:d3: 62:b7:7b:0f:b2:0c:33:6b:0d:b0:85:d5:67:14:d1: ee:27:e1:63:53:4e:50:35:ff:01:70:6c:14:e6:3c: 16:4b:a4:ad:f0:d9:77:45:53:fb:85:86:43:22:cc: 81:fe:aa:f2:52:53:ce:18:3f:8a:45:58:d5:76:38: ca:2d:da:67:56:57:d6:08:bf:4a:c4:2f:d3:6b:76: cf:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A3:65:E9:1C:EE:F1:99:98:85:14:22:F1:31:42:36:4A:08:7B:6F X509v3 Authority Key Identifier: keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:7f:70:9e:aa:57:19:c5:c1:51:39:97:d6:0e:82:cd:c8:5e: d1:52:40:c4:f8:9b:7c:51:31:33:9e:bf:ff:da:1e:0b:f2:7b: be:8d:a1:5d:4f:e2:72:1e:1c:d2:5e:57:ce:38:95:d8:76:dd: e3:64:9a:18:10:ae:7d:4e:57:cc:f8:10:cd:ed:47:d6:f6:ea: b7:a5:7b:14:57:9e:a3:7a:1b:dc:0c:e0:38:51:14:5e:cf:65: 78:2b:4c:1d:d8:cc:56:c3:f0:4d:b9:6a:57:62:35:31:3b:ab: 81:44:d9:34:35:2a:0d:35:65:ce:90:06:36:f2:bf:c8:d3:44: 28:8b:97:d8:3c:c7:8c:ba:ec:36:fb:53:4d:1c:1a:0a:d6:a1: 1a:bf:9a:0d:ef:69:ea:e6:c0:92:3a:ef:2a:33:ed:75:35:9d: b0:43:7d:f4:7f:a7:07:b7:b3:03:bc:a1:5b:3d:e1:07:78:ed: ad:ae:a4:19:01:40:30:e0:01:7c:83:2c:74:63:f4:50:31:d3: a3:10:b4:54:be:3d:4f:02:b3:05:d3:81:cb:f2:cd:c2:d3:95: 99:11:4c:6a:74:eb:02:64:9e:52:e2:48:03:df:ef:d4:18:2b: 90:ab:28:d1:b7:85:16:30:40:ec:85:ce:93:0e:c1:75:87:ff: ee:1c:d5:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdXM2bw1bLhI4TDkX2Lb8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4 OWRlNTYwHhcNMjUxMjE1MTAwMTQzWhcNMjUxMjE2MTAwMTQzWjAzMTEwLwYDVQQD Eyg2Y2EzNjVlOTFjZWVmMTk5OTg4NTE0MjJmMTMxNDIzNjRhMDg3YjZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xwWA3/HVtTVFyvwAvSR4YsqC362 k48XGwx63MyFaWSmctAQjeombsO+LnjAzWuChMqi+f1iuW4sm5sUXWnVL1tLK8+e cfYI7jlECbj/S86qmmGlN+uFZyG1bavy2EnEB8x7/z6kXlm/+3dFpthJIQi8P0nG dl/tI69kk9daOuBBpQOZPQn35AfMy0oNssVZuBEvCgo8dVYKmjEmrXSUO7ZAkr/f RGHOGs5qtLe1lcjg+9Nit3sPsgwzaw2whdVnFNHuJ+FjU05QNf8BcGwU5jwWS6St 8Nl3RVP7hYZDIsyB/qryUlPOGD+KRVjVdjjKLdpnVlfWCL9KxC/Ta3bPxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGyjZekc7vGZmIUUIvExQjZKCHtvMB8GA1UdIwQY MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAn9wnqpX GcXBUTmX1g6Czche0VJAxPibfFExM56//9oeC/J7vo2hXU/ich4c0l5XzjiV2Hbd 42SaGBCufU5XzPgQze1H1vbqt6V7FFeeo3ob3AzgOFEUXs9leCtMHdjMVsPwTblq V2I1MTurgUTZNDUqDTVlzpAGNvK/yNNEKIuX2DzHjLrsNvtTTRwaCtahGr+aDe9p 6ubAkjrvKjPtdTWdsEN99H+nB7ezA7yhWz3hB3jtra6kGQFAMOABfIMsdGP0UDHT oxC0VL49TwKzBdOBy/LNwtOVmRFManTrAmSeUuJIA9/v1BgrkKso0beFFjBA7IXO kw7BdYf/7hzVjA== -----END CERTIFICATE-----Generated at Mon Dec 15 13:21:58 2025 by rpki-client