This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json) Hash identifier: sWoyjsmMcaD2IAVygB0Q/oAorHyvUrQS+NHQ70D/Xa0= Subject key identifier: 53:DC:B7:DC:AD:37:A8:33:F8:AB:33:E6:2F:08:5F:17:55:07:83:C8 Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Certificate serial: 019B38D864DB2F1B5A687AFFE64C4A9B023F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft Manifest number: 116E Signing time: Fri 19 Dec 2025 23:01:04 +0000 Manifest this update: Fri 19 Dec 2025 23:01:04 +0000 Manifest next update: Sat 20 Dec 2025 23:01:04 +0000 Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: GmzvA+t21uYfu0QP28Y13NtF8lvzgKzqkAv/NPcmgcY=) 2: gJwxB4WXRmy_Jjbo7KF4Rc3EO64.roa (hash: F0OcSRxgLQl48M74vjHq3+xTxBNsO5EKT9Des3ruvj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 23:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:d8:64:db:2f:1b:5a:68:7a:ff:e6:4c:4a:9b:02:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Validity Not Before: Dec 19 23:01:04 2025 GMT Not After : Dec 20 23:01:04 2025 GMT Subject: CN=53dcb7dcad37a833f8ab33e62f085f17550783c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:85:3e:f2:64:28:4f:ea:a7:92:44:75:6f:3d: f6:e2:d6:c2:d8:ac:df:2e:f5:7b:b3:e0:a3:6f:f4: db:e7:eb:e7:f0:86:0d:af:a6:fb:73:15:94:bd:c3: a6:d6:11:5f:95:bf:1f:8a:e1:c1:75:6a:33:fd:1c: 62:b4:7e:2c:63:ad:b9:ad:6b:bd:d5:6b:d1:bb:ab: 0c:e8:7f:86:c9:97:9a:7e:f0:d3:91:4c:d9:3d:28: 84:5e:5d:95:7b:f9:ea:47:ee:35:49:0d:dc:cb:e8: e3:e4:94:91:e5:32:21:7f:29:f3:20:8e:d6:ea:1b: 2a:ae:5a:f3:85:46:1f:b1:4e:03:d7:2a:fa:e2:71: 57:87:15:7e:11:ed:c2:4c:34:78:9c:e8:08:a4:45: e2:52:c9:4d:19:47:8f:02:74:ae:9e:ea:3c:70:1f: c2:25:05:2c:de:36:35:82:eb:35:28:67:0b:61:e0: 3b:42:7f:b9:d7:1d:bb:03:ef:99:88:15:7f:27:c6: 96:70:60:4c:21:f6:e4:a5:90:d8:89:c0:4b:2d:3b: e1:27:d2:13:7e:cc:16:86:14:66:cd:60:cf:f6:48: d8:be:9c:13:8d:9e:77:91:3b:ad:40:9f:9a:4c:e7: a8:59:f2:14:6e:d3:be:27:5c:34:61:0a:54:c1:29: 8e:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:DC:B7:DC:AD:37:A8:33:F8:AB:33:E6:2F:08:5F:17:55:07:83:C8 X509v3 Authority Key Identifier: keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:49:56:06:89:7b:67:ad:02:21:85:d9:dc:96:61:60:f3:bf: bc:25:cb:a6:2c:6c:34:e0:9c:b8:09:ef:c8:c9:96:31:87:dd: 56:30:64:bb:fd:29:6f:1e:e6:bd:24:53:ec:fc:6d:9f:13:45: 82:56:be:df:39:11:7f:ef:84:4e:61:32:be:07:62:6d:62:58: b3:45:47:5f:90:7a:82:78:e0:ae:8e:1d:8b:87:cf:af:51:05: 5e:b6:98:fd:89:99:f4:7f:43:1d:c9:83:ab:45:e3:24:2e:1c: 11:64:9a:a7:5f:b1:12:9c:d7:2b:88:ba:39:fd:da:b4:fb:62: e2:54:4a:35:1f:c4:c5:ee:06:8e:78:20:5e:8a:8a:03:97:09: 0e:9a:88:cd:40:1e:7f:55:c2:38:e9:34:28:5f:41:14:94:3f: ab:bd:59:bb:ca:ed:51:f5:d7:14:2e:ff:29:48:73:86:5d:da: e2:03:f7:11:5d:cc:fb:6f:af:02:3c:f8:2f:c6:92:b1:9d:68: 2e:40:74:1f:7a:b4:74:bd:66:63:c7:7a:2b:8b:5a:a1:26:6d: 02:bf:00:35:11:9a:20:c1:f4:6d:c9:70:19:e5:32:0b:0a:27: cc:4a:9c:ab:ab:d2:60:12:e0:d9:b2:d6:93:91:68:ff:00:0d: de:25:4d:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs42GTbLxtaaHr/5kxKmwI/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy ZDMyYjYwHhcNMjUxMjE5MjMwMTA0WhcNMjUxMjIwMjMwMTA0WjAzMTEwLwYDVQQD Eyg1M2RjYjdkY2FkMzdhODMzZjhhYjMzZTYyZjA4NWYxNzU1MDc4M2M4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YU+8mQoT+qnkkR1bz324tbC2Kzf LvV7s+Cjb/Tb5+vn8IYNr6b7cxWUvcOm1hFflb8fiuHBdWoz/RxitH4sY625rWu9 1WvRu6sM6H+GyZeafvDTkUzZPSiEXl2Ve/nqR+41SQ3cy+jj5JSR5TIhfynzII7W 6hsqrlrzhUYfsU4D1yr64nFXhxV+Ee3CTDR4nOgIpEXiUslNGUePAnSunuo8cB/C JQUs3jY1gus1KGcLYeA7Qn+51x27A++ZiBV/J8aWcGBMIfbkpZDYicBLLTvhJ9IT fswWhhRmzWDP9kjYvpwTjZ53kTutQJ+aTOeoWfIUbtO+J1w0YQpUwSmOWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFPct9ytN6gz+Ksz5i8IXxdVB4PIMB8GA1UdIwQY MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUlWBol7 Z60CIYXZ3JZhYPO/vCXLpixsNOCcuAnvyMmWMYfdVjBku/0pbx7mvSRT7PxtnxNF gla+3zkRf++ETmEyvgdibWJYs0VHX5B6gnjgro4di4fPr1EFXraY/YmZ9H9DHcmD q0XjJC4cEWSap1+xEpzXK4i6Of3atPti4lRKNR/Exe4GjnggXoqKA5cJDpqIzUAe f1XCOOk0KF9BFJQ/q71Zu8rtUfXXFC7/KUhzhl3a4gP3EV3M+2+vAjz4L8aSsZ1o LkB0H3q0dL1mY8d6K4taoSZtAr8ANRGaIMH0bclwGeUyCwonzEqcq6vSYBLg2bLW k5Fo/wAN3iVNQQ== -----END CERTIFICATE-----Generated at Sat Dec 20 09:10:26 2025 by rpki-client