This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json) Hash identifier: ya2NwgEx4/x8dLlnU0yn/Ij850mxsJBeEY/4NnfuKfU= Subject key identifier: BA:23:F0:2F:4A:77:AC:C0:3C:BD:90:FE:49:50:99:AC:A5:99:1D:ED Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Certificate serial: 019B34FBA0CD7E86F3030DE759C7BAFA3F0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft Manifest number: 116C Signing time: Fri 19 Dec 2025 05:01:04 +0000 Manifest this update: Fri 19 Dec 2025 05:01:04 +0000 Manifest next update: Sat 20 Dec 2025 05:01:04 +0000 Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: qW/lfsRCwmeldM+JlTx+crU6ON30jTmREYR+lwSDZq0=) 2: gJwxB4WXRmy_Jjbo7KF4Rc3EO64.roa (hash: F0OcSRxgLQl48M74vjHq3+xTxBNsO5EKT9Des3ruvj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:a0:cd:7e:86:f3:03:0d:e7:59:c7:ba:fa:3f:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Validity Not Before: Dec 19 05:01:04 2025 GMT Not After : Dec 20 05:01:04 2025 GMT Subject: CN=ba23f02f4a77acc03cbd90fe495099aca5991ded Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:b6:d7:d5:5a:03:03:43:d7:71:80:45:d0:a8: 08:a1:91:e3:b5:b4:6a:41:26:a4:23:df:db:49:1f: de:48:42:5f:b2:af:04:cd:23:3e:d6:77:9a:82:01: 4a:3e:87:62:e6:15:33:5f:fc:cc:86:71:79:b7:8a: fa:b3:67:93:30:6c:d4:2b:56:3d:15:1b:fa:c9:4b: 6a:e5:7d:6b:5a:82:fc:80:c9:df:61:11:78:84:7f: cb:93:e2:f1:0b:6c:dd:e0:f9:09:14:a9:7d:6e:e1: b6:aa:99:39:4a:46:4e:6e:9b:b9:5e:61:4e:f1:94: c5:5f:9a:54:d9:22:64:89:d0:e2:d6:58:6b:bc:26: ae:21:14:ab:78:63:29:f5:fe:46:b7:7a:89:17:76: df:f4:21:63:6f:9d:4c:aa:9f:01:51:e0:72:1f:2b: e8:46:63:ce:b5:9e:46:ad:bf:15:02:9d:1e:94:28: b9:1b:6a:41:80:27:d4:ff:7a:d7:8c:76:6e:73:2f: 76:60:55:5c:e9:7d:52:77:b8:0f:4b:7f:f6:56:06: 45:27:5f:cb:6d:63:cc:d6:cc:c0:89:12:63:c7:cc: a8:2e:74:a8:cb:da:eb:c5:a5:67:b6:8d:a4:7d:52: 8a:cd:fd:2b:3a:8c:c9:dc:2c:3c:67:b0:af:81:c6: cd:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:23:F0:2F:4A:77:AC:C0:3C:BD:90:FE:49:50:99:AC:A5:99:1D:ED X509v3 Authority Key Identifier: keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:00:bd:88:63:bf:50:4b:54:bd:29:4b:a1:63:57:9a:a6:da: d4:af:47:51:36:e3:6a:da:48:d1:cb:e1:7d:e5:2f:36:10:45: ff:7d:2e:54:06:b6:ae:d2:86:f6:f1:5d:c1:b1:4b:37:a1:7a: a7:0d:c3:b9:1f:df:11:7b:0d:ac:e4:ae:f9:ab:bc:1c:39:ae: 6a:0f:96:92:ed:f4:29:64:d9:f1:0a:b2:8d:7a:5b:c1:9d:25: 01:e1:ea:93:39:d1:c0:bc:0d:f2:b2:0f:0d:c0:de:ff:bf:15: 32:42:d6:73:ef:9a:72:17:d6:4e:1d:78:51:18:d6:03:f5:45: 2c:ee:ef:c2:f0:8c:00:0b:6c:c9:5e:9f:9f:68:e6:30:c7:3e: 5c:c4:cd:26:99:c0:8f:de:d2:50:da:af:81:9f:eb:78:34:3c: 59:18:34:c3:f0:d5:42:51:c9:1a:74:12:f0:2a:4e:db:da:f0: be:0f:5a:ed:fe:95:24:95:18:32:e9:5b:ea:e9:f9:65:9e:50: d1:13:14:30:ba:0e:50:2f:02:f8:29:45:94:4d:e0:aa:d6:49: be:10:a0:1e:50:01:98:31:8b:08:17:91:12:d9:1f:81:a1:5c: d6:5c:e0:ed:41:c2:e6:a2:db:c8:c4:27:c8:77:79:6b:f1:35: 3b:e5:29:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+6DNfobzAw3nWce6+j8OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy ZDMyYjYwHhcNMjUxMjE5MDUwMTA0WhcNMjUxMjIwMDUwMTA0WjAzMTEwLwYDVQQD EyhiYTIzZjAyZjRhNzdhY2MwM2NiZDkwZmU0OTUwOTlhY2E1OTkxZGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLbX1VoDA0PXcYBF0KgIoZHjtbRq QSakI9/bSR/eSEJfsq8EzSM+1neaggFKPodi5hUzX/zMhnF5t4r6s2eTMGzUK1Y9 FRv6yUtq5X1rWoL8gMnfYRF4hH/Lk+LxC2zd4PkJFKl9buG2qpk5SkZObpu5XmFO 8ZTFX5pU2SJkidDi1lhrvCauIRSreGMp9f5Gt3qJF3bf9CFjb51Mqp8BUeByHyvo RmPOtZ5Grb8VAp0elCi5G2pBgCfU/3rXjHZucy92YFVc6X1Sd7gPS3/2VgZFJ1/L bWPM1szAiRJjx8yoLnSoy9rrxaVnto2kfVKKzf0rOozJ3Cw8Z7CvgcbNDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLoj8C9Kd6zAPL2Q/klQmaylmR3tMB8GA1UdIwQY MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPwC9iGO/ UEtUvSlLoWNXmqba1K9HUTbjatpI0cvhfeUvNhBF/30uVAa2rtKG9vFdwbFLN6F6 pw3DuR/fEXsNrOSu+au8HDmuag+Wku30KWTZ8QqyjXpbwZ0lAeHqkznRwLwN8rIP DcDe/78VMkLWc++achfWTh14URjWA/VFLO7vwvCMAAtsyV6fn2jmMMc+XMTNJpnA j97SUNqvgZ/reDQ8WRg0w/DVQlHJGnQS8CpO29rwvg9a7f6VJJUYMulb6un5ZZ5Q 0RMUMLoOUC8C+ClFlE3gqtZJvhCgHlABmDGLCBeREtkfgaFc1lzg7UHC5qLbyMQn yHd5a/E1O+UpWw== -----END CERTIFICATE-----Generated at Fri Dec 19 10:39:45 2025 by rpki-client