This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft File: PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json) Hash identifier: dXo6O7VtjIsBibmcA2y9E/bmExXK9yKWJGoabBBpKLc= Subject key identifier: A3:D7:69:93:E9:B0:6E:37:CC:1E:30:9B:A7:3D:0B:36:5E:71:35:E5 Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 Certificate issuer: /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Certificate serial: 019B21AB9087B681DDC0E4FD45BC88F315B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft Manifest number: 1162 Signing time: Mon 15 Dec 2025 11:00:50 +0000 Manifest this update: Mon 15 Dec 2025 11:00:50 +0000 Manifest next update: Tue 16 Dec 2025 11:00:50 +0000 Files and hashes: 1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: sUdX1bd5Q4I1c2Tg8RGWaokijyUgE3Q6a7fOraJF7Os=) 2: gJwxB4WXRmy_Jjbo7KF4Rc3EO64.roa (hash: F0OcSRxgLQl48M74vjHq3+xTxBNsO5EKT9Des3ruvj8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:ab:90:87:b6:81:dd:c0:e4:fd:45:bc:88:f3:15:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6 Validity Not Before: Dec 15 11:00:50 2025 GMT Not After : Dec 16 11:00:50 2025 GMT Subject: CN=a3d76993e9b06e37cc1e309ba73d0b365e7135e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ef:3c:16:74:e4:16:39:85:1e:0e:4f:ee:2b: 01:d8:fd:18:b7:bd:c9:14:2b:d4:ee:36:5c:ed:8b: 5a:98:2b:e0:d5:a7:1c:8a:0d:a5:50:62:f6:cc:a5: 19:d8:c9:cd:3d:ec:0b:cc:1d:da:b9:3f:50:9b:1b: 0c:8b:21:9f:20:83:31:a9:b9:72:5d:27:25:04:ca: 8a:d1:b9:af:43:83:18:0a:38:14:af:1c:6f:9c:6d: 2f:ff:21:36:29:88:54:53:89:bf:ae:5c:dc:a0:e1: 84:bc:3c:ce:50:e7:cb:a8:48:6f:f7:32:a0:9d:24: 55:d1:ee:da:83:e2:94:ef:42:97:77:20:dd:45:e0: 16:4e:d1:e2:2e:7d:c7:0e:ed:5d:2c:be:fc:b8:fd: bf:1f:77:76:93:16:a2:fa:93:0a:3f:5f:74:a7:dd: 8a:5d:3f:a4:96:df:3b:be:01:ce:2c:ea:83:ef:a0: 2d:4d:d1:bf:5b:8a:09:3e:5c:1e:a0:31:9b:67:cd: 4a:07:df:e9:00:ea:3f:38:0b:19:03:a4:45:d2:db: 05:53:2b:60:40:fb:52:f9:78:23:78:d3:67:7e:c9: fb:0c:c7:8f:7a:ab:d3:e7:27:1b:18:3e:9d:7b:19: 97:73:2f:73:80:c3:68:de:fa:b5:63:e3:a9:24:4b: de:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:D7:69:93:E9:B0:6E:37:CC:1E:30:9B:A7:3D:0B:36:5E:71:35:E5 X509v3 Authority Key Identifier: keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:c5:21:d1:4e:c4:55:34:a7:ed:a0:93:b9:b4:97:ee:3f:42: a3:f3:d0:89:a3:0d:4e:8e:19:14:77:58:3f:c2:ce:30:ef:08: aa:35:13:25:12:bd:c2:f4:81:4c:32:ae:1f:f5:56:33:84:24: 04:67:b1:c8:7a:8b:85:32:81:f2:92:ad:9f:77:07:1f:2f:4b: b4:b0:2f:94:6a:ca:6e:df:88:eb:d8:4d:1d:7d:d8:28:1f:c5: 4c:6b:5a:f1:48:2e:68:8a:fc:4f:a0:67:42:d4:08:59:75:17: e1:48:37:8b:a3:9b:fa:77:70:db:44:e0:34:ff:58:c0:58:e9: c5:a5:51:a0:8e:e2:de:a7:76:96:47:90:9e:a9:7d:ee:ed:bc: 00:88:45:58:c1:8a:6c:a4:31:43:09:6f:a9:f5:18:5b:0b:27: df:35:79:70:e2:26:1b:eb:63:a7:13:ed:de:08:e5:55:73:40: 87:d7:87:7e:62:f9:8f:f5:f9:e7:e7:a5:da:38:b7:56:4d:86: 95:ce:11:87:5f:ee:0e:6a:60:07:0c:2d:c3:4d:b3:3b:7c:10: ee:64:df:0a:e2:d8:52:71:bc:32:49:ac:9c:59:ba:1d:9b:44: 0e:a7:e1:9d:03:3b:75:28:99:9a:0c:b9:5b:86:c3:92:16:fa: e0:58:85:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshq5CHtoHdwOT9RbyI8xWxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy ZDMyYjYwHhcNMjUxMjE1MTEwMDUwWhcNMjUxMjE2MTEwMDUwWjAzMTEwLwYDVQQD EyhhM2Q3Njk5M2U5YjA2ZTM3Y2MxZTMwOWJhNzNkMGIzNjVlNzEzNWU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO88FnTkFjmFHg5P7isB2P0Yt73J FCvU7jZc7YtamCvg1accig2lUGL2zKUZ2MnNPewLzB3auT9QmxsMiyGfIIMxqbly XSclBMqK0bmvQ4MYCjgUrxxvnG0v/yE2KYhUU4m/rlzcoOGEvDzOUOfLqEhv9zKg nSRV0e7ag+KU70KXdyDdReAWTtHiLn3HDu1dLL78uP2/H3d2kxai+pMKP190p92K XT+klt87vgHOLOqD76AtTdG/W4oJPlweoDGbZ81KB9/pAOo/OAsZA6RF0tsFUytg QPtS+XgjeNNnfsn7DMePeqvT5ycbGD6dexmXcy9zgMNo3vq1Y+OpJEvexQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKPXaZPpsG43zB4wm6c9CzZecTXlMB8GA1UdIwQY MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsUh0U7E VTSn7aCTubSX7j9Co/PQiaMNTo4ZFHdYP8LOMO8IqjUTJRK9wvSBTDKuH/VWM4Qk BGexyHqLhTKB8pKtn3cHHy9LtLAvlGrKbt+I69hNHX3YKB/FTGta8UguaIr8T6Bn QtQIWXUX4Ug3i6Ob+ndw20TgNP9YwFjpxaVRoI7i3qd2lkeQnql97u28AIhFWMGK bKQxQwlvqfUYWwsn3zV5cOImG+tjpxPt3gjlVXNAh9eHfmL5j/X55+el2ji3Vk2G lc4Rh1/uDmpgBwwtw02zO3wQ7mTfCuLYUnG8MkmsnFm6HZtEDqfhnQM7dSiZmgy5 W4bDkhb64FiFhQ== -----END CERTIFICATE-----Generated at Mon Dec 15 15:16:37 2025 by rpki-client