This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft File: PUM0D60kZGXejmFNA5VjppllfY0.mft (raw, json) Hash identifier: 5XLV61/ExAKd1yDDb1vKaYaM4LF16+mjFKz3s+aC98o= Subject key identifier: 5C:E6:F2:00:C3:1F:54:44:AA:59:7B:C4:B0:5A:AE:F5:F1:42:B5:97 Authority key identifier: 3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D Certificate issuer: /CN=3d43340fad246465de8e614d039563a699657d8d Certificate serial: 019B1201BE55D61AAD0C5BB967FC3F8E29ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft Manifest number: 0202 Signing time: Fri 12 Dec 2025 10:01:02 +0000 Manifest this update: Fri 12 Dec 2025 10:01:02 +0000 Manifest next update: Sat 13 Dec 2025 10:01:02 +0000 Files and hashes: 1: PUM0D60kZGXejmFNA5VjppllfY0.crl (hash: z3GrcIikRJNwYECsPx/wPGaQ+r+LVpWxTrL+DfAWWVw=) 2: wtKFjn0luOKNhpCBH0YWKLpKHKU.roa (hash: Z6YfBfkr08FSM8yJ/BnA5aNSDpKZqhovD8OdV3xTXpI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:01:be:55:d6:1a:ad:0c:5b:b9:67:fc:3f:8e:29:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d43340fad246465de8e614d039563a699657d8d Validity Not Before: Dec 12 10:01:02 2025 GMT Not After : Dec 13 10:01:02 2025 GMT Subject: CN=5ce6f200c31f5444aa597bc4b05aaef5f142b597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:fc:84:45:18:2a:13:80:b6:2b:de:eb:5d:92: 55:94:c2:5c:af:1e:b5:7c:39:47:62:b5:33:01:fe: 11:1b:db:d4:ca:10:4a:af:e9:17:0a:59:29:6f:d8: ad:a3:af:7c:df:70:13:78:1e:62:e8:e6:77:e2:96: 45:97:fb:91:10:1e:62:d7:79:84:60:bb:a1:c8:68: 34:49:a9:9e:5a:21:29:6d:6b:f0:46:26:a3:24:a6: 94:94:50:05:27:69:79:6e:1f:95:21:23:30:f5:d0: 80:4b:50:83:87:d2:6e:7c:2e:b9:a0:4d:a0:62:9a: 59:ff:1d:fe:f5:35:5a:b9:37:fb:8c:7c:d5:39:46: 6b:37:38:8e:a3:10:33:70:d7:ed:63:5f:01:25:3f: 7e:f2:8c:e2:62:9f:98:f2:87:69:ea:20:e7:02:6e: 62:24:00:92:14:aa:04:14:6d:88:6e:fd:dd:34:36: 73:4f:e2:bb:74:2f:52:d6:5c:56:d1:71:bc:43:1f: a9:2a:4f:24:a2:88:15:10:8e:b3:df:04:32:7d:ab: 21:3d:9d:06:92:69:24:33:02:fb:b1:e6:c5:d1:a5: d3:46:c2:39:10:d9:8c:5d:ca:a6:8e:ab:43:f6:c6: aa:0f:27:68:c4:65:34:34:3b:f7:ef:d7:66:9d:91: fd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:E6:F2:00:C3:1F:54:44:AA:59:7B:C4:B0:5A:AE:F5:F1:42:B5:97 X509v3 Authority Key Identifier: keyid:3D:43:34:0F:AD:24:64:65:DE:8E:61:4D:03:95:63:A6:99:65:7D:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUM0D60kZGXejmFNA5VjppllfY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6ce922-cdce-4c7a-b346-a437ce892841/1/PUM0D60kZGXejmFNA5VjppllfY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:fb:0c:0c:f7:ab:a7:c8:cb:c0:1d:5e:e3:67:52:f0:f0:f1: 13:4d:15:3d:b2:ab:ae:aa:8c:89:20:99:1c:52:ac:04:04:d3: 39:3b:6a:61:83:e8:6b:32:04:5c:b7:76:e4:8c:6b:f1:95:5e: d2:a0:46:4d:79:03:00:0c:58:ba:d4:13:62:9a:f4:45:58:9b: b9:45:6d:75:66:2d:9d:b7:0b:32:5e:ba:03:df:41:f9:16:73: 2e:ac:75:5a:40:1e:15:1f:6c:66:3f:27:3a:21:68:a5:16:0b: 58:6d:de:61:9f:0a:c1:78:ea:c0:2b:6d:f1:1c:3e:cb:64:ac: 13:97:e8:11:a3:7b:3f:d5:a3:45:60:ab:fd:b0:ce:16:08:85: 5b:5d:8c:59:81:1e:40:e7:39:dc:83:b1:36:ef:96:8d:08:65: 97:09:3b:52:98:62:cf:6e:3b:f0:73:ad:93:73:4d:ee:ef:3e: de:d3:e5:86:7d:7d:38:40:2b:f6:46:86:4a:9d:3a:87:8c:e6: db:21:56:39:c5:94:08:8d:fd:0e:39:0d:2e:bf:27:a4:03:73: bb:36:67:a9:c7:ed:d4:c1:b1:35:06:a8:12:78:82:8d:6a:a1: 0b:75:4e:4a:70:60:99:9e:ae:de:c5:55:d4:e4:35:c6:e8:77: f5:3d:38:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsSAb5V1hqtDFu5Z/w/jintMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNDMzNDBmYWQyNDY0NjVkZThlNjE0ZDAzOTU2M2E2OTk2 NTdkOGQwHhcNMjUxMjEyMTAwMTAyWhcNMjUxMjEzMTAwMTAyWjAzMTEwLwYDVQQD Eyg1Y2U2ZjIwMGMzMWY1NDQ0YWE1OTdiYzRiMDVhYWVmNWYxNDJiNTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfyERRgqE4C2K97rXZJVlMJcrx61 fDlHYrUzAf4RG9vUyhBKr+kXClkpb9ito69833ATeB5i6OZ34pZFl/uREB5i13mE YLuhyGg0SameWiEpbWvwRiajJKaUlFAFJ2l5bh+VISMw9dCAS1CDh9JufC65oE2g YppZ/x3+9TVauTf7jHzVOUZrNziOoxAzcNftY18BJT9+8oziYp+Y8odp6iDnAm5i JACSFKoEFG2Ibv3dNDZzT+K7dC9S1lxW0XG8Qx+pKk8koogVEI6z3wQyfashPZ0G kmkkMwL7sebF0aXTRsI5ENmMXcqmjqtD9saqDydoxGU0NDv379dmnZH90QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFzm8gDDH1REqll7xLBarvXxQrWXMB8GA1UdIwQY MBaAFD1DNA+tJGRl3o5hTQOVY6aZZX2NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYt YTQzN2NlODkyODQxLzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82Y2U5MjItY2RjZS00YzdhLWIzNDYtYTQzN2NlODkyODQx LzEvUFVNMEQ2MGtaR1hlam1GTkE1VmpwcGxsZlkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiPsMDPer p8jLwB1e42dS8PDxE00VPbKrrqqMiSCZHFKsBATTOTtqYYPoazIEXLd25Ixr8ZVe 0qBGTXkDAAxYutQTYpr0RVibuUVtdWYtnbcLMl66A99B+RZzLqx1WkAeFR9sZj8n OiFopRYLWG3eYZ8KwXjqwCtt8Rw+y2SsE5foEaN7P9WjRWCr/bDOFgiFW12MWYEe QOc53IOxNu+WjQhllwk7Uphiz2478HOtk3NN7u8+3tPlhn19OEAr9kaGSp06h4zm 2yFWOcWUCI39DjkNLr8npANzuzZnqcft1MGxNQaoEniCjWqhC3VOSnBgmZ6u3sVV 1OQ1xuh39T044w== -----END CERTIFICATE-----Generated at Fri Dec 12 12:14:21 2025 by rpki-client