This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json)
Hash identifier: Qez98A3BDL9L4Tsao7e0IjL2uhl3sCHv6YOz6K62yvs=
Subject key identifier: F4:9E:F9:6D:F7:99:00:2F:27:FF:6B:5D:96:22:DD:99:84:55:8F:53
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial: 019B4249F8F8CDB6BFD3C7D620252CB458AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
Manifest number: 071E
Signing time: Sun 21 Dec 2025 19:01:42 +0000
Manifest this update: Sun 21 Dec 2025 19:01:42 +0000
Manifest next update: Mon 22 Dec 2025 19:01:42 +0000
Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: s3PA22a6WLHUdjTZqBfSuZ9UcQ+e5F5tBUFk1Oj3yD0=)
2: Vnw9H8iqt-gts3LY3CEVf7p6PaE.roa (hash: s2vDBc3kUppwqWxQSMIljxY/yV7+Xm77EH+5A9yGbgM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 22 Dec 2025 13:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:42:49:f8:f8:cd:b6:bf:d3:c7:d6:20:25:2c:b4:58:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
Validity
Not Before: Dec 21 19:01:42 2025 GMT
Not After : Dec 22 19:01:42 2025 GMT
Subject: CN=f49ef96df799002f27ff6b5d9622dd9984558f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:cf:cd:5a:50:a8:15:bf:f0:ca:a0:0c:b0:
dd:34:87:ed:31:81:dc:14:e8:ff:22:e4:10:1c:02:
23:50:40:d5:14:99:c8:05:2e:48:ec:0b:08:16:5f:
ad:58:10:39:a4:a8:3c:e6:37:14:51:fd:c7:25:b1:
b9:8b:77:ac:fa:5f:c9:29:4b:ff:02:fa:15:06:81:
c6:cb:81:53:56:33:eb:d3:b6:ab:be:96:89:3c:41:
7c:88:cf:44:04:f8:c1:95:62:b8:05:30:e1:77:e4:
55:76:7a:eb:62:a1:66:7a:b1:e7:59:f3:0d:35:c4:
dd:1a:ff:56:c3:1d:04:06:66:41:5c:67:f8:b7:24:
21:5a:4d:8c:ed:7d:27:6a:9b:f2:6b:d4:99:7d:33:
06:be:87:e1:b6:51:33:c6:4b:05:e5:98:26:a9:34:
7b:d1:4d:01:da:4f:55:1f:9f:52:d5:9a:a6:90:5c:
f6:83:ee:1f:f8:3b:b8:f5:dd:e8:34:d9:1e:39:5e:
91:07:db:01:50:64:f7:71:f7:4e:f4:1b:d1:8a:3b:
75:a7:d5:bc:73:7e:fc:bc:c9:ca:b0:3f:94:af:e8:
bf:e6:f5:56:d8:d6:c9:62:2a:be:12:aa:0a:a3:a4:
38:67:c2:67:1c:bf:f7:d6:71:a4:76:6b:76:b1:ba:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9E:F9:6D:F7:99:00:2F:27:FF:6B:5D:96:22:DD:99:84:55:8F:53
X509v3 Authority Key Identifier:
keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:64:96:2c:3f:fb:0a:a0:a8:b5:9b:db:99:eb:7f:ca:bf:33:
c6:5e:58:59:96:27:d4:8e:ec:b1:33:14:b6:55:0f:79:b7:bc:
e9:29:1a:c8:eb:3f:f7:ca:d3:a0:cf:ca:fd:7f:ca:40:a1:57:
e5:4a:7c:84:c9:a9:0e:b8:e2:73:16:e6:a7:53:b0:8c:ee:75:
2e:09:c8:68:07:ca:c1:bf:43:aa:33:01:6f:bc:7a:a6:ef:d6:
84:14:39:ba:73:51:03:42:59:cb:8e:d5:2d:96:f3:f5:aa:d4:
ef:44:96:1e:ae:72:45:4a:e7:4d:65:4c:d1:07:4e:4d:b8:b7:
b3:14:15:3e:06:8b:03:f2:96:bd:68:3e:05:51:85:4e:8d:92:
bf:c4:e1:f2:1a:9a:48:a7:67:54:b0:c2:59:dd:6c:08:d2:71:
74:f9:48:9d:e7:8c:94:78:a6:15:fd:e7:35:84:eb:33:40:02:
f5:28:02:5a:98:db:97:d2:dd:e1:c6:2e:6a:f4:8b:e2:c1:a8:
51:8c:a3:1a:5a:56:6f:34:df:17:e7:83:e7:76:ee:ab:f5:4c:
be:93:f2:2f:dd:8e:1d:5a:42:c5:28:d7:d0:7f:ad:88:df:a4:
b8:8d:c8:b0:de:92:d0:52:30:e1:9d:92:15:17:66:db:ae:9b:
a4:51:0a:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtCSfj4zba/08fWICUstFivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjUxMjIxMTkwMTQyWhcNMjUxMjIyMTkwMTQyWjAzMTEwLwYDVQQD
EyhmNDllZjk2ZGY3OTkwMDJmMjdmZjZiNWQ5NjIyZGQ5OTg0NTU4ZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+7PzVpQqBW/8MqgDLDdNIftMYHc
FOj/IuQQHAIjUEDVFJnIBS5I7AsIFl+tWBA5pKg85jcUUf3HJbG5i3es+l/JKUv/
AvoVBoHGy4FTVjPr07arvpaJPEF8iM9EBPjBlWK4BTDhd+RVdnrrYqFmerHnWfMN
NcTdGv9Wwx0EBmZBXGf4tyQhWk2M7X0napvya9SZfTMGvofhtlEzxksF5ZgmqTR7
0U0B2k9VH59S1ZqmkFz2g+4f+Du49d3oNNkeOV6RB9sBUGT3cfdO9BvRijt1p9W8
c378vMnKsD+Ur+i/5vVW2NbJYiq+EqoKo6Q4Z8JnHL/31nGkdmt2sbrKjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSe+W33mQAvJ/9rXZYi3ZmEVY9TMB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2SWLD/7
CqCotZvbmet/yr8zxl5YWZYn1I7ssTMUtlUPebe86SkayOs/98rToM/K/X/KQKFX
5Up8hMmpDrjicxbmp1OwjO51LgnIaAfKwb9DqjMBb7x6pu/WhBQ5unNRA0JZy47V
LZbz9arU70SWHq5yRUrnTWVM0QdOTbi3sxQVPgaLA/KWvWg+BVGFTo2Sv8Th8hqa
SKdnVLDCWd1sCNJxdPlIneeMlHimFf3nNYTrM0AC9SgCWpjbl9Ld4cYuavSL4sGo
UYyjGlpWbzTfF+eD53buq/VMvpPyL92OHVpCxSjX0H+tiN+kuI3IsN6S0FIw4Z2S
FRdm266bpFEKKg==
-----END CERTIFICATE-----
Generated at Sun Dec 21 22:37:44 2025 by rpki-client