This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json)
Hash identifier: BRAMbVTTAPtyQWZx1s7AycUe6t6hoXvgd4VO7ldGrYA=
Subject key identifier: 40:8A:E6:E3:04:88:1A:2D:D0:2F:2B:F7:58:DE:99:F2:BF:04:96:09
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial: 019B3C7F4C20D94E9043AB9229A9E7F7C30B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
Manifest number: 071B
Signing time: Sat 20 Dec 2025 16:02:14 +0000
Manifest this update: Sat 20 Dec 2025 16:02:14 +0000
Manifest next update: Sun 21 Dec 2025 16:02:14 +0000
Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: TqQ9DVLq8s+IqYgaJ8e7Q08fLYDvcorAzURetC7+fH4=)
2: Vnw9H8iqt-gts3LY3CEVf7p6PaE.roa (hash: s2vDBc3kUppwqWxQSMIljxY/yV7+Xm77EH+5A9yGbgM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Dec 2025 15:46:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:3c:7f:4c:20:d9:4e:90:43:ab:92:29:a9:e7:f7:c3:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
Validity
Not Before: Dec 20 16:02:14 2025 GMT
Not After : Dec 21 16:02:14 2025 GMT
Subject: CN=408ae6e304881a2dd02f2bf758de99f2bf049609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:56:ca:e3:fa:a9:12:9a:d0:5c:48:c7:f0:
a0:d4:f7:ce:18:02:d2:5b:62:1d:a8:9b:a2:c2:46:
b4:2a:bf:9b:f8:0e:3e:af:75:d3:54:03:d5:70:cd:
75:66:93:b0:d0:c2:c1:e4:f7:e4:99:da:95:55:9d:
8f:2b:64:d3:90:56:5d:73:4d:50:eb:c2:a6:0d:ed:
8b:a6:24:71:c4:d9:a7:67:1c:a6:b9:f8:c3:54:d6:
7d:df:e1:09:76:79:a0:07:2f:4e:f2:44:c6:a6:c4:
5a:5b:5a:ee:59:4f:1e:ad:f9:60:86:92:ed:79:c3:
5e:aa:97:8c:c6:a5:18:63:0b:a2:d4:4f:00:3d:d6:
66:d4:f1:23:04:9f:0e:a1:60:67:bc:81:80:52:da:
18:e0:3f:40:ab:1e:34:f5:ec:61:be:4a:e0:4f:2c:
d7:ec:9d:6b:18:f3:96:e6:72:c8:27:98:d5:81:77:
05:18:20:7b:9f:e6:7e:8f:5f:ed:5f:38:85:e2:1d:
1f:01:56:12:fc:0b:35:9b:ed:c0:81:04:66:f4:33:
8c:1d:16:e3:23:43:51:6b:0c:b8:64:85:e0:32:96:
21:4e:d8:b9:26:cc:e1:6b:83:f0:2a:ab:06:57:c5:
b2:14:9e:fb:38:87:75:b8:48:65:78:90:7b:80:2f:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8A:E6:E3:04:88:1A:2D:D0:2F:2B:F7:58:DE:99:F2:BF:04:96:09
X509v3 Authority Key Identifier:
keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:eb:4e:44:62:fc:6a:86:13:ea:dd:bc:91:74:84:39:da:a2:
bc:69:b1:ac:69:33:76:65:a9:a5:ab:c3:0b:ac:4c:d4:b3:82:
b6:56:f9:87:4d:88:ab:97:c1:21:c9:79:94:20:cc:18:5a:9c:
25:52:cf:e0:e2:bd:71:6c:e5:e6:74:37:f2:db:b4:c0:3e:3b:
16:60:7a:21:62:a1:b0:b6:b4:08:ac:9a:0d:d8:70:1e:52:26:
2b:da:6e:5b:c0:7c:30:b1:82:c6:b3:fa:58:40:3b:fd:4a:77:
58:83:8d:b2:58:27:2d:c9:60:0b:11:93:2d:78:a9:b4:94:61:
eb:20:fb:60:b0:11:3e:ae:64:36:55:4f:90:9d:e6:5d:fe:08:
01:13:de:e5:79:63:a0:d2:4c:48:7b:44:d8:e9:bc:5a:e5:fa:
40:37:50:d6:62:dd:56:e4:f0:ad:8e:76:79:3c:88:51:28:fd:
bd:0b:b5:33:3d:82:54:99:eb:34:ed:c0:df:49:6c:fd:d7:c7:
ed:f8:c8:84:2e:7f:d2:f4:53:46:3f:8d:e6:c8:22:38:b1:bc:
89:11:9d:d2:19:87:bb:da:f6:4b:03:71:de:9b:d2:65:83:ad:
0c:c0:55:c6:e9:52:ba:33:21:6e:55:0a:4c:1c:0b:8c:f2:aa:
97:6c:34:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZs8f0wg2U6QQ6uSKann98MLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjUxMjIwMTYwMjE0WhcNMjUxMjIxMTYwMjE0WjAzMTEwLwYDVQQD
Eyg0MDhhZTZlMzA0ODgxYTJkZDAyZjJiZjc1OGRlOTlmMmJmMDQ5NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolVWyuP6qRKa0FxIx/Cg1PfOGALS
W2IdqJuiwka0Kr+b+A4+r3XTVAPVcM11ZpOw0MLB5PfkmdqVVZ2PK2TTkFZdc01Q
68KmDe2LpiRxxNmnZxymufjDVNZ93+EJdnmgBy9O8kTGpsRaW1ruWU8erflghpLt
ecNeqpeMxqUYYwui1E8APdZm1PEjBJ8OoWBnvIGAUtoY4D9Aqx409exhvkrgTyzX
7J1rGPOW5nLIJ5jVgXcFGCB7n+Z+j1/tXziF4h0fAVYS/As1m+3AgQRm9DOMHRbj
I0NRawy4ZIXgMpYhTti5Jszha4PwKqsGV8WyFJ77OId1uEhleJB7gC/zlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECK5uMEiBot0C8r91jemfK/BJYJMB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUOtORGL8
aoYT6t28kXSEOdqivGmxrGkzdmWppavDC6xM1LOCtlb5h02Iq5fBIcl5lCDMGFqc
JVLP4OK9cWzl5nQ38tu0wD47FmB6IWKhsLa0CKyaDdhwHlImK9puW8B8MLGCxrP6
WEA7/Up3WIONslgnLclgCxGTLXiptJRh6yD7YLARPq5kNlVPkJ3mXf4IARPe5Xlj
oNJMSHtE2Om8WuX6QDdQ1mLdVuTwrY52eTyIUSj9vQu1Mz2CVJnrNO3A30ls/dfH
7fjIhC5/0vRTRj+N5sgiOLG8iRGd0hmHu9r2SwNx3pvSZYOtDMBVxulSujMhblUK
TBwLjPKql2w0rw==
-----END CERTIFICATE-----
Generated at Sun Dec 21 00:24:48 2025 by rpki-client