This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json) Hash identifier: Qez98A3BDL9L4Tsao7e0IjL2uhl3sCHv6YOz6K62yvs= Subject key identifier: F4:9E:F9:6D:F7:99:00:2F:27:FF:6B:5D:96:22:DD:99:84:55:8F:53 Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b Certificate serial: 019B4249F8F8CDB6BFD3C7D620252CB458AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft Manifest number: 071E Signing time: Sun 21 Dec 2025 19:01:42 +0000 Manifest this update: Sun 21 Dec 2025 19:01:42 +0000 Manifest next update: Mon 22 Dec 2025 19:01:42 +0000 Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: s3PA22a6WLHUdjTZqBfSuZ9UcQ+e5F5tBUFk1Oj3yD0=) 2: Vnw9H8iqt-gts3LY3CEVf7p6PaE.roa (hash: s2vDBc3kUppwqWxQSMIljxY/yV7+Xm77EH+5A9yGbgM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:f8:f8:cd:b6:bf:d3:c7:d6:20:25:2c:b4:58:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b Validity Not Before: Dec 21 19:01:42 2025 GMT Not After : Dec 22 19:01:42 2025 GMT Subject: CN=f49ef96df799002f27ff6b5d9622dd9984558f53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ee:cf:cd:5a:50:a8:15:bf:f0:ca:a0:0c:b0: dd:34:87:ed:31:81:dc:14:e8:ff:22:e4:10:1c:02: 23:50:40:d5:14:99:c8:05:2e:48:ec:0b:08:16:5f: ad:58:10:39:a4:a8:3c:e6:37:14:51:fd:c7:25:b1: b9:8b:77:ac:fa:5f:c9:29:4b:ff:02:fa:15:06:81: c6:cb:81:53:56:33:eb:d3:b6:ab:be:96:89:3c:41: 7c:88:cf:44:04:f8:c1:95:62:b8:05:30:e1:77:e4: 55:76:7a:eb:62:a1:66:7a:b1:e7:59:f3:0d:35:c4: dd:1a:ff:56:c3:1d:04:06:66:41:5c:67:f8:b7:24: 21:5a:4d:8c:ed:7d:27:6a:9b:f2:6b:d4:99:7d:33: 06:be:87:e1:b6:51:33:c6:4b:05:e5:98:26:a9:34: 7b:d1:4d:01:da:4f:55:1f:9f:52:d5:9a:a6:90:5c: f6:83:ee:1f:f8:3b:b8:f5:dd:e8:34:d9:1e:39:5e: 91:07:db:01:50:64:f7:71:f7:4e:f4:1b:d1:8a:3b: 75:a7:d5:bc:73:7e:fc:bc:c9:ca:b0:3f:94:af:e8: bf:e6:f5:56:d8:d6:c9:62:2a:be:12:aa:0a:a3:a4: 38:67:c2:67:1c:bf:f7:d6:71:a4:76:6b:76:b1:ba: ca:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:9E:F9:6D:F7:99:00:2F:27:FF:6B:5D:96:22:DD:99:84:55:8F:53 X509v3 Authority Key Identifier: keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:64:96:2c:3f:fb:0a:a0:a8:b5:9b:db:99:eb:7f:ca:bf:33: c6:5e:58:59:96:27:d4:8e:ec:b1:33:14:b6:55:0f:79:b7:bc: e9:29:1a:c8:eb:3f:f7:ca:d3:a0:cf:ca:fd:7f:ca:40:a1:57: e5:4a:7c:84:c9:a9:0e:b8:e2:73:16:e6:a7:53:b0:8c:ee:75: 2e:09:c8:68:07:ca:c1:bf:43:aa:33:01:6f:bc:7a:a6:ef:d6: 84:14:39:ba:73:51:03:42:59:cb:8e:d5:2d:96:f3:f5:aa:d4: ef:44:96:1e:ae:72:45:4a:e7:4d:65:4c:d1:07:4e:4d:b8:b7: b3:14:15:3e:06:8b:03:f2:96:bd:68:3e:05:51:85:4e:8d:92: bf:c4:e1:f2:1a:9a:48:a7:67:54:b0:c2:59:dd:6c:08:d2:71: 74:f9:48:9d:e7:8c:94:78:a6:15:fd:e7:35:84:eb:33:40:02: f5:28:02:5a:98:db:97:d2:dd:e1:c6:2e:6a:f4:8b:e2:c1:a8: 51:8c:a3:1a:5a:56:6f:34:df:17:e7:83:e7:76:ee:ab:f5:4c: be:93:f2:2f:dd:8e:1d:5a:42:c5:28:d7:d0:7f:ad:88:df:a4: b8:8d:c8:b0:de:92:d0:52:30:e1:9d:92:15:17:66:db:ae:9b: a4:51:0a:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSfj4zba/08fWICUstFivMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4 NjYwMWIwHhcNMjUxMjIxMTkwMTQyWhcNMjUxMjIyMTkwMTQyWjAzMTEwLwYDVQQD EyhmNDllZjk2ZGY3OTkwMDJmMjdmZjZiNWQ5NjIyZGQ5OTg0NTU4ZjUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+7PzVpQqBW/8MqgDLDdNIftMYHc FOj/IuQQHAIjUEDVFJnIBS5I7AsIFl+tWBA5pKg85jcUUf3HJbG5i3es+l/JKUv/ AvoVBoHGy4FTVjPr07arvpaJPEF8iM9EBPjBlWK4BTDhd+RVdnrrYqFmerHnWfMN NcTdGv9Wwx0EBmZBXGf4tyQhWk2M7X0napvya9SZfTMGvofhtlEzxksF5ZgmqTR7 0U0B2k9VH59S1ZqmkFz2g+4f+Du49d3oNNkeOV6RB9sBUGT3cfdO9BvRijt1p9W8 c378vMnKsD+Ur+i/5vVW2NbJYiq+EqoKo6Q4Z8JnHL/31nGkdmt2sbrKjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPSe+W33mQAvJ/9rXZYi3ZmEVY9TMB8GA1UdIwQY MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5 LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2SWLD/7 CqCotZvbmet/yr8zxl5YWZYn1I7ssTMUtlUPebe86SkayOs/98rToM/K/X/KQKFX 5Up8hMmpDrjicxbmp1OwjO51LgnIaAfKwb9DqjMBb7x6pu/WhBQ5unNRA0JZy47V LZbz9arU70SWHq5yRUrnTWVM0QdOTbi3sxQVPgaLA/KWvWg+BVGFTo2Sv8Th8hqa SKdnVLDCWd1sCNJxdPlIneeMlHimFf3nNYTrM0AC9SgCWpjbl9Ld4cYuavSL4sGo UYyjGlpWbzTfF+eD53buq/VMvpPyL92OHVpCxSjX0H+tiN+kuI3IsN6S0FIw4Z2S FRdm266bpFEKKg== -----END CERTIFICATE-----Generated at Sun Dec 21 22:37:44 2025 by rpki-client