This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json) Hash identifier: BRAMbVTTAPtyQWZx1s7AycUe6t6hoXvgd4VO7ldGrYA= Subject key identifier: 40:8A:E6:E3:04:88:1A:2D:D0:2F:2B:F7:58:DE:99:F2:BF:04:96:09 Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b Certificate serial: 019B3C7F4C20D94E9043AB9229A9E7F7C30B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft Manifest number: 071B Signing time: Sat 20 Dec 2025 16:02:14 +0000 Manifest this update: Sat 20 Dec 2025 16:02:14 +0000 Manifest next update: Sun 21 Dec 2025 16:02:14 +0000 Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: TqQ9DVLq8s+IqYgaJ8e7Q08fLYDvcorAzURetC7+fH4=) 2: Vnw9H8iqt-gts3LY3CEVf7p6PaE.roa (hash: s2vDBc3kUppwqWxQSMIljxY/yV7+Xm77EH+5A9yGbgM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:4c:20:d9:4e:90:43:ab:92:29:a9:e7:f7:c3:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b Validity Not Before: Dec 20 16:02:14 2025 GMT Not After : Dec 21 16:02:14 2025 GMT Subject: CN=408ae6e304881a2dd02f2bf758de99f2bf049609 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:55:56:ca:e3:fa:a9:12:9a:d0:5c:48:c7:f0: a0:d4:f7:ce:18:02:d2:5b:62:1d:a8:9b:a2:c2:46: b4:2a:bf:9b:f8:0e:3e:af:75:d3:54:03:d5:70:cd: 75:66:93:b0:d0:c2:c1:e4:f7:e4:99:da:95:55:9d: 8f:2b:64:d3:90:56:5d:73:4d:50:eb:c2:a6:0d:ed: 8b:a6:24:71:c4:d9:a7:67:1c:a6:b9:f8:c3:54:d6: 7d:df:e1:09:76:79:a0:07:2f:4e:f2:44:c6:a6:c4: 5a:5b:5a:ee:59:4f:1e:ad:f9:60:86:92:ed:79:c3: 5e:aa:97:8c:c6:a5:18:63:0b:a2:d4:4f:00:3d:d6: 66:d4:f1:23:04:9f:0e:a1:60:67:bc:81:80:52:da: 18:e0:3f:40:ab:1e:34:f5:ec:61:be:4a:e0:4f:2c: d7:ec:9d:6b:18:f3:96:e6:72:c8:27:98:d5:81:77: 05:18:20:7b:9f:e6:7e:8f:5f:ed:5f:38:85:e2:1d: 1f:01:56:12:fc:0b:35:9b:ed:c0:81:04:66:f4:33: 8c:1d:16:e3:23:43:51:6b:0c:b8:64:85:e0:32:96: 21:4e:d8:b9:26:cc:e1:6b:83:f0:2a:ab:06:57:c5: b2:14:9e:fb:38:87:75:b8:48:65:78:90:7b:80:2f: f3:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:8A:E6:E3:04:88:1A:2D:D0:2F:2B:F7:58:DE:99:F2:BF:04:96:09 X509v3 Authority Key Identifier: keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:eb:4e:44:62:fc:6a:86:13:ea:dd:bc:91:74:84:39:da:a2: bc:69:b1:ac:69:33:76:65:a9:a5:ab:c3:0b:ac:4c:d4:b3:82: b6:56:f9:87:4d:88:ab:97:c1:21:c9:79:94:20:cc:18:5a:9c: 25:52:cf:e0:e2:bd:71:6c:e5:e6:74:37:f2:db:b4:c0:3e:3b: 16:60:7a:21:62:a1:b0:b6:b4:08:ac:9a:0d:d8:70:1e:52:26: 2b:da:6e:5b:c0:7c:30:b1:82:c6:b3:fa:58:40:3b:fd:4a:77: 58:83:8d:b2:58:27:2d:c9:60:0b:11:93:2d:78:a9:b4:94:61: eb:20:fb:60:b0:11:3e:ae:64:36:55:4f:90:9d:e6:5d:fe:08: 01:13:de:e5:79:63:a0:d2:4c:48:7b:44:d8:e9:bc:5a:e5:fa: 40:37:50:d6:62:dd:56:e4:f0:ad:8e:76:79:3c:88:51:28:fd: bd:0b:b5:33:3d:82:54:99:eb:34:ed:c0:df:49:6c:fd:d7:c7: ed:f8:c8:84:2e:7f:d2:f4:53:46:3f:8d:e6:c8:22:38:b1:bc: 89:11:9d:d2:19:87:bb:da:f6:4b:03:71:de:9b:d2:65:83:ad: 0c:c0:55:c6:e9:52:ba:33:21:6e:55:0a:4c:1c:0b:8c:f2:aa: 97:6c:34:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f0wg2U6QQ6uSKann98MLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4 NjYwMWIwHhcNMjUxMjIwMTYwMjE0WhcNMjUxMjIxMTYwMjE0WjAzMTEwLwYDVQQD Eyg0MDhhZTZlMzA0ODgxYTJkZDAyZjJiZjc1OGRlOTlmMmJmMDQ5NjA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolVWyuP6qRKa0FxIx/Cg1PfOGALS W2IdqJuiwka0Kr+b+A4+r3XTVAPVcM11ZpOw0MLB5PfkmdqVVZ2PK2TTkFZdc01Q 68KmDe2LpiRxxNmnZxymufjDVNZ93+EJdnmgBy9O8kTGpsRaW1ruWU8erflghpLt ecNeqpeMxqUYYwui1E8APdZm1PEjBJ8OoWBnvIGAUtoY4D9Aqx409exhvkrgTyzX 7J1rGPOW5nLIJ5jVgXcFGCB7n+Z+j1/tXziF4h0fAVYS/As1m+3AgQRm9DOMHRbj I0NRawy4ZIXgMpYhTti5Jszha4PwKqsGV8WyFJ77OId1uEhleJB7gC/zlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECK5uMEiBot0C8r91jemfK/BJYJMB8GA1UdIwQY MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5 LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUOtORGL8 aoYT6t28kXSEOdqivGmxrGkzdmWppavDC6xM1LOCtlb5h02Iq5fBIcl5lCDMGFqc JVLP4OK9cWzl5nQ38tu0wD47FmB6IWKhsLa0CKyaDdhwHlImK9puW8B8MLGCxrP6 WEA7/Up3WIONslgnLclgCxGTLXiptJRh6yD7YLARPq5kNlVPkJ3mXf4IARPe5Xlj oNJMSHtE2Om8WuX6QDdQ1mLdVuTwrY52eTyIUSj9vQu1Mz2CVJnrNO3A30ls/dfH 7fjIhC5/0vRTRj+N5sgiOLG8iRGd0hmHu9r2SwNx3pvSZYOtDMBVxulSujMhblUK TBwLjPKql2w0rw== -----END CERTIFICATE-----Generated at Sun Dec 21 00:24:48 2025 by rpki-client