This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft File: 3GbYudONW7Gc-gxGRLRSk9Hotvo.mft (raw, json) Hash identifier: si9/rFMxJEMvCDHtAE00c7y+Pm6W46gWLL6PKWupA7g= Subject key identifier: 03:F6:B7:8C:0E:24:27:47:DA:64:41:F9:EE:3D:21:71:8C:44:10:E9 Authority key identifier: DC:66:D8:B9:D3:8D:5B:B1:9C:FA:0C:46:44:B4:52:93:D1:E8:B6:FA Certificate issuer: /CN=dc66d8b9d38d5bb19cfa0c4644b45293d1e8b6fa Certificate serial: 019B4FCE8317A742CE7E8041C78BF42FE4FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft Manifest number: 1723 Signing time: Wed 24 Dec 2025 10:01:32 +0000 Manifest this update: Wed 24 Dec 2025 10:01:32 +0000 Manifest next update: Thu 25 Dec 2025 10:01:32 +0000 Files and hashes: 1: 3GbYudONW7Gc-gxGRLRSk9Hotvo.crl (hash: HsRiNeai/0JDjcm8diI+nOi2uHV3i03r7/PcOzgvMVE=) 2: bcS-hsDeO0gtgs28TEiHyvA81q0.roa (hash: CeE5W6otaxPvfHxN+lyC5C8i9p819egn6IV1iHF00Ew=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.crl rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:ce:83:17:a7:42:ce:7e:80:41:c7:8b:f4:2f:e4:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc66d8b9d38d5bb19cfa0c4644b45293d1e8b6fa Validity Not Before: Dec 24 10:01:32 2025 GMT Not After : Dec 25 10:01:32 2025 GMT Subject: CN=03f6b78c0e242747da6441f9ee3d21718c4410e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:84:99:ea:d7:41:f5:32:40:9d:16:01:0d:0b: a9:6e:59:0b:49:11:72:15:9f:9d:87:18:3c:96:31: 13:e0:c3:f8:97:0c:ab:c7:78:de:68:ec:66:63:8c: 0c:d7:ee:09:d2:bc:ac:03:a2:28:6c:4c:42:db:51: c5:17:08:94:fe:47:9e:5f:77:44:c8:1c:47:47:13: 3b:da:ac:2f:a3:9a:fa:7f:08:e5:6a:b1:df:2c:1b: ff:f2:c0:30:5f:e1:80:3c:86:99:18:36:0e:5e:e4: 8a:67:c5:6a:b8:e4:d2:d4:8d:5b:8f:c0:a3:00:23: 30:67:00:f0:4d:74:aa:fe:48:fa:d8:da:88:b0:e4: fc:21:8e:21:75:1d:21:b8:b5:0f:05:03:05:ee:d2: 30:2c:43:1d:5d:6e:cc:f0:ab:a5:cb:cb:32:e3:bb: fe:b4:2c:ba:ff:1b:4b:79:b3:a0:00:e9:2f:04:34: 64:97:9b:4e:8c:78:56:06:95:3d:b1:61:d1:1e:10: 5c:80:2c:8d:16:02:0e:d6:6c:4e:c7:60:fc:e8:98: f7:f9:bb:f4:28:d2:9b:65:be:5b:e6:0c:d3:76:b8: 13:e6:3e:f0:51:ae:dc:e6:93:7a:2c:0d:b9:97:a2: dc:14:26:1d:94:82:57:34:de:56:02:bd:a1:e7:2c: a0:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:F6:B7:8C:0E:24:27:47:DA:64:41:F9:EE:3D:21:71:8C:44:10:E9 X509v3 Authority Key Identifier: keyid:DC:66:D8:B9:D3:8D:5B:B1:9C:FA:0C:46:44:B4:52:93:D1:E8:B6:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:e9:93:60:02:40:32:88:01:49:01:11:35:cb:e1:2e:06:f1: c9:8f:f9:b3:7f:2f:fa:ed:f1:e3:43:84:95:83:4a:c5:ac:3a: fd:43:e7:16:0f:da:6e:a7:e7:7f:cb:4a:db:ac:59:c2:cc:0a: e2:50:d3:9f:19:6c:70:23:e3:73:f5:4c:e3:cd:15:45:b5:69: 16:27:3f:52:03:32:fa:09:4e:fa:b9:ae:a1:59:68:93:88:c7: f6:5c:96:44:a1:e7:28:55:aa:b4:80:3b:eb:34:b5:68:58:13: c7:6c:b9:ed:5a:4c:ca:58:42:e6:01:a1:8d:d9:34:7e:eb:d9: b7:26:d3:01:56:f4:94:10:23:67:16:81:ad:f3:71:53:90:25: 4d:ca:b0:42:05:27:5f:a1:79:b2:12:fd:08:5b:6e:02:43:63: 83:0f:11:2b:e9:54:67:d4:2e:a5:f9:22:d7:04:ad:ec:aa:e7: 48:e4:bb:4a:82:bf:ca:bf:d2:24:06:d8:73:68:57:37:7f:cf: 38:59:d9:91:5a:ff:99:6e:ec:b4:cc:c2:55:e6:61:74:e2:39: fb:83:d7:e0:80:3e:69:2b:ae:7b:0b:d6:12:1f:53:46:8b:50: f7:24:2d:43:de:ff:67:bf:c1:d0:c3:0f:f2:b0:8b:7a:16:c4: 98:7f:9a:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzoMXp0LOfoBBx4v0L+T9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNjZkOGI5ZDM4ZDViYjE5Y2ZhMGM0NjQ0YjQ1MjkzZDFl OGI2ZmEwHhcNMjUxMjI0MTAwMTMyWhcNMjUxMjI1MTAwMTMyWjAzMTEwLwYDVQQD EygwM2Y2Yjc4YzBlMjQyNzQ3ZGE2NDQxZjllZTNkMjE3MThjNDQxMGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjISZ6tdB9TJAnRYBDQupblkLSRFy FZ+dhxg8ljET4MP4lwyrx3jeaOxmY4wM1+4J0rysA6IobExC21HFFwiU/keeX3dE yBxHRxM72qwvo5r6fwjlarHfLBv/8sAwX+GAPIaZGDYOXuSKZ8VquOTS1I1bj8Cj ACMwZwDwTXSq/kj62NqIsOT8IY4hdR0huLUPBQMF7tIwLEMdXW7M8Kuly8sy47v+ tCy6/xtLebOgAOkvBDRkl5tOjHhWBpU9sWHRHhBcgCyNFgIO1mxOx2D86Jj3+bv0 KNKbZb5b5gzTdrgT5j7wUa7c5pN6LA25l6LcFCYdlIJXNN5WAr2h5yygZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAP2t4wOJCdH2mRB+e49IXGMRBDpMB8GA1UdIwQY MBaAFNxm2LnTjVuxnPoMRkS0UpPR6Lb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xNGY2ODQtMDQ1My00NjI1LTk2NmUt NDc3MWQxYTRkZGYwLzEvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8xNGY2ODQtMDQ1My00NjI1LTk2NmUtNDc3MWQxYTRkZGYw LzEvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK+mTYAJA MogBSQERNcvhLgbxyY/5s38v+u3x40OElYNKxaw6/UPnFg/abqfnf8tK26xZwswK 4lDTnxlscCPjc/VM480VRbVpFic/UgMy+glO+rmuoVlok4jH9lyWRKHnKFWqtIA7 6zS1aFgTx2y57VpMylhC5gGhjdk0fuvZtybTAVb0lBAjZxaBrfNxU5AlTcqwQgUn X6F5shL9CFtuAkNjgw8RK+lUZ9Qupfki1wSt7KrnSOS7SoK/yr/SJAbYc2hXN3/P OFnZkVr/mW7stMzCVeZhdOI5+4PX4IA+aSuuewvWEh9TRotQ9yQtQ97/Z7/B0MMP 8rCLehbEmH+amg== -----END CERTIFICATE-----Generated at Wed Dec 24 13:39:55 2025 by rpki-client