This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft File: 3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json) Hash identifier: eAHcOsK5JES4xuk5hkJCHfDQoBcVkmOc3ddnqbLC4GI= Subject key identifier: 33:BE:E7:50:7A:77:95:AF:BD:BA:6A:C4:0A:94:4E:B9:BD:EF:E5:26 Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52 Certificate issuer: /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152 Certificate serial: 019BA2D93E981833D64AA1E0E7797D0B5BC5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft Manifest number: 084E Signing time: Fri 09 Jan 2026 13:01:44 +0000 Manifest this update: Fri 09 Jan 2026 13:01:44 +0000 Manifest next update: Sat 10 Jan 2026 13:01:44 +0000 Files and hashes: 1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: Ezu8eAxr8wMT5kgM0sy5bYSdlsi2khUVWUiVp5ojbSQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a2:d9:3e:98:18:33:d6:4a:a1:e0:e7:79:7d:0b:5b:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152 Validity Not Before: Jan 9 13:01:44 2026 GMT Not After : Jan 10 13:01:44 2026 GMT Subject: CN=33bee7507a7795afbdba6ac40a944eb9bdefe526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9d:dd:dc:b5:e6:3a:08:6a:d5:4a:76:ba:0c: c5:13:a5:89:95:ab:41:72:ef:5e:a7:4d:07:1e:ef: a1:fa:18:87:e5:42:c6:ba:79:11:30:10:3e:3b:3d: 0a:5f:59:3d:d1:9b:2b:96:c0:56:90:ed:9f:1a:f8: 0c:b1:6b:ca:2f:39:63:3f:63:f0:99:fa:ac:a6:62: 1f:dd:75:dc:1e:7d:2b:40:8e:08:22:b4:c8:ff:92: 4c:74:64:d8:92:e5:24:8d:ed:4f:80:87:1d:c3:13: f5:b5:37:bf:2f:4e:12:88:6c:2e:69:0b:77:c3:62: 64:3f:81:5a:d7:34:93:7a:fc:11:e5:4a:95:29:79: c3:db:15:f3:26:fc:5b:43:d6:be:9a:4b:75:6d:57: 36:bb:f3:42:d8:c0:ff:9a:0e:db:bf:0e:5f:dc:14: ed:cc:f1:fd:97:17:b4:3a:7b:b3:5a:cf:d6:8f:68: 22:5d:e1:82:a2:07:d9:3c:39:4a:5d:51:fb:be:b8: 39:54:3b:c1:94:7b:8d:61:21:e4:2f:74:f4:98:5e: b7:0e:df:06:95:6e:81:a2:14:92:d9:6c:3f:f1:fa: 8d:b0:ff:3f:39:88:02:49:f3:b8:23:3d:b6:13:13: 08:d9:b8:0d:79:08:1c:45:9d:76:0e:ae:a2:af:a2: 1f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:BE:E7:50:7A:77:95:AF:BD:BA:6A:C4:0A:94:4E:B9:BD:EF:E5:26 X509v3 Authority Key Identifier: keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:c5:b3:62:d0:2e:e2:1a:f1:a9:cd:09:ab:14:9b:58:65:1c: 1b:3a:3e:ab:18:a3:00:48:1b:df:63:03:f5:fa:86:de:06:4f: 8b:d9:7f:1a:85:68:28:5b:20:08:41:8b:1d:f5:70:65:8c:3c: e4:6b:d5:03:0b:24:02:e0:64:9e:f2:25:c9:1b:12:c7:ce:11: cd:b9:45:fa:b5:e4:93:d3:39:99:e1:77:66:77:e6:e9:30:a1: f8:21:c6:29:7a:21:18:23:85:b2:99:58:b5:30:e0:db:80:85: 4c:bc:c6:8b:6e:c3:5d:68:bc:ac:86:d6:2b:1b:1b:58:1d:0d: a1:2d:ad:8b:d2:2e:cb:86:0c:90:9d:68:c8:0b:f3:29:1b:36: a9:cb:7b:bb:0a:54:59:ec:03:c0:3e:91:37:c1:d3:f0:61:86: a9:f1:9c:40:25:69:22:85:af:5a:79:f4:68:25:45:1d:df:0f: d8:cb:7b:d1:a2:5d:a9:aa:1d:e2:50:98:64:4d:50:2e:aa:49: 36:68:e6:a9:84:bd:a7:3b:43:1d:52:14:ac:52:a0:e2:66:19: 58:93:98:91:b6:f7:c4:7e:7e:17:f6:ba:cb:35:be:d3:90:53: 32:d6:4f:e9:b6:54:d6:91:24:d4:6b:c4:6b:78:7e:c0:da:04: 3c:1f:88:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZui2T6YGDPWSqHg53l9C1vFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh OTIxNTIwHhcNMjYwMTA5MTMwMTQ0WhcNMjYwMTEwMTMwMTQ0WjAzMTEwLwYDVQQD EygzM2JlZTc1MDdhNzc5NWFmYmRiYTZhYzQwYTk0NGViOWJkZWZlNTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z3d3LXmOghq1Up2ugzFE6WJlatB cu9ep00HHu+h+hiH5ULGunkRMBA+Oz0KX1k90ZsrlsBWkO2fGvgMsWvKLzljP2Pw mfqspmIf3XXcHn0rQI4IIrTI/5JMdGTYkuUkje1PgIcdwxP1tTe/L04SiGwuaQt3 w2JkP4Fa1zSTevwR5UqVKXnD2xXzJvxbQ9a+mkt1bVc2u/NC2MD/mg7bvw5f3BTt zPH9lxe0OnuzWs/Wj2giXeGCogfZPDlKXVH7vrg5VDvBlHuNYSHkL3T0mF63Dt8G lW6BohSS2Ww/8fqNsP8/OYgCSfO4Iz22ExMI2bgNeQgcRZ12Dq6ir6IfvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDO+51B6d5WvvbpqxAqUTrm97+UmMB8GA1UdIwQY MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADMWzYtAu 4hrxqc0JqxSbWGUcGzo+qxijAEgb32MD9fqG3gZPi9l/GoVoKFsgCEGLHfVwZYw8 5GvVAwskAuBknvIlyRsSx84RzblF+rXkk9M5meF3Znfm6TCh+CHGKXohGCOFsplY tTDg24CFTLzGi27DXWi8rIbWKxsbWB0NoS2ti9Iuy4YMkJ1oyAvzKRs2qct7uwpU WewDwD6RN8HT8GGGqfGcQCVpIoWvWnn0aCVFHd8P2Mt70aJdqaod4lCYZE1QLqpJ NmjmqYS9pztDHVIUrFKg4mYZWJOYkbb3xH5+F/a6yzW+05BTMtZP6bZU1pEk1GvE a3h+wNoEPB+I4Q== -----END CERTIFICATE-----Generated at Fri Jan 9 15:59:47 2026 by rpki-client