This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft File: 3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft (raw, json) Hash identifier: YqwV+3NG/0qeQwRhY9huNTmaETw8eYjXZTdRl0/2gS4= Subject key identifier: 39:4B:EF:6C:FF:95:E9:76:30:34:C6:53:16:95:E0:65:CA:B5:5A:37 Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c Certificate serial: 019B3D91202B916C8682FD51CE73FB530CEE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft Manifest number: 1788 Signing time: Sat 20 Dec 2025 21:01:19 +0000 Manifest this update: Sat 20 Dec 2025 21:01:19 +0000 Manifest next update: Sun 21 Dec 2025 21:01:19 +0000 Files and hashes: 1: 3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl (hash: V/SgQ8cm2l+KNcXntbVHJm45gOdWd9NFFdAcK7dk/i4=) 2: fl1IqJ22OZD_5WNed1aOqRFU-dQ.roa (hash: Kuo9lPYONUc1nk6pXtWGALeHz/jfanabaBDCbZ+GeWY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:91:20:2b:91:6c:86:82:fd:51:ce:73:fb:53:0c:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c Validity Not Before: Dec 20 21:01:19 2025 GMT Not After : Dec 21 21:01:19 2025 GMT Subject: CN=394bef6cff95e9763034c6531695e065cab55a37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:f6:72:8d:79:0f:32:61:61:27:93:6b:ad:88: 32:08:70:ab:45:1c:79:ec:34:d0:5c:95:0b:bc:f4: da:ff:bf:85:97:16:d2:1c:43:a1:ff:ae:f8:3a:85: dc:a7:30:1d:fb:ae:3a:f6:73:63:24:42:5e:c8:69: 23:e9:9a:87:4c:6a:af:23:64:aa:a0:80:71:d5:77: 34:86:91:51:06:6e:4c:1f:a0:7e:a8:2e:65:eb:e0: 5d:af:9e:dc:a8:e6:c2:fc:80:a4:eb:3b:57:0a:f2: 2f:3f:40:8b:c7:8e:62:c4:10:fe:e3:54:7a:07:a8: f1:d1:7e:1f:a7:90:5b:30:a4:08:f2:de:d6:70:d1: bb:1a:d6:fc:15:5c:d2:ca:bd:cc:f7:5e:34:75:b1: 9b:f7:db:d9:4c:c3:21:f0:80:bd:4b:66:cd:e2:12: 38:21:bf:20:fc:45:04:11:43:93:59:f8:9e:c8:1f: 78:40:de:f6:08:0f:7b:6d:84:fd:a9:4d:5a:d0:16: 80:d4:da:17:3d:d0:90:72:69:47:9d:2d:eb:35:5c: 99:8d:89:4c:f2:a6:65:56:c4:0b:ed:1d:3c:50:a2: 7a:7c:ea:92:12:75:a6:2d:b0:09:8b:3b:3a:9b:9f: 3b:74:9c:29:c5:07:25:4e:ec:62:76:f5:d6:5f:a7: 22:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:4B:EF:6C:FF:95:E9:76:30:34:C6:53:16:95:E0:65:CA:B5:5A:37 X509v3 Authority Key Identifier: keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:a7:ee:19:e6:31:a9:11:b8:ce:d0:83:18:1b:df:ae:61:fe: ef:64:e6:bd:e6:9c:d1:99:d0:a3:7a:8a:58:89:9e:69:3b:9a: c9:ec:30:10:95:7e:95:8b:74:cf:18:d1:d8:6f:48:3d:4d:d2: 8a:8a:b8:81:81:17:e9:17:1a:d4:78:29:dc:10:92:20:b4:62: 22:82:22:59:6e:f9:74:1d:9c:18:8f:0e:b2:01:21:80:39:b0: c9:a4:dd:13:e2:0d:e7:55:52:3d:de:66:1b:f5:f7:5e:fa:f2: 4d:05:76:1d:8e:6b:cf:44:08:1f:d4:bc:44:85:17:f3:b8:0f: 07:56:8f:82:a7:3a:7a:aa:ea:da:91:01:93:fe:f6:e8:da:9f: c4:28:1d:e2:fe:69:24:99:c1:07:cd:f5:9d:dc:92:ce:f7:c0: 49:cf:88:b7:c5:4c:18:5e:d8:97:1f:3c:b5:d5:10:56:83:25: 25:88:6e:3a:9e:c1:c4:4a:41:60:7b:bd:5f:8c:4f:04:1e:29: 6e:f3:c0:c6:7a:20:ba:fe:21:aa:05:b4:3d:a6:a3:10:b9:60: 11:e7:7f:6c:f6:17:d5:10:7c:ba:34:b3:78:b9:3f:ae:ce:51: 36:0d:4b:ec:c1:1a:5f:4b:ae:98:c1:62:cc:7c:9f:84:7f:78: 5f:a5:ac:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kSArkWyGgv1RznP7UwzuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlODA0YzljOGE0MzM5N2QxNjc3OWFhOTM0ZjcwNjczODhm YzdkN2MwHhcNMjUxMjIwMjEwMTE5WhcNMjUxMjIxMjEwMTE5WjAzMTEwLwYDVQQD EygzOTRiZWY2Y2ZmOTVlOTc2MzAzNGM2NTMxNjk1ZTA2NWNhYjU1YTM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvZyjXkPMmFhJ5NrrYgyCHCrRRx5 7DTQXJULvPTa/7+FlxbSHEOh/674OoXcpzAd+6469nNjJEJeyGkj6ZqHTGqvI2Sq oIBx1Xc0hpFRBm5MH6B+qC5l6+Bdr57cqObC/ICk6ztXCvIvP0CLx45ixBD+41R6 B6jx0X4fp5BbMKQI8t7WcNG7Gtb8FVzSyr3M9140dbGb99vZTMMh8IC9S2bN4hI4 Ib8g/EUEEUOTWfieyB94QN72CA97bYT9qU1a0BaA1NoXPdCQcmlHnS3rNVyZjYlM 8qZlVsQL7R08UKJ6fOqSEnWmLbAJizs6m587dJwpxQclTuxidvXWX6ciDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDlL72z/lel2MDTGUxaV4GXKtVo3MB8GA1UdIwQY MBaAFN6ATJyKQzl9FneaqTT3BnOI/H18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTIt YWY0ZTUyNDFiZjIwLzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTItYWY0ZTUyNDFiZjIw LzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQafuGeYx qRG4ztCDGBvfrmH+72Tmveac0ZnQo3qKWImeaTuayewwEJV+lYt0zxjR2G9IPU3S ioq4gYEX6Rca1Hgp3BCSILRiIoIiWW75dB2cGI8OsgEhgDmwyaTdE+IN51VSPd5m G/X3XvryTQV2HY5rz0QIH9S8RIUX87gPB1aPgqc6eqrq2pEBk/726NqfxCgd4v5p JJnBB831ndySzvfASc+It8VMGF7Ylx88tdUQVoMlJYhuOp7BxEpBYHu9X4xPBB4p bvPAxnoguv4hqgW0PaajELlgEed/bPYX1RB8ujSzeLk/rs5RNg1L7MEaX0uumMFi zHyfhH94X6WsAA== -----END CERTIFICATE-----Generated at Sat Dec 20 22:37:04 2025 by rpki-client