This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft File: 3ikhmJ19kMZOuzVliDH-ao9JyTg.mft (raw, json) Hash identifier: LfNTlf2vv7zB4FOcLH//fPmnhrMrzdn3URe7Do/M29k= Subject key identifier: 57:6A:7C:0B:27:CD:0B:B5:20:B7:10:DE:94:43:8C:6D:50:E8:58:E2 Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38 Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938 Certificate serial: 019B3344AD68AEF9CDB68B1DD2EFD7C234C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft Manifest number: 0BF4 Signing time: Thu 18 Dec 2025 21:01:37 +0000 Manifest this update: Thu 18 Dec 2025 21:01:37 +0000 Manifest next update: Fri 19 Dec 2025 21:01:37 +0000 Files and hashes: 1: 3ikhmJ19kMZOuzVliDH-ao9JyTg.crl (hash: flPq9bGUDmg6cYoprPV/V1YShi2pOmz5IsWBUKqakaE=) 2: TOKJ7leUflS6UttAZzwZcKF4cuU.roa (hash: FbxsOsIky6908M3EghoAhEv3FVACCPzpDuJvnzX9foU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:ad:68:ae:f9:cd:b6:8b:1d:d2:ef:d7:c2:34:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938 Validity Not Before: Dec 18 21:01:37 2025 GMT Not After : Dec 19 21:01:37 2025 GMT Subject: CN=576a7c0b27cd0bb520b710de94438c6d50e858e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:4e:ee:76:17:da:ef:f7:c1:44:ec:8a:02:9f: 4f:5b:61:85:d5:d9:79:a3:b3:e1:05:56:b3:31:7b: 57:a3:10:3e:ad:be:00:9b:d7:fd:18:34:a0:9a:25: 7d:1f:36:6b:6e:2d:a0:01:c3:23:26:0a:d1:dc:0a: 37:3d:a4:f2:63:39:ab:05:11:a5:6f:fd:fe:af:bd: 1d:b4:86:62:1e:b2:99:9d:27:99:58:e1:a5:ed:99: a0:77:75:0a:e1:08:5d:23:10:23:29:af:d6:c1:82: 8c:a1:0f:55:6f:00:0f:3c:93:74:67:5e:3b:90:fe: 63:c4:61:cc:ba:54:fe:00:f9:be:18:ad:93:9c:98: 26:3a:b8:e7:fe:da:d9:6f:7a:5c:b9:62:3d:8c:2c: 79:82:d1:61:a3:d3:66:e4:ba:20:5a:a6:da:b8:58: b5:a2:c7:39:d9:0e:58:41:e5:0b:4a:65:dc:b6:c9: 92:fa:7d:b8:a7:be:1b:f2:89:ea:99:f1:11:ca:f9: a0:f1:62:3c:84:4f:63:fd:52:a7:62:d6:68:e2:ea: b4:af:a6:25:75:99:01:4a:c5:0b:0a:ae:69:b8:4b: c3:53:36:99:1e:1b:f1:07:fc:28:62:b3:c9:e1:be: 1c:77:91:cd:dd:07:41:34:d1:2c:5c:cd:8d:04:d0: 22:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:6A:7C:0B:27:CD:0B:B5:20:B7:10:DE:94:43:8C:6D:50:E8:58:E2 X509v3 Authority Key Identifier: keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:63:d6:be:b9:e5:ce:03:21:c6:7c:79:ed:06:2e:5f:7b:a9: dd:3f:e4:5a:b1:8e:53:bf:3b:15:73:e8:ec:f2:2c:1a:2e:18: 64:a0:27:21:bf:5d:82:c7:23:44:a5:82:dd:0a:0b:f4:a4:9c: c4:d8:d9:46:b7:ca:a5:14:28:23:48:a1:1e:02:87:60:c5:15: a4:d2:4a:8a:a9:d6:c0:ae:b4:8b:b8:98:15:a3:a4:02:4e:89: 6f:49:84:4c:04:b9:7a:9e:a9:db:f5:1f:e3:5c:3a:fe:d3:84: 33:5d:95:5f:3d:16:9f:cd:0c:6f:e4:54:a8:58:13:cc:a5:dd: b3:ea:d3:7d:54:17:4c:d0:b9:fb:59:d9:2a:bf:29:45:e5:a3: 93:6b:30:70:06:22:c2:d3:64:6c:93:19:da:da:c7:ab:0c:9c: 04:93:89:a8:a2:70:fd:8f:a5:a3:7b:0c:5d:ed:33:90:4c:88: a2:5f:b3:35:5f:1b:9b:4d:e2:ec:45:dd:01:58:8d:33:8e:63: ec:69:f1:b8:fa:e1:9f:cd:1e:84:a5:26:91:60:94:96:88:9f: 9e:0b:49:ae:12:a7:74:de:e4:3d:5e:7e:35:96:09:73:10:4f: 5d:7e:73:6b:1e:77:a5:ba:61:bb:7f:2f:0b:61:4e:7a:79:0d: bf:2d:ac:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRK1orvnNtosd0u/XwjTJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0 OWM5MzgwHhcNMjUxMjE4MjEwMTM3WhcNMjUxMjE5MjEwMTM3WjAzMTEwLwYDVQQD Eyg1NzZhN2MwYjI3Y2QwYmI1MjBiNzEwZGU5NDQzOGM2ZDUwZTg1OGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk7udhfa7/fBROyKAp9PW2GF1dl5 o7PhBVazMXtXoxA+rb4Am9f9GDSgmiV9HzZrbi2gAcMjJgrR3Ao3PaTyYzmrBRGl b/3+r70dtIZiHrKZnSeZWOGl7Zmgd3UK4QhdIxAjKa/WwYKMoQ9VbwAPPJN0Z147 kP5jxGHMulT+APm+GK2TnJgmOrjn/trZb3pcuWI9jCx5gtFho9Nm5LogWqbauFi1 osc52Q5YQeULSmXctsmS+n24p74b8onqmfERyvmg8WI8hE9j/VKnYtZo4uq0r6Yl dZkBSsULCq5puEvDUzaZHhvxB/woYrPJ4b4cd5HN3QdBNNEsXM2NBNAi1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFdqfAsnzQu1ILcQ3pRDjG1Q6FjiMB8GA1UdIwQY MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct MGI1ZWNiNDc0ZjE1LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1 LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASGPWvrnl zgMhxnx57QYuX3up3T/kWrGOU787FXPo7PIsGi4YZKAnIb9dgscjRKWC3QoL9KSc xNjZRrfKpRQoI0ihHgKHYMUVpNJKiqnWwK60i7iYFaOkAk6Jb0mETAS5ep6p2/Uf 41w6/tOEM12VXz0Wn80Mb+RUqFgTzKXds+rTfVQXTNC5+1nZKr8pReWjk2swcAYi wtNkbJMZ2trHqwycBJOJqKJw/Y+lo3sMXe0zkEyIol+zNV8bm03i7EXdAViNM45j 7GnxuPrhn80ehKUmkWCUloifngtJrhKndN7kPV5+NZYJcxBPXX5zax53pbphu38v C2FOenkNvy2sMQ== -----END CERTIFICATE-----Generated at Fri Dec 19 02:22:29 2025 by rpki-client