This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft File: 3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json) Hash identifier: K7G+CGklKsyEv96N/lmlzyXtAbSvtXlp9w70+1vq9UQ= Subject key identifier: 9C:AC:F7:69:4C:67:25:A1:3A:BE:73:F2:4F:D6:A4:39:8D:D2:AB:CB Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F Certificate issuer: /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f Certificate serial: 019B3C7F7ACA22D880F1F41028D24D457CBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft Manifest number: 0A54 Signing time: Sat 20 Dec 2025 16:02:26 +0000 Manifest this update: Sat 20 Dec 2025 16:02:26 +0000 Manifest next update: Sun 21 Dec 2025 16:02:26 +0000 Files and hashes: 1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: cLQl+WU/RuIs5jTWU8Bv/cpjW9YqD5DL8lnmrRgQINI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:7a:ca:22:d8:80:f1:f4:10:28:d2:4d:45:7c:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f Validity Not Before: Dec 20 16:02:26 2025 GMT Not After : Dec 21 16:02:26 2025 GMT Subject: CN=9cacf7694c6725a13abe73f24fd6a4398dd2abcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:c7:98:0a:66:ba:f6:c4:45:16:aa:f0:f5:8b: 19:2e:f1:4f:eb:a0:b9:da:ce:9f:fd:bb:71:56:dc: 6d:95:0d:f0:9c:06:a5:70:a9:9e:b4:74:81:81:83: fd:d4:91:34:87:d6:65:a0:d2:9b:05:74:e3:41:d8: d4:04:bb:fe:ad:d9:58:8f:c5:ae:84:66:26:c5:9f: ed:2c:45:4a:fa:93:b5:04:9d:36:12:fc:4a:ac:0a: 48:f1:78:3e:92:09:7c:46:c3:41:d5:a6:c4:9c:32: c8:c3:95:3f:09:42:8a:79:5d:0f:e1:cb:a2:f0:3c: 13:80:be:f1:2d:aa:4d:09:d1:8c:bb:23:de:34:9d: 5c:5d:20:18:fa:76:f1:c5:61:bc:50:78:de:d5:49: b0:e7:cb:a2:af:f6:96:6b:b7:05:1a:cc:74:4b:4d: 30:a1:62:51:8a:d8:e3:4e:60:5f:fc:6a:82:50:11: 57:a6:f5:ff:88:c1:ad:99:7e:e3:06:ff:05:f0:7c: e3:f6:ed:3a:ed:e4:87:84:c0:81:39:31:55:d9:9a: e3:5e:78:49:1d:50:d2:7e:67:dc:b1:2b:68:63:e3: 64:47:e1:2a:07:0c:b3:0a:42:b3:f2:39:a9:16:67: 9b:1c:22:3b:fd:55:d5:e5:69:79:a9:23:cc:a6:f0: f6:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:AC:F7:69:4C:67:25:A1:3A:BE:73:F2:4F:D6:A4:39:8D:D2:AB:CB X509v3 Authority Key Identifier: keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:51:d3:d2:2c:ab:3d:54:51:3c:e2:cd:ae:d3:69:f8:d3:ed: 04:4b:ed:59:a7:05:01:98:e8:73:b0:c7:50:d4:10:0c:fd:a6: 1c:3f:ff:98:7e:b2:e0:ed:e8:c7:3c:62:ef:b9:4c:b3:d5:4d: 2c:c9:05:d7:b4:70:6c:f4:aa:73:6a:4d:9f:37:05:bb:e8:05: d4:55:5f:07:a2:c6:58:bd:9c:c0:ca:d9:6e:d7:57:33:2d:9f: 52:aa:d9:e0:31:df:bf:33:16:61:ad:e7:04:2d:21:18:a2:23: 44:11:a9:b4:09:59:61:7c:57:62:64:5f:41:25:fa:96:d8:36: c1:c9:94:6b:9d:b0:ff:c0:45:96:df:28:4c:da:65:e8:6c:fd: db:0d:8b:c9:cd:ca:70:f8:98:a0:87:bd:73:a1:f3:9c:0c:6f: c4:76:40:ff:82:01:d0:65:8e:71:ab:fe:09:d8:16:72:60:01: 77:90:fc:d5:28:c6:ba:14:95:c7:2e:c5:fe:34:dd:24:4a:e5: 38:6b:19:2e:4f:6a:24:66:7f:e7:fc:12:12:d9:8c:ce:3b:71: 51:50:e1:aa:24:56:cf:d5:46:7b:15:af:64:25:db:30:35:d6: 89:f8:0e:78:74:32:35:20:22:ba:47:af:b0:01:4f:34:04:17: e1:f9:a4:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f3rKItiA8fQQKNJNRXy/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl NjkwOWYwHhcNMjUxMjIwMTYwMjI2WhcNMjUxMjIxMTYwMjI2WjAzMTEwLwYDVQQD Eyg5Y2FjZjc2OTRjNjcyNWExM2FiZTczZjI0ZmQ2YTQzOThkZDJhYmNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxceYCma69sRFFqrw9YsZLvFP66C5 2s6f/btxVtxtlQ3wnAalcKmetHSBgYP91JE0h9ZloNKbBXTjQdjUBLv+rdlYj8Wu hGYmxZ/tLEVK+pO1BJ02EvxKrApI8Xg+kgl8RsNB1abEnDLIw5U/CUKKeV0P4cui 8DwTgL7xLapNCdGMuyPeNJ1cXSAY+nbxxWG8UHje1Umw58uir/aWa7cFGsx0S00w oWJRitjjTmBf/GqCUBFXpvX/iMGtmX7jBv8F8Hzj9u067eSHhMCBOTFV2ZrjXnhJ HVDSfmfcsStoY+NkR+EqBwyzCkKz8jmpFmebHCI7/VXV5Wl5qSPMpvD23QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJys92lMZyWhOr5z8k/WpDmN0qvLMB8GA1UdIwQY MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr1HT0iyr PVRRPOLNrtNp+NPtBEvtWacFAZjoc7DHUNQQDP2mHD//mH6y4O3oxzxi77lMs9VN LMkF17RwbPSqc2pNnzcFu+gF1FVfB6LGWL2cwMrZbtdXMy2fUqrZ4DHfvzMWYa3n BC0hGKIjRBGptAlZYXxXYmRfQSX6ltg2wcmUa52w/8BFlt8oTNpl6Gz92w2Lyc3K cPiYoIe9c6HznAxvxHZA/4IB0GWOcav+CdgWcmABd5D81SjGuhSVxy7F/jTdJErl OGsZLk9qJGZ/5/wSEtmMzjtxUVDhqiRWz9VGexWvZCXbMDXWifgOeHQyNSAiukev sAFPNAQX4fmk0Q== -----END CERTIFICATE-----Generated at Sat Dec 20 18:51:56 2025 by rpki-client