This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft File: t3gT9sVnClhoatw9SVV0QpXdFBk.mft (raw, json) Hash identifier: Bk5hlwVoqbTnaa0met58lin6u9z7J0CSNax98nUHPRo= Subject key identifier: 71:85:C3:2D:58:85:BB:00:2F:BD:11:99:40:73:E4:40:C3:28:EF:8D Authority key identifier: B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19 Certificate issuer: /CN=b77813f6c5670a58686adc3d4955744295dd1419 Certificate serial: 019B5BD1F8475C0185E7124F2FCD423F456F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft Manifest number: 1070 Signing time: Fri 26 Dec 2025 18:00:45 +0000 Manifest this update: Fri 26 Dec 2025 18:00:45 +0000 Manifest next update: Sat 27 Dec 2025 18:00:45 +0000 Files and hashes: 1: t3gT9sVnClhoatw9SVV0QpXdFBk.crl (hash: vDG7uHCvdpk5YBy6NdxSRC6yv96ndeXAnMFOf7uLmD0=) 2: xy0ayvCMPxVGUij5mpyeTNFKRNw.roa (hash: tXbOwwPUAQhZJRCjintnYpclKOHIFWoxy2lUX1RBhtc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 18:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:d1:f8:47:5c:01:85:e7:12:4f:2f:cd:42:3f:45:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b77813f6c5670a58686adc3d4955744295dd1419 Validity Not Before: Dec 26 18:00:45 2025 GMT Not After : Dec 27 18:00:45 2025 GMT Subject: CN=7185c32d5885bb002fbd11994073e440c328ef8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a7:cc:69:82:c5:e4:c3:6c:78:2d:6e:c0:4f: 8f:d0:13:c3:1d:61:8b:40:59:63:da:2f:4e:a4:b6: 7f:4d:cd:61:64:5a:aa:6b:a9:b8:34:ae:7f:96:9c: 1c:e4:cc:65:ca:bc:01:68:bb:5f:01:60:bc:b1:88: df:6c:9d:82:7e:4b:ac:71:b0:43:43:27:94:18:71: b7:58:dc:b3:d9:04:34:6e:98:d0:97:5e:1e:d1:9e: 61:58:67:ee:42:ab:04:7a:63:08:14:37:9e:26:2e: c3:ca:01:42:e1:32:8d:e5:46:3c:db:67:1d:06:38: 60:19:d4:ab:2a:01:54:a0:56:af:13:3c:ba:19:27: a5:ef:87:a1:51:ec:aa:9e:a4:4d:c5:ad:f2:f1:8b: 78:c4:36:85:f2:a5:cc:1e:3c:07:f8:2a:f1:09:07: 0d:b8:1f:0b:9a:5d:e6:28:d0:b6:f8:e1:e8:96:d3: 30:17:8d:e3:3c:64:72:81:15:00:38:02:21:0c:eb: a9:69:b4:c2:77:85:ba:72:34:19:6f:af:1a:ce:71: 80:3e:cd:a6:92:d2:8e:ac:df:47:3d:be:ca:ca:7d: 9c:78:bb:a6:a7:66:74:24:e4:2d:f6:9b:22:92:ff: 2e:e0:97:90:c4:bd:f5:58:ef:9c:74:d4:ca:6b:4c: 7a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:85:C3:2D:58:85:BB:00:2F:BD:11:99:40:73:E4:40:C3:28:EF:8D X509v3 Authority Key Identifier: keyid:B7:78:13:F6:C5:67:0A:58:68:6A:DC:3D:49:55:74:42:95:DD:14:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3gT9sVnClhoatw9SVV0QpXdFBk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1f57d5-99c2-4ca9-9350-17735e2c255f/1/t3gT9sVnClhoatw9SVV0QpXdFBk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:c4:10:58:03:8d:23:d7:d4:5c:06:90:15:82:01:73:ac:1b: 1d:b9:61:15:7f:ed:32:d9:0e:1d:91:c5:05:6e:71:5c:94:e1: a8:9c:b0:36:cd:f5:15:db:a9:c0:b6:5a:15:4e:73:ab:51:78: ea:9b:34:5d:2a:65:c0:3a:89:9a:aa:d6:e0:8a:90:5f:c7:c2: cd:07:8e:44:a7:82:8c:00:54:98:4b:54:3b:64:af:56:35:fc: 45:07:a7:18:14:d4:31:6b:90:f3:e2:5c:c1:33:8a:5a:72:7c: c8:4f:eb:79:14:86:7f:19:86:59:b3:92:52:9f:e6:fd:6b:bc: 51:04:0e:ef:ff:1f:b4:b2:b7:c3:dd:42:97:4f:07:07:1a:29: 67:16:d5:7b:ef:90:3e:0e:81:f1:23:f3:dd:16:3b:15:3c:3d: 1e:fb:2c:2e:d8:99:5d:b2:1c:75:ed:df:57:d2:b7:78:05:44: 43:66:de:30:15:8e:aa:cd:b0:68:48:7a:e3:b1:e0:1d:c8:7b: 6c:80:a5:97:7e:0e:b6:7b:62:81:bf:63:02:52:20:81:ef:28: c9:a0:a2:47:27:8a:bd:84:d3:03:de:37:80:5f:a8:6e:d8:22: 9b:ff:92:b6:6b:ec:d0:bb:ef:be:fc:40:39:70:8f:3e:da:77: ff:1b:cc:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtb0fhHXAGF5xJPL81CP0VvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3NzgxM2Y2YzU2NzBhNTg2ODZhZGMzZDQ5NTU3NDQyOTVk ZDE0MTkwHhcNMjUxMjI2MTgwMDQ1WhcNMjUxMjI3MTgwMDQ1WjAzMTEwLwYDVQQD Eyg3MTg1YzMyZDU4ODViYjAwMmZiZDExOTk0MDczZTQ0MGMzMjhlZjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26fMaYLF5MNseC1uwE+P0BPDHWGL QFlj2i9OpLZ/Tc1hZFqqa6m4NK5/lpwc5MxlyrwBaLtfAWC8sYjfbJ2CfkuscbBD QyeUGHG3WNyz2QQ0bpjQl14e0Z5hWGfuQqsEemMIFDeeJi7DygFC4TKN5UY822cd BjhgGdSrKgFUoFavEzy6GSel74ehUeyqnqRNxa3y8Yt4xDaF8qXMHjwH+CrxCQcN uB8Lml3mKNC2+OHoltMwF43jPGRygRUAOAIhDOupabTCd4W6cjQZb68aznGAPs2m ktKOrN9HPb7Kyn2ceLump2Z0JOQt9psikv8u4JeQxL31WO+cdNTKa0x6XwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHGFwy1YhbsAL70RmUBz5EDDKO+NMB8GA1UdIwQY MBaAFLd4E/bFZwpYaGrcPUlVdEKV3RQZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAt MTc3MzVlMmMyNTVmLzEvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8xZjU3ZDUtOTljMi00Y2E5LTkzNTAtMTc3MzVlMmMyNTVm LzEvdDNnVDlzVm5DbGhvYXR3OVNWVjBRcFhkRkJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApsQQWAON I9fUXAaQFYIBc6wbHblhFX/tMtkOHZHFBW5xXJThqJywNs31FdupwLZaFU5zq1F4 6ps0XSplwDqJmqrW4IqQX8fCzQeORKeCjABUmEtUO2SvVjX8RQenGBTUMWuQ8+Jc wTOKWnJ8yE/reRSGfxmGWbOSUp/m/Wu8UQQO7/8ftLK3w91Cl08HBxopZxbVe++Q Pg6B8SPz3RY7FTw9HvssLtiZXbIcde3fV9K3eAVEQ2beMBWOqs2waEh647HgHch7 bICll34Otntigb9jAlIgge8oyaCiRyeKvYTTA943gF+obtgim/+Stmvs0LvvvvxA OXCPPtp3/xvMRw== -----END CERTIFICATE-----Generated at Sat Dec 27 02:50:37 2025 by rpki-client