This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft File: 3AXfbkBO-SDmpZKNiWPmpfjWESA.mft (raw, json) Hash identifier: d7cjKoykUwI3ayF/g+3TP8exBYzKKke1na1PiXQK4xQ= Subject key identifier: EB:60:63:F1:4A:D5:8A:D2:EC:E9:70:78:67:7B:EF:9B:C8:FB:F2:1B Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20 Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120 Certificate serial: 019B4438D2255BEDB9C71331C55C99901668 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft Manifest number: 178D Signing time: Mon 22 Dec 2025 04:02:12 +0000 Manifest this update: Mon 22 Dec 2025 04:02:12 +0000 Manifest next update: Tue 23 Dec 2025 04:02:12 +0000 Files and hashes: 1: 3AXfbkBO-SDmpZKNiWPmpfjWESA.crl (hash: e8wFS405oGw3FUmJtYbmOHThTOnzrapLqVRx77G0prs=) 2: VU0FkvZgVaRI8EGkm-qXkP1h2_c.roa (hash: FXgImtBv7FeA5blXsKdg5pD7MuiscFVJi0Lfx25h6e4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:d2:25:5b:ed:b9:c7:13:31:c5:5c:99:90:16:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120 Validity Not Before: Dec 22 04:02:12 2025 GMT Not After : Dec 23 04:02:12 2025 GMT Subject: CN=eb6063f14ad58ad2ece97078677bef9bc8fbf21b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:15:14:74:3f:3f:fd:50:4b:0f:fd:da:12:70: 1f:b5:42:b5:70:ec:e4:6c:59:4e:25:e2:5e:83:da: 98:a1:8e:00:d7:86:3f:d0:8a:d7:34:34:32:68:1d: 9d:c0:78:92:3a:c4:c7:b5:c6:87:bd:3a:c0:f0:d9: de:54:76:16:58:63:14:2b:eb:79:3c:96:56:05:53: ef:a3:d0:da:f1:91:f0:a9:03:65:5c:0f:75:12:a8: 7e:26:03:9f:14:cb:4f:0f:17:ba:12:46:58:e2:54: f6:9b:75:fc:fa:ab:ce:80:bf:43:4a:ea:6c:84:0e: 58:39:1a:2f:7e:b0:71:93:fc:a5:c2:3d:1a:79:25: 1f:29:e4:43:21:23:89:53:7e:77:24:98:3f:46:bf: 45:a1:19:ba:87:51:38:91:bf:cd:30:4a:68:4d:a4: 97:95:e7:7b:b6:e5:45:3e:0a:2d:79:2c:fd:df:ef: 59:8a:44:e5:3f:06:52:43:16:6e:16:ec:c3:9a:ed: e9:b7:9e:00:6b:bd:6f:1a:b9:9e:4a:92:f9:a1:91: 30:21:8f:51:2a:72:fa:8d:54:d9:35:95:0d:6e:15: 8a:77:c5:e3:06:6f:8a:b3:fc:8e:88:a1:85:ad:cf: fd:5b:9e:5c:58:50:c3:0e:af:3b:82:10:35:c0:21: ba:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:60:63:F1:4A:D5:8A:D2:EC:E9:70:78:67:7B:EF:9B:C8:FB:F2:1B X509v3 Authority Key Identifier: keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:fb:08:3c:75:08:9e:55:8b:c5:fb:39:94:2d:5c:98:bd:e8: e0:8d:48:ba:a5:e6:8e:bc:4e:68:1e:41:e1:0f:a8:0a:ab:3c: 64:e9:6d:9b:ae:b8:92:db:1d:5c:0e:13:b8:67:cb:53:e6:ae: 89:db:44:04:8e:fe:9d:0d:fb:59:7a:e4:9f:a1:01:8e:b5:2d: de:01:09:d5:ca:6d:f2:3b:5f:15:46:d5:a6:3c:75:69:bb:1e: 8c:43:a1:3f:f8:49:97:7f:cb:ac:04:32:1b:11:49:93:44:04: ef:4f:a4:aa:6f:f5:9e:32:46:0b:9a:18:10:f0:a5:4e:8a:f3: b2:9d:b8:8f:20:c5:b4:87:44:9e:5d:6e:db:da:33:59:49:c9: ce:4e:d2:c9:8f:f6:12:e1:cb:72:0b:65:63:32:62:1f:76:24: d3:1d:c7:6d:0b:84:61:51:f2:eb:8e:37:dc:9f:5e:75:fb:bd: 26:dc:74:15:25:39:ee:f7:6e:df:7d:0d:20:3a:8d:72:c2:06: 11:a0:10:13:66:09:40:92:31:6f:18:86:a3:0d:4f:0e:8b:65: 6c:2a:00:b1:36:cb:3a:65:5d:a2:af:c4:65:df:cf:bd:f5:63: 6e:f1:d8:96:2b:f7:e2:f0:b0:78:b8:2c:9e:e5:b6:db:4f:ff: a4:3d:e7:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEONIlW+25xxMxxVyZkBZoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk NjExMjAwHhcNMjUxMjIyMDQwMjEyWhcNMjUxMjIzMDQwMjEyWjAzMTEwLwYDVQQD EyhlYjYwNjNmMTRhZDU4YWQyZWNlOTcwNzg2NzdiZWY5YmM4ZmJmMjFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BUUdD8//VBLD/3aEnAftUK1cOzk bFlOJeJeg9qYoY4A14Y/0IrXNDQyaB2dwHiSOsTHtcaHvTrA8NneVHYWWGMUK+t5 PJZWBVPvo9Da8ZHwqQNlXA91Eqh+JgOfFMtPDxe6EkZY4lT2m3X8+qvOgL9DSups hA5YORovfrBxk/ylwj0aeSUfKeRDISOJU353JJg/Rr9FoRm6h1E4kb/NMEpoTaSX led7tuVFPgoteSz93+9ZikTlPwZSQxZuFuzDmu3pt54Aa71vGrmeSpL5oZEwIY9R KnL6jVTZNZUNbhWKd8XjBm+Ks/yOiKGFrc/9W55cWFDDDq87ghA1wCG6mQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOtgY/FK1YrS7OlweGd775vI+/IbMB8GA1UdIwQY MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt YmNlOTM0MjA1YWU4LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4 LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPsIPHUI nlWLxfs5lC1cmL3o4I1IuqXmjrxOaB5B4Q+oCqs8ZOltm664ktsdXA4TuGfLU+au idtEBI7+nQ37WXrkn6EBjrUt3gEJ1cpt8jtfFUbVpjx1absejEOhP/hJl3/LrAQy GxFJk0QE70+kqm/1njJGC5oYEPClTorzsp24jyDFtIdEnl1u29ozWUnJzk7SyY/2 EuHLcgtlYzJiH3Yk0x3HbQuEYVHy64433J9edfu9Jtx0FSU57vdu330NIDqNcsIG EaAQE2YJQJIxbxiGow1PDotlbCoAsTbLOmVdoq/EZd/PvfVjbvHYliv34vCweLgs nuW220//pD3nIQ== -----END CERTIFICATE-----Generated at Mon Dec 22 13:33:58 2025 by rpki-client