This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/c25650-4727-4f88-8f21-c997ae6c5bd4/1/3SvFQDqzU9X8JeWq3OCTKyn0F2o.mft File: 3SvFQDqzU9X8JeWq3OCTKyn0F2o.mft (raw, json) Hash identifier: yT2wTQLT7hLENMAnOsPZi1GTymoljGxDZlmNbskEmrQ= Subject key identifier: CF:9B:E6:0B:AC:1F:88:90:2D:84:A8:16:2C:F8:EC:4C:80:F6:5E:9A Authority key identifier: DD:2B:C5:40:3A:B3:53:D5:FC:25:E5:AA:DC:E0:93:2B:29:F4:17:6A Certificate issuer: /CN=dd2bc5403ab353d5fc25e5aadce0932b29f4176a Certificate serial: 019B38D7F2D06A646D585FEBB9FFEF6A51C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SvFQDqzU9X8JeWq3OCTKyn0F2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/c25650-4727-4f88-8f21-c997ae6c5bd4/1/3SvFQDqzU9X8JeWq3OCTKyn0F2o.mft Manifest number: 73 Signing time: Fri 19 Dec 2025 23:00:35 +0000 Manifest this update: Fri 19 Dec 2025 23:00:35 +0000 Manifest next update: Sat 20 Dec 2025 23:00:35 +0000 Files and hashes: 1: 3SvFQDqzU9X8JeWq3OCTKyn0F2o.crl (hash: By9GSAdmTuEIW1164S7P9qLMa6HVhBx4linw1g5JF/I=) 2: gLtRgaxc3dQh-hyBwzctMY8Z2Kg.roa (hash: kQ5eH+OBT0t4XuJxKyLguz534gAGBpghvIPZ6PMDpiI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/c25650-4727-4f88-8f21-c997ae6c5bd4/1/3SvFQDqzU9X8JeWq3OCTKyn0F2o.crl rsync://rpki.ripe.net/repository/DEFAULT/38/c25650-4727-4f88-8f21-c997ae6c5bd4/1/3SvFQDqzU9X8JeWq3OCTKyn0F2o.mft rsync://rpki.ripe.net/repository/DEFAULT/3SvFQDqzU9X8JeWq3OCTKyn0F2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 17:13:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:d7:f2:d0:6a:64:6d:58:5f:eb:b9:ff:ef:6a:51:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd2bc5403ab353d5fc25e5aadce0932b29f4176a Validity Not Before: Dec 19 23:00:35 2025 GMT Not After : Dec 20 23:00:35 2025 GMT Subject: CN=cf9be60bac1f88902d84a8162cf8ec4c80f65e9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a7:5f:0c:c5:40:d6:59:b9:57:9c:fb:df:93: 7c:0d:2e:72:8f:9a:c8:a5:9a:48:1d:2f:d1:19:f8: 80:e4:86:02:76:b7:9a:90:75:a3:3e:c1:07:bf:8a: 56:f9:67:e6:20:54:ec:ca:b1:26:c2:7a:88:db:7c: 14:fb:b5:bb:41:02:1d:7c:80:1b:f1:05:86:5f:a9: f4:ae:6a:18:6c:44:03:a6:dd:d5:72:72:f5:15:d6: 18:52:f7:1d:9e:5a:ba:22:b1:fb:b6:17:06:1f:2e: 04:d2:8b:35:f7:fe:2a:ef:50:83:dc:1b:19:6a:c7: 72:06:18:ca:0e:f4:02:90:b3:90:64:7b:5f:94:97: 83:3b:55:75:d4:d7:a4:24:0f:05:fc:d7:02:e4:c4: 94:45:34:e2:f0:ae:8b:5d:38:bf:7b:7f:3c:0d:42: 87:2e:56:b7:e8:2e:ad:42:37:1e:45:c5:b7:c4:aa: 4c:96:ac:92:b3:db:a1:f8:d8:cc:b7:fb:23:ab:00: 01:19:0f:fa:7e:55:9a:bf:b2:ee:0f:40:87:52:0a: ac:ef:12:c3:91:86:e7:05:75:bd:2a:ef:20:97:a5: 4b:7f:09:c0:1b:0c:11:15:bc:74:1b:37:6c:45:b0: 3f:44:1a:9f:d0:9b:3e:1a:e0:9f:e9:7c:a3:ef:51: 9a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:9B:E6:0B:AC:1F:88:90:2D:84:A8:16:2C:F8:EC:4C:80:F6:5E:9A X509v3 Authority Key Identifier: keyid:DD:2B:C5:40:3A:B3:53:D5:FC:25:E5:AA:DC:E0:93:2B:29:F4:17:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SvFQDqzU9X8JeWq3OCTKyn0F2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/c25650-4727-4f88-8f21-c997ae6c5bd4/1/3SvFQDqzU9X8JeWq3OCTKyn0F2o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/c25650-4727-4f88-8f21-c997ae6c5bd4/1/3SvFQDqzU9X8JeWq3OCTKyn0F2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:63:67:5c:73:68:6e:b7:e8:46:f7:6d:02:3a:91:24:0f:05: 09:c9:37:fc:e1:72:b0:67:9b:b1:9d:31:d3:91:4d:ca:36:fe: 52:6b:c4:ff:44:7d:85:88:9d:13:59:ac:b3:76:4e:8c:4a:ac: c2:bb:df:3e:e4:83:88:bd:a1:f1:3d:48:09:5d:6f:0c:20:b1: ae:77:1c:0f:07:0b:71:b3:f5:a4:38:c5:db:ab:da:32:9e:3a: 25:f1:06:d6:2a:85:ca:0a:02:e8:2d:42:c2:36:fc:96:6b:a9: 4d:98:b5:6f:09:56:b7:7c:b0:65:7c:c7:a2:12:67:03:18:0c: a3:47:14:41:a6:c5:63:a9:ff:90:cc:e7:41:43:66:24:f6:c3: 2d:94:4a:f3:a1:e8:d1:97:e5:95:00:2a:b3:31:69:01:90:34: 1e:53:89:9b:07:a2:a8:5b:3d:d9:e1:cd:1b:d6:51:27:b2:6c: 76:e1:3c:ad:4b:ea:f0:a4:c2:82:dd:0e:f9:ff:fe:be:a7:6e: 49:05:78:f9:be:09:41:74:df:55:68:d5:ab:1a:4c:55:1d:6c: e0:1c:ac:2e:f7:93:af:dc:00:f4:05:d6:37:c2:ce:02:fd:d6: 65:a7:dd:96:67:00:04:50:52:0f:d6:51:6c:e3:f3:b2:4c:f1: 3f:d5:54:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs41/LQamRtWF/ruf/valHJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMmJjNTQwM2FiMzUzZDVmYzI1ZTVhYWRjZTA5MzJiMjlm NDE3NmEwHhcNMjUxMjE5MjMwMDM1WhcNMjUxMjIwMjMwMDM1WjAzMTEwLwYDVQQD EyhjZjliZTYwYmFjMWY4ODkwMmQ4NGE4MTYyY2Y4ZWM0YzgwZjY1ZTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06dfDMVA1lm5V5z735N8DS5yj5rI pZpIHS/RGfiA5IYCdreakHWjPsEHv4pW+WfmIFTsyrEmwnqI23wU+7W7QQIdfIAb 8QWGX6n0rmoYbEQDpt3VcnL1FdYYUvcdnlq6IrH7thcGHy4E0os19/4q71CD3BsZ asdyBhjKDvQCkLOQZHtflJeDO1V11NekJA8F/NcC5MSURTTi8K6LXTi/e388DUKH Lla36C6tQjceRcW3xKpMlqySs9uh+NjMt/sjqwABGQ/6flWav7LuD0CHUgqs7xLD kYbnBXW9Ku8gl6VLfwnAGwwRFbx0GzdsRbA/RBqf0Js+GuCf6Xyj71GaeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM+b5gusH4iQLYSoFiz47EyA9l6aMB8GA1UdIwQY MBaAFN0rxUA6s1PV/CXlqtzgkysp9BdqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1N2RlFEcXpVOVg4SmVXcTNPQ1RLeW4wRjJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9jMjU2NTAtNDcyNy00Zjg4LThmMjEt Yzk5N2FlNmM1YmQ0LzEvM1N2RlFEcXpVOVg4SmVXcTNPQ1RLeW4wRjJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC9jMjU2NTAtNDcyNy00Zjg4LThmMjEtYzk5N2FlNmM1YmQ0 LzEvM1N2RlFEcXpVOVg4SmVXcTNPQ1RLeW4wRjJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhGNnXHNo brfoRvdtAjqRJA8FCck3/OFysGebsZ0x05FNyjb+UmvE/0R9hYidE1mss3ZOjEqs wrvfPuSDiL2h8T1ICV1vDCCxrnccDwcLcbP1pDjF26vaMp46JfEG1iqFygoC6C1C wjb8lmupTZi1bwlWt3ywZXzHohJnAxgMo0cUQabFY6n/kMznQUNmJPbDLZRK86Ho 0ZfllQAqszFpAZA0HlOJmweiqFs92eHNG9ZRJ7JsduE8rUvq8KTCgt0O+f/+vqdu SQV4+b4JQXTfVWjVqxpMVR1s4BysLveTr9wA9AXWN8LOAv3WZafdlmcABFBSD9ZR bOPzskzxP9VU4Q== -----END CERTIFICATE-----Generated at Sat Dec 20 03:34:53 2025 by rpki-client