This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft File: 3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json) Hash identifier: EP7q0po2VgOxJE/hD2OFFRZuN219pNLoCyYejpsFZbM= Subject key identifier: 50:E4:7C:9B:CC:21:CE:3E:91:53:C3:30:45:21:6B:6E:97:63:8C:00 Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04 Certificate issuer: /CN=dc88945c8867a7262ba379b3a69840091a4f1904 Certificate serial: 019B337B3EFB2C8848B4C507E3D9265D2A05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft Manifest number: 0B55 Signing time: Thu 18 Dec 2025 22:01:13 +0000 Manifest this update: Thu 18 Dec 2025 22:01:13 +0000 Manifest next update: Fri 19 Dec 2025 22:01:13 +0000 Files and hashes: 1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: l84+NB9ZKgCK7B9L9s9uPrLnCObtaAsGGsZWQvLHyuk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:3e:fb:2c:88:48:b4:c5:07:e3:d9:26:5d:2a:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904 Validity Not Before: Dec 18 22:01:13 2025 GMT Not After : Dec 19 22:01:13 2025 GMT Subject: CN=50e47c9bcc21ce3e9153c33045216b6e97638c00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a3:ca:67:d1:94:35:6f:2e:ab:f8:28:e5:e8: 05:7c:56:ce:b8:84:4b:75:bf:5e:4b:7e:f2:94:2f: 97:c8:28:d0:3a:78:ea:9c:c0:72:d2:47:e9:69:30: ec:b5:bc:12:64:2c:d4:93:77:84:c4:a3:0a:e3:96: 9b:fb:55:c4:b1:c3:72:7a:a1:c6:d2:e7:8a:f9:ba: d0:5e:fa:3e:a5:71:e0:a9:13:6b:b9:d8:fb:e6:c7: 4b:87:75:5f:d0:34:47:ae:c7:23:cb:65:08:7f:9d: e3:94:11:96:22:5d:c5:d8:e3:f7:45:c2:b0:65:57: 92:b0:a0:f4:24:89:2c:c3:0c:e7:58:8d:bd:ad:6d: cb:27:b9:81:f3:28:e4:55:3e:b0:a6:f6:33:93:71: 7a:61:57:91:78:de:85:01:ce:2c:2a:f8:2e:69:10: 0f:c5:e4:65:6b:37:6c:34:53:52:46:97:fd:8c:d3: aa:b8:bb:80:47:df:30:11:fc:fa:e1:ec:dd:b4:53: 07:2d:f1:99:0a:60:11:f8:73:a8:45:24:f2:b3:44: 14:7d:f9:1a:a2:3f:d5:b3:c6:18:87:13:04:cf:b1: dd:18:3d:8a:fb:64:78:f4:2b:92:3d:3c:dd:40:40: 67:3c:48:b6:fd:9d:78:5c:8a:87:10:e2:8e:fc:5e: c7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:E4:7C:9B:CC:21:CE:3E:91:53:C3:30:45:21:6B:6E:97:63:8C:00 X509v3 Authority Key Identifier: keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:fd:19:1c:b0:0b:d0:0a:ae:74:4d:0b:4f:f1:b4:d2:31:60: 84:a2:c7:81:30:9d:d7:aa:58:97:b7:c3:05:6c:22:99:ce:f6: a7:93:6a:01:36:07:58:43:92:44:22:b5:67:9f:c8:e5:77:d5: c3:7a:e9:94:0a:20:4d:65:6b:5f:7e:47:0c:86:4b:5f:8c:45: ee:8d:10:9e:01:89:2a:d1:9e:39:d6:71:cc:38:80:4a:fd:17: 89:a3:53:c3:12:ec:44:ae:dd:2b:00:14:9a:f5:62:1b:c1:73: 23:d1:ab:1c:98:de:38:a9:1a:e7:d7:46:e5:31:18:ef:b1:15: f5:5b:a4:9b:dc:d5:3b:ef:d7:f0:15:bb:72:ba:02:2f:64:26: fd:53:92:f9:b8:6f:9e:df:ef:d3:b5:5d:63:eb:0e:d4:e2:63: c7:62:94:20:ef:3f:77:d0:11:25:ac:ff:5a:24:44:73:22:45: 9a:a7:ec:24:61:f5:45:d2:88:29:0f:a4:e5:ee:b6:20:b1:a6: 94:e3:2c:d3:b3:a5:6e:a0:4d:f7:ac:24:81:3a:21:94:68:9d: 1d:78:fb:ae:a8:dc:36:62:64:61:40:7d:0c:9a:3e:7c:69:36: 69:ce:e3:af:8a:a2:d3:88:86:60:d4:89:69:28:fd:cd:4e:8a: 0d:f3:68:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszez77LIhItMUH49kmXSoFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0 ZjE5MDQwHhcNMjUxMjE4MjIwMTEzWhcNMjUxMjE5MjIwMTEzWjAzMTEwLwYDVQQD Eyg1MGU0N2M5YmNjMjFjZTNlOTE1M2MzMzA0NTIxNmI2ZTk3NjM4YzAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKPKZ9GUNW8uq/go5egFfFbOuIRL db9eS37ylC+XyCjQOnjqnMBy0kfpaTDstbwSZCzUk3eExKMK45ab+1XEscNyeqHG 0ueK+brQXvo+pXHgqRNrudj75sdLh3Vf0DRHrscjy2UIf53jlBGWIl3F2OP3RcKw ZVeSsKD0JIkswwznWI29rW3LJ7mB8yjkVT6wpvYzk3F6YVeReN6FAc4sKvguaRAP xeRlazdsNFNSRpf9jNOquLuAR98wEfz64ezdtFMHLfGZCmAR+HOoRSTys0QUffka oj/Vs8YYhxMEz7HdGD2K+2R49CuSPTzdQEBnPEi2/Z14XIqHEOKO/F7HbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFDkfJvMIc4+kVPDMEUha26XY4wAMB8GA1UdIwQY MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/0ZHLAL 0AqudE0LT/G00jFghKLHgTCd16pYl7fDBWwimc72p5NqATYHWEOSRCK1Z5/I5XfV w3rplAogTWVrX35HDIZLX4xF7o0QngGJKtGeOdZxzDiASv0XiaNTwxLsRK7dKwAU mvViG8FzI9GrHJjeOKka59dG5TEY77EV9Vukm9zVO+/X8BW7croCL2Qm/VOS+bhv nt/v07VdY+sO1OJjx2KUIO8/d9ARJaz/WiREcyJFmqfsJGH1RdKIKQ+k5e62ILGm lOMs07OlbqBN96wkgTohlGidHXj7rqjcNmJkYUB9DJo+fGk2ac7jr4qi04iGYNSJ aSj9zU6KDfNoZg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:15:57 2025 by rpki-client