This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft File: 3-4r9D8hqBxJLG5qn8bwdNLwohc.mft (raw, json) Hash identifier: argK6D8dHfOytDrrdu9khM29hcXVjx541JG7/sS6zqE= Subject key identifier: 68:6E:0E:A4:2A:3E:5C:C0:94:1A:1C:09:E0:E2:1B:D9:DA:85:F3:81 Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Certificate serial: 019B4D71D272B4637B47634BC8C90F0AD076 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft Manifest number: 179C Signing time: Tue 23 Dec 2025 23:01:03 +0000 Manifest this update: Tue 23 Dec 2025 23:01:03 +0000 Manifest next update: Wed 24 Dec 2025 23:01:03 +0000 Files and hashes: 1: 3-4r9D8hqBxJLG5qn8bwdNLwohc.crl (hash: ri9DgKZ9Fzkr/i7oJidKqsEfJOTrYaGEdYPXAHAyTU0=) 2: K0TFEKD6Jt4eOFvjhXpLcR-sKAw.roa (hash: DiTuJ8zdptPdKEXMu7Rx5XzUhg/taulk9eNvKwAnd+E=) 3: Low4CRi4iGKYokty-NINmJn09rg.roa (hash: Mly1uM7PqUcjuRWWihLVa+ejMa5zwEjs5HqRkIM9ZCc=) 4: TUldFuXRlNkhcxG2k3pbkLp8w6k.roa (hash: u8w+hKuVRJcapFna3Gt95nB+zwn2rJ1IH60Do+ZSEr0=) 5: VFLtaw7ddcrkuS71SLZjd28hT9Y.roa (hash: wkImuoriz8/Wt+wr39TPtXLgxrVgYHqbWY2XyO00qX4=) 6: fWDdDEZ5-7TJ7ifcAQ9Kizx3VI0.roa (hash: 9iAjE9rwQQFIjLwRuw0Wl4wwOwQae4btRIJRt6LJVxE=) 7: iYMgW4EcYcU5AKm4CceLlPmJSsA.roa (hash: 7zWW49XDo1LsXGWIP2om4UTMjsubF7Ml4DbV3OJ7N00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 19:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:71:d2:72:b4:63:7b:47:63:4b:c8:c9:0f:0a:d0:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Validity Not Before: Dec 23 23:01:03 2025 GMT Not After : Dec 24 23:01:03 2025 GMT Subject: CN=686e0ea42a3e5cc0941a1c09e0e21bd9da85f381 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:0c:46:6a:d7:10:6d:bb:72:d6:6d:f8:64:2b: 55:aa:ed:5f:01:fc:7d:ef:19:4e:7c:3b:fa:50:8e: 1a:56:aa:ac:83:39:8d:ef:90:4e:bc:5f:41:12:4c: 94:db:54:31:fc:ea:42:cf:e4:50:4c:6a:05:18:42: 00:98:5f:42:d7:6c:59:85:be:c0:ca:6d:74:66:6e: 23:ae:90:cb:e6:d1:e5:e0:42:2a:3d:d2:d8:ce:a4: ad:93:0e:0e:e2:1b:fe:40:1d:cf:d5:39:eb:4d:f6: 98:19:0e:7b:ec:70:6d:6a:8a:1b:b7:c8:c6:7b:0d: ea:8a:66:4a:6f:43:4c:55:92:d8:8a:40:bc:37:1d: 39:fa:b0:d5:88:c1:e0:a8:0c:df:b8:d5:dd:76:a3: dc:9a:48:6c:13:db:2d:fb:16:59:6d:f0:95:03:37: 45:4b:90:d3:72:10:32:38:8d:e9:af:92:ca:1e:90: 69:c0:20:b7:2c:71:52:90:c0:e0:93:fb:e1:63:a1: 23:b7:2c:e6:45:ca:dc:d0:82:30:d7:bc:a1:2b:a2: 17:28:9c:8f:f7:bb:58:8d:29:1c:73:19:31:af:23: 00:c3:8e:bb:c9:0b:26:ab:3f:40:cd:ee:cc:d3:53: bb:75:3d:b1:cf:fd:c2:12:ba:0c:e1:37:62:7a:ff: d2:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:6E:0E:A4:2A:3E:5C:C0:94:1A:1C:09:E0:E2:1B:D9:DA:85:F3:81 X509v3 Authority Key Identifier: keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:c9:a8:bd:1a:fa:85:31:a9:b5:fa:d6:ff:62:0d:4b:eb:ff: d4:1a:ca:de:22:d4:f5:9a:b9:65:ce:4b:eb:e6:6d:f6:11:95: fd:67:50:04:f7:4b:e9:16:01:a2:23:fe:f9:3f:4d:a3:d5:15: 92:ec:41:ba:39:42:e5:32:62:a2:bb:6c:13:d9:a1:fd:65:65: 22:97:eb:c2:c5:84:27:fb:fd:0d:56:ff:55:23:c7:09:e7:07: 1e:79:51:69:80:ff:58:b6:ef:8d:49:a2:23:94:3d:61:3f:00: 5e:71:45:76:50:5a:3d:7f:a3:02:7e:b6:9d:be:dd:64:65:9d: 87:ae:d5:36:77:9e:70:a6:00:d8:a6:38:79:c9:4c:13:d8:8d: b9:c0:25:06:24:0a:69:99:8c:36:d5:c8:95:a6:af:62:76:df: 15:22:08:4c:90:bb:c3:e7:f0:d5:92:e4:28:5e:3d:9b:dd:bb: a0:6b:80:64:00:7b:c2:ae:99:65:3e:53:0b:7e:02:80:c5:fa: 95:e3:73:d8:59:9c:6b:07:d8:1b:c8:4a:11:6d:fb:ba:90:05: 65:51:df:ce:9b:62:0e:99:31:0c:61:1d:b5:5e:a5:ad:c8:cc: 89:38:0c:e1:40:eb:b4:c2:e5:65:1b:a7:4d:c3:b3:87:c6:77: 58:c9:d4:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtNcdJytGN7R2NLyMkPCtB2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm MGEyMTcwHhcNMjUxMjIzMjMwMTAzWhcNMjUxMjI0MjMwMTAzWjAzMTEwLwYDVQQD Eyg2ODZlMGVhNDJhM2U1Y2MwOTQxYTFjMDllMGUyMWJkOWRhODVmMzgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowxGatcQbbty1m34ZCtVqu1fAfx9 7xlOfDv6UI4aVqqsgzmN75BOvF9BEkyU21Qx/OpCz+RQTGoFGEIAmF9C12xZhb7A ym10Zm4jrpDL5tHl4EIqPdLYzqStkw4O4hv+QB3P1TnrTfaYGQ577HBtaoobt8jG ew3qimZKb0NMVZLYikC8Nx05+rDViMHgqAzfuNXddqPcmkhsE9st+xZZbfCVAzdF S5DTchAyOI3pr5LKHpBpwCC3LHFSkMDgk/vhY6EjtyzmRcrc0IIw17yhK6IXKJyP 97tYjSkccxkxryMAw467yQsmqz9Aze7M01O7dT2xz/3CEroM4Tdiev/SoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGhuDqQqPlzAlBocCeDiG9nahfOBMB8GA1UdIwQY MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt MjhkNzhlYjlmMmRjLzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYsmovRr6 hTGptfrW/2INS+v/1BrK3iLU9Zq5Zc5L6+Zt9hGV/WdQBPdL6RYBoiP++T9No9UV kuxBujlC5TJiortsE9mh/WVlIpfrwsWEJ/v9DVb/VSPHCecHHnlRaYD/WLbvjUmi I5Q9YT8AXnFFdlBaPX+jAn62nb7dZGWdh67VNneecKYA2KY4eclME9iNucAlBiQK aZmMNtXIlaavYnbfFSIITJC7w+fw1ZLkKF49m927oGuAZAB7wq6ZZT5TC34CgMX6 leNz2FmcawfYG8hKEW37upAFZVHfzptiDpkxDGEdtV6lrcjMiTgM4UDrtMLlZRun TcOzh8Z3WMnUJg== -----END CERTIFICATE-----Generated at Wed Dec 24 04:48:33 2025 by rpki-client