This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft File: 3-4r9D8hqBxJLG5qn8bwdNLwohc.mft (raw, json) Hash identifier: AEbXjNx+o7XcgwG+I/tK4GbDg3Nt5k1koztsT/+8BwQ= Subject key identifier: D2:30:A3:F5:3D:4D:0C:F9:F3:80:23:AB:66:1D:7E:1A:77:0D:65:C4 Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Certificate serial: 019B3C0FFC930F662F7A9390D359C1293AD6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft Manifest number: 1793 Signing time: Sat 20 Dec 2025 14:00:39 +0000 Manifest this update: Sat 20 Dec 2025 14:00:39 +0000 Manifest next update: Sun 21 Dec 2025 14:00:39 +0000 Files and hashes: 1: 3-4r9D8hqBxJLG5qn8bwdNLwohc.crl (hash: auR1YLeXEcKug70Fj3myq+ul/9ocjofo39Ul98WRJyY=) 2: K0TFEKD6Jt4eOFvjhXpLcR-sKAw.roa (hash: DiTuJ8zdptPdKEXMu7Rx5XzUhg/taulk9eNvKwAnd+E=) 3: Low4CRi4iGKYokty-NINmJn09rg.roa (hash: Mly1uM7PqUcjuRWWihLVa+ejMa5zwEjs5HqRkIM9ZCc=) 4: TUldFuXRlNkhcxG2k3pbkLp8w6k.roa (hash: u8w+hKuVRJcapFna3Gt95nB+zwn2rJ1IH60Do+ZSEr0=) 5: VFLtaw7ddcrkuS71SLZjd28hT9Y.roa (hash: wkImuoriz8/Wt+wr39TPtXLgxrVgYHqbWY2XyO00qX4=) 6: fWDdDEZ5-7TJ7ifcAQ9Kizx3VI0.roa (hash: 9iAjE9rwQQFIjLwRuw0Wl4wwOwQae4btRIJRt6LJVxE=) 7: iYMgW4EcYcU5AKm4CceLlPmJSsA.roa (hash: 7zWW49XDo1LsXGWIP2om4UTMjsubF7Ml4DbV3OJ7N00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:0f:fc:93:0f:66:2f:7a:93:90:d3:59:c1:29:3a:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Validity Not Before: Dec 20 14:00:39 2025 GMT Not After : Dec 21 14:00:39 2025 GMT Subject: CN=d230a3f53d4d0cf9f38023ab661d7e1a770d65c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:66:73:bc:cc:f7:df:50:15:ae:28:59:8c:37: d2:8b:c5:75:43:a3:44:29:cc:65:ba:06:f9:c4:b1: 75:63:d6:42:6a:08:e6:69:99:54:94:f5:8b:4d:51: 01:03:5f:2f:bb:4c:dd:5c:0c:57:2f:66:f2:be:fa: 90:96:f5:11:95:05:a3:5e:8f:85:27:0a:a4:50:69: a3:cc:b8:13:4a:ba:70:5e:11:a3:3d:4a:21:d3:75: 48:4e:ef:22:00:f2:99:82:c2:db:e2:13:3c:08:66: 0c:46:23:8a:e3:f2:42:27:ff:38:a5:e5:c7:4b:e4: 22:4f:68:41:b8:ef:a5:47:bd:86:48:bc:ae:96:42: 6b:80:c1:4a:69:46:31:e9:09:9b:f3:8b:56:9c:d0: 97:64:2f:d3:71:f0:76:3f:85:5e:e5:3c:b5:8b:63: 99:50:77:3c:2a:b7:8e:88:d0:87:d0:b8:c2:cc:ee: af:d1:be:dc:fe:fe:d7:c2:dd:db:7f:3b:29:1d:c5: 2e:b9:95:37:7c:07:ce:3d:1b:dc:c9:43:23:ce:ac: e3:8a:5d:11:ee:24:db:6f:4f:ae:e3:cb:1b:6e:f5: d8:49:4c:14:dd:d6:a4:0b:ac:20:aa:52:37:b4:e7: dd:9f:58:e0:4a:a1:71:9c:f6:33:af:38:81:4e:46: 75:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:30:A3:F5:3D:4D:0C:F9:F3:80:23:AB:66:1D:7E:1A:77:0D:65:C4 X509v3 Authority Key Identifier: keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:4a:7b:75:7b:14:d5:b6:db:50:d1:89:45:53:8b:04:27:ff: 19:8f:05:0b:43:7c:cd:24:0e:53:fd:a7:09:b8:1b:fc:a4:ad: a3:67:28:20:81:8e:a8:f5:36:01:3a:e8:d1:ec:a4:3c:c7:42: 8b:26:ae:d5:74:21:66:75:5c:b4:2b:83:05:e0:07:cd:1d:bd: c9:9e:01:e1:e2:f5:b4:a4:c2:04:65:ec:ea:5f:30:ca:b4:33: f9:24:69:26:72:34:ad:3d:de:51:79:1e:e7:68:e8:4e:cf:d4: d2:1d:a2:13:b9:6b:f7:8d:e7:62:28:bb:13:5b:e0:2a:f1:2b: c9:cf:06:2f:e1:62:00:2f:d3:cc:4f:67:63:07:2f:64:73:7f: 7c:60:98:6e:01:a1:d9:3f:44:b2:d6:57:20:aa:a4:e0:e1:ca: e8:cf:4d:8d:cf:5b:dc:88:06:2b:9b:78:00:6f:b4:d1:34:be: d2:24:7c:65:84:27:d6:31:9d:d8:9a:55:07:8c:d8:fc:fa:82: 33:12:86:12:3c:ed:21:f9:e3:45:05:e5:c0:10:90:5e:26:96: 26:b7:59:b1:e6:ce:90:a4:b5:3d:ee:7c:e6:1e:93:e9:ce:2e: d2:30:ad:b1:76:22:69:a7:6c:16:e5:a4:db:b0:4c:07:93:e9: 96:8b:eb:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8D/yTD2YvepOQ01nBKTrWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm MGEyMTcwHhcNMjUxMjIwMTQwMDM5WhcNMjUxMjIxMTQwMDM5WjAzMTEwLwYDVQQD EyhkMjMwYTNmNTNkNGQwY2Y5ZjM4MDIzYWI2NjFkN2UxYTc3MGQ2NWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWZzvMz331AVrihZjDfSi8V1Q6NE Kcxlugb5xLF1Y9ZCagjmaZlUlPWLTVEBA18vu0zdXAxXL2byvvqQlvURlQWjXo+F JwqkUGmjzLgTSrpwXhGjPUoh03VITu8iAPKZgsLb4hM8CGYMRiOK4/JCJ/84peXH S+QiT2hBuO+lR72GSLyulkJrgMFKaUYx6Qmb84tWnNCXZC/TcfB2P4Ve5Ty1i2OZ UHc8KreOiNCH0LjCzO6v0b7c/v7Xwt3bfzspHcUuuZU3fAfOPRvcyUMjzqzjil0R 7iTbb0+u48sbbvXYSUwU3dakC6wgqlI3tOfdn1jgSqFxnPYzrziBTkZ1+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNIwo/U9TQz584Ajq2Ydfhp3DWXEMB8GA1UdIwQY MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt MjhkNzhlYjlmMmRjLzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUp7dXsU 1bbbUNGJRVOLBCf/GY8FC0N8zSQOU/2nCbgb/KSto2coIIGOqPU2ATro0eykPMdC iyau1XQhZnVctCuDBeAHzR29yZ4B4eL1tKTCBGXs6l8wyrQz+SRpJnI0rT3eUXke 52joTs/U0h2iE7lr943nYii7E1vgKvEryc8GL+FiAC/TzE9nYwcvZHN/fGCYbgGh 2T9EstZXIKqk4OHK6M9Njc9b3IgGK5t4AG+00TS+0iR8ZYQn1jGd2JpVB4zY/PqC MxKGEjztIfnjRQXlwBCQXiaWJrdZsebOkKS1Pe585h6T6c4u0jCtsXYiaadsFuWk 27BMB5PplovrsQ== -----END CERTIFICATE-----Generated at Sat Dec 20 22:43:35 2025 by rpki-client