This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft File: 3hL5ZansM-LC6HthYb7vuL4obKM.mft (raw, json) Hash identifier: dKh8UENqgpYyhmINJZ7zVE6v8YqlFdVC8jJ0yuP20Jw= Subject key identifier: 96:0E:EE:58:5E:0E:7A:AA:EE:2B:AB:ED:E5:D1:FE:3D:8B:6E:45:21 Authority key identifier: DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3 Certificate issuer: /CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3 Certificate serial: 019B3DC769974B0D2047084F98CE5D2B5D9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft Manifest number: 15AC Signing time: Sat 20 Dec 2025 22:00:37 +0000 Manifest this update: Sat 20 Dec 2025 22:00:37 +0000 Manifest next update: Sun 21 Dec 2025 22:00:37 +0000 Files and hashes: 1: 3hL5ZansM-LC6HthYb7vuL4obKM.crl (hash: a3DdcerF5IW8R71o+IYou1EysRJfQ4iFkFaDjeDBXf8=) 2: WwmcE7wGl7pyI1JEZUrcMqc8ydE.roa (hash: eYdzJRuLYCeHIGBMM52itYWmfWw58ujov0m3EgFoPMo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:69:97:4b:0d:20:47:08:4f:98:ce:5d:2b:5d:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3 Validity Not Before: Dec 20 22:00:37 2025 GMT Not After : Dec 21 22:00:37 2025 GMT Subject: CN=960eee585e0e7aaaee2babede5d1fe3d8b6e4521 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f7:f0:e1:2c:21:8f:76:dc:f8:ad:94:f3:5b: 89:70:e7:31:2e:41:33:70:a0:87:c4:8f:db:a6:d5: 3d:ed:99:6d:b1:b9:92:15:eb:f0:1a:d8:89:a8:fe: b7:fb:94:ca:da:90:38:ea:82:ea:55:17:78:5a:b6: e5:05:b2:3f:7b:6d:49:bb:7c:24:80:e1:b8:6d:e1: 9d:b7:a1:5e:4c:3a:c6:cf:6c:b0:dc:ad:fd:47:b3: ac:5c:2a:bb:e4:6c:e4:74:f1:18:cf:54:85:13:06: 37:c7:0b:39:b6:f5:7b:3f:9a:21:08:22:b3:d5:74: c0:72:00:a0:48:46:50:9f:74:1f:f1:49:22:f2:e4: 84:7e:31:ce:d1:62:8b:27:b6:61:d7:65:a0:6f:8a: 45:d7:0f:77:14:c3:9b:57:9f:b3:f8:d7:1c:38:08: a2:e6:f6:c8:b7:e9:03:b9:eb:e9:d1:5c:09:02:14: 67:dd:7d:aa:51:7b:4d:dc:c2:0e:ee:d7:43:58:3b: 7a:67:9c:af:03:5e:f7:95:bb:85:64:f6:4e:a8:76: 97:17:29:d7:69:c9:2d:ac:22:e7:98:49:86:73:87: 11:87:91:1a:af:48:2a:fa:03:db:5f:60:c0:af:0d: db:00:5b:0d:9f:33:12:84:24:2b:64:fa:43:b7:e1: f0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:0E:EE:58:5E:0E:7A:AA:EE:2B:AB:ED:E5:D1:FE:3D:8B:6E:45:21 X509v3 Authority Key Identifier: keyid:DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:d8:d8:0a:fb:4f:76:63:4e:8c:4d:ab:e9:2d:8a:8a:f7:e5: 1f:cb:0c:62:87:93:c1:24:a6:6d:89:9c:2f:20:64:00:8d:ab: 7d:89:90:3c:5a:e4:c6:08:ee:61:c4:3a:f5:2c:9a:46:ff:d4: a4:27:30:4c:68:ab:b9:95:71:17:fc:28:b9:e8:a7:27:25:5a: 47:7b:32:f4:38:62:c3:55:3b:01:03:dc:e1:bf:3e:fa:8f:a5: 91:18:b5:71:50:d3:0a:d4:f9:84:1d:de:55:b9:cd:7c:59:c0: 26:f6:fa:9a:a5:d1:89:1a:e0:80:c3:22:4d:85:cc:75:22:ca: c9:2a:ff:eb:aa:2a:67:40:46:f1:88:0a:cc:2f:8a:3f:2a:7f: 28:5a:83:01:67:00:b2:48:37:76:20:7e:03:0d:f9:e7:d4:c1: 7c:93:17:fb:cf:b2:26:e7:32:d3:3c:9a:10:e7:de:c2:3f:e2: 9f:85:62:26:fb:af:bc:cb:5a:27:a4:46:46:c7:d3:cc:db:51: 47:5c:27:4f:e0:c5:49:80:5d:b3:b8:4b:38:fc:c3:f7:3f:f9: 84:26:b8:9c:75:92:d2:f0:55:d8:9f:9c:cd:5c:1d:14:fa:2c: ee:75:a3:9f:32:71:83:12:b8:bd:da:81:b9:8e:c8:50:7c:38: ba:c8:73:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x2mXSw0gRwhPmM5dK12eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTJmOTY1YTllYzMzZTJjMmU4N2I2MTYxYmVlZmI4YmUy ODZjYTMwHhcNMjUxMjIwMjIwMDM3WhcNMjUxMjIxMjIwMDM3WjAzMTEwLwYDVQQD Eyg5NjBlZWU1ODVlMGU3YWFhZWUyYmFiZWRlNWQxZmUzZDhiNmU0NTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvfw4Swhj3bc+K2U81uJcOcxLkEz cKCHxI/bptU97ZltsbmSFevwGtiJqP63+5TK2pA46oLqVRd4WrblBbI/e21Ju3wk gOG4beGdt6FeTDrGz2yw3K39R7OsXCq75GzkdPEYz1SFEwY3xws5tvV7P5ohCCKz 1XTAcgCgSEZQn3Qf8Uki8uSEfjHO0WKLJ7Zh12Wgb4pF1w93FMObV5+z+NccOAii 5vbIt+kDuevp0VwJAhRn3X2qUXtN3MIO7tdDWDt6Z5yvA173lbuFZPZOqHaXFynX acktrCLnmEmGc4cRh5Ear0gq+gPbX2DArw3bAFsNnzMShCQrZPpDt+Hw0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJYO7lheDnqq7iur7eXR/j2LbkUhMB8GA1UdIwQY MBaAFN4S+WWp7DPiwuh7YWG+77i+KGyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQt YjZkMTJhYzY2ODMxLzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQtYjZkMTJhYzY2ODMx LzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNjYCvtP dmNOjE2r6S2KivflH8sMYoeTwSSmbYmcLyBkAI2rfYmQPFrkxgjuYcQ69SyaRv/U pCcwTGiruZVxF/woueinJyVaR3sy9Dhiw1U7AQPc4b8++o+lkRi1cVDTCtT5hB3e VbnNfFnAJvb6mqXRiRrggMMiTYXMdSLKySr/66oqZ0BG8YgKzC+KPyp/KFqDAWcA skg3diB+Aw3559TBfJMX+8+yJucy0zyaEOfewj/in4ViJvuvvMtaJ6RGRsfTzNtR R1wnT+DFSYBds7hLOPzD9z/5hCa4nHWS0vBV2J+czVwdFPos7nWjnzJxgxK4vdqB uY7IUHw4ushzoQ== -----END CERTIFICATE-----Generated at Sun Dec 21 00:43:35 2025 by rpki-client