This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft File: 3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft (raw, json) Hash identifier: htYZor9BexVzPktdbmO/dcGRULS5iIiRDAYayyteVTY= Subject key identifier: D7:80:F4:E2:7D:7F:9D:45:12:72:EA:99:1E:1E:4D:4B:5F:36:72:C6 Authority key identifier: DE:0B:59:FB:68:15:1E:21:DC:99:D6:2F:AF:03:58:9B:E4:1F:BE:A2 Certificate issuer: /CN=de0b59fb68151e21dc99d62faf03589be41fbea2 Certificate serial: 019B3C7F70265553CCA32B4CC00563B4DA06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft Manifest number: 0B8D Signing time: Sat 20 Dec 2025 16:02:23 +0000 Manifest this update: Sat 20 Dec 2025 16:02:23 +0000 Manifest next update: Sun 21 Dec 2025 16:02:23 +0000 Files and hashes: 1: 3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl (hash: b1+t0lIKjhBzTUgxKH3zzG8cYj9p9NT4kUhc39Bzgkk=) 2: EiOjn6Cn36HWuMJFodH0EVbfYdc.roa (hash: prKCNtfilLl42pcGEF7Kjg7za6QhPHVZeIUhroTyVuU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:70:26:55:53:cc:a3:2b:4c:c0:05:63:b4:da:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de0b59fb68151e21dc99d62faf03589be41fbea2 Validity Not Before: Dec 20 16:02:23 2025 GMT Not After : Dec 21 16:02:23 2025 GMT Subject: CN=d780f4e27d7f9d451272ea991e1e4d4b5f3672c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:44:0a:2b:f6:72:9a:f0:c3:90:04:76:d6:c6: cb:2a:56:e1:4b:20:bc:13:11:7b:3b:41:19:7a:80: cb:66:26:8a:e8:56:15:f6:01:c4:f6:bf:6d:bc:27: 68:46:86:96:07:6b:c5:1e:f2:d0:a1:3e:d4:12:72: 63:dd:66:33:c0:1a:33:28:5d:7a:54:a4:0a:73:1e: fe:17:38:12:9f:e4:7c:02:0a:31:3e:96:47:3d:77: 06:11:3a:68:8b:2f:2c:eb:c0:a0:70:73:83:a6:91: b7:f4:69:a1:a8:c4:0e:28:b1:75:a1:6e:30:6e:8d: cc:c9:88:a8:1c:c7:70:e8:49:d2:f1:7b:4a:ab:4e: 69:30:24:99:85:f2:af:ff:7a:3a:66:cc:b8:af:3f: 0e:3a:6b:6b:7e:8d:f8:5b:e9:df:80:e1:1d:c9:0d: 10:44:da:2c:05:77:9a:1f:d2:43:63:76:91:48:db: 48:3d:64:68:c4:73:46:16:72:f6:df:cd:3f:03:20: d6:3e:3e:06:04:dd:ae:14:43:61:d7:1d:97:e2:10: 4e:5b:70:85:ec:2c:cd:ca:3f:63:ff:27:21:f7:ac: 64:99:0f:14:03:04:ca:0b:2a:e4:25:b1:81:52:71: 50:a8:3b:e1:df:ad:76:0b:69:38:1e:02:35:5c:66: 0f:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:80:F4:E2:7D:7F:9D:45:12:72:EA:99:1E:1E:4D:4B:5F:36:72:C6 X509v3 Authority Key Identifier: keyid:DE:0B:59:FB:68:15:1E:21:DC:99:D6:2F:AF:03:58:9B:E4:1F:BE:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:26:9b:e2:31:dd:b0:2a:8a:84:83:ed:84:50:fc:70:a2:45: a6:df:a2:65:f4:46:e4:14:26:be:17:2c:d1:d3:3f:74:ad:05: 72:0a:88:d4:3f:b3:73:1a:e2:91:94:a1:b2:4e:36:21:50:f6: 10:5d:72:98:df:1d:ae:ce:85:1f:54:51:bc:80:29:21:38:37: 39:77:be:4d:0c:f8:93:6b:bf:26:11:ab:95:40:46:a1:69:b8: a3:bd:4a:53:26:7f:9f:3d:84:61:96:96:1f:4c:d7:81:c9:83: 7a:bf:7e:c2:e0:9a:1f:e7:8a:1f:5b:94:4a:88:7e:6a:27:90: fe:91:ea:a2:9f:06:b8:c8:33:aa:ed:b8:13:19:8d:a7:9c:4a: bc:5f:0c:47:0d:b3:ce:67:e1:e5:47:6c:22:b1:73:81:50:b1: be:bf:c6:c2:6d:e8:12:89:ab:57:21:35:2f:e1:82:78:77:7c: c2:ab:a4:cc:27:59:c9:57:0b:4a:fe:11:7b:26:07:91:0b:62: 4a:90:d3:08:82:26:26:83:77:90:44:1a:62:9c:8b:ac:ff:2c: b3:f7:3f:ae:6f:aa:27:98:cf:15:2f:a8:57:bb:a4:0d:96:83: 6b:77:5c:4c:1b:e0:44:47:60:a8:cb:45:15:a4:48:d7:3b:8d: 5f:66:17:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f3AmVVPMoytMwAVjtNoGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMGI1OWZiNjgxNTFlMjFkYzk5ZDYyZmFmMDM1ODliZTQx ZmJlYTIwHhcNMjUxMjIwMTYwMjIzWhcNMjUxMjIxMTYwMjIzWjAzMTEwLwYDVQQD EyhkNzgwZjRlMjdkN2Y5ZDQ1MTI3MmVhOTkxZTFlNGQ0YjVmMzY3MmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6EQKK/ZymvDDkAR21sbLKlbhSyC8 ExF7O0EZeoDLZiaK6FYV9gHE9r9tvCdoRoaWB2vFHvLQoT7UEnJj3WYzwBozKF16 VKQKcx7+FzgSn+R8AgoxPpZHPXcGETpoiy8s68CgcHODppG39GmhqMQOKLF1oW4w bo3MyYioHMdw6EnS8XtKq05pMCSZhfKv/3o6Zsy4rz8OOmtrfo34W+nfgOEdyQ0Q RNosBXeaH9JDY3aRSNtIPWRoxHNGFnL2380/AyDWPj4GBN2uFENh1x2X4hBOW3CF 7CzNyj9j/ych96xkmQ8UAwTKCyrkJbGBUnFQqDvh3612C2k4HgI1XGYP/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNeA9OJ9f51FEnLqmR4eTUtfNnLGMB8GA1UdIwQY MBaAFN4LWftoFR4h3JnWL68DWJvkH76iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85YWQ1MDgtYmZjMS00YjhhLWJhZmMt Y2QwMjQ3ODhlZDNjLzEvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi85YWQ1MDgtYmZjMS00YjhhLWJhZmMtY2QwMjQ3ODhlZDNj LzEvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANCab4jHd sCqKhIPthFD8cKJFpt+iZfRG5BQmvhcs0dM/dK0FcgqI1D+zcxrikZShsk42IVD2 EF1ymN8drs6FH1RRvIApITg3OXe+TQz4k2u/JhGrlUBGoWm4o71KUyZ/nz2EYZaW H0zXgcmDer9+wuCaH+eKH1uUSoh+aieQ/pHqop8GuMgzqu24ExmNp5xKvF8MRw2z zmfh5UdsIrFzgVCxvr/Gwm3oEomrVyE1L+GCeHd8wqukzCdZyVcLSv4ReyYHkQti SpDTCIImJoN3kEQaYpyLrP8ss/c/rm+qJ5jPFS+oV7ukDZaDa3dcTBvgREdgqMtF FaRI1zuNX2YXoQ== -----END CERTIFICATE-----Generated at Sat Dec 20 17:50:11 2025 by rpki-client