This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/580c11-3913-4479-bea3-5b1f48b3e214/1/3o44GHrnDLx77WlXWfDgMpn7swI.mft File: 3o44GHrnDLx77WlXWfDgMpn7swI.mft (raw, json) Hash identifier: bwzPCkPpY/e3oYMTCmbJS2Fou9lWzq9215lYy0MyFlQ= Subject key identifier: D4:09:5F:F6:65:CD:F4:43:82:6E:86:68:9F:70:AB:C9:69:9C:C7:72 Authority key identifier: DE:8E:38:18:7A:E7:0C:BC:7B:ED:69:57:59:F0:E0:32:99:FB:B3:02 Certificate issuer: /CN=de8e38187ae70cbc7bed695759f0e03299fbb302 Certificate serial: 019B53E187E56AFD3E1E97E1C8B25531FA59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3o44GHrnDLx77WlXWfDgMpn7swI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/580c11-3913-4479-bea3-5b1f48b3e214/1/3o44GHrnDLx77WlXWfDgMpn7swI.mft Manifest number: 041C Signing time: Thu 25 Dec 2025 05:00:47 +0000 Manifest this update: Thu 25 Dec 2025 05:00:47 +0000 Manifest next update: Fri 26 Dec 2025 05:00:47 +0000 Files and hashes: 1: 3o44GHrnDLx77WlXWfDgMpn7swI.crl (hash: L6+XEy6Gy2I4P5qiO8vdnyg6JYNFpQL1lra4wJmuQUY=) 2: wSO8Qf5_v1p-oNDifbsTI9tUaPY.roa (hash: t8VFb4R1YuauyoB16s9G5smfDaNXuP879i5idHgDRZg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/580c11-3913-4479-bea3-5b1f48b3e214/1/3o44GHrnDLx77WlXWfDgMpn7swI.crl rsync://rpki.ripe.net/repository/DEFAULT/55/580c11-3913-4479-bea3-5b1f48b3e214/1/3o44GHrnDLx77WlXWfDgMpn7swI.mft rsync://rpki.ripe.net/repository/DEFAULT/3o44GHrnDLx77WlXWfDgMpn7swI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:e1:87:e5:6a:fd:3e:1e:97:e1:c8:b2:55:31:fa:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de8e38187ae70cbc7bed695759f0e03299fbb302 Validity Not Before: Dec 25 05:00:47 2025 GMT Not After : Dec 26 05:00:47 2025 GMT Subject: CN=d4095ff665cdf443826e86689f70abc9699cc772 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e2:11:ac:7d:8b:c7:20:81:f5:9e:1c:6c:81: fe:a2:74:2b:95:1d:13:5c:2b:64:b9:80:ca:15:a7: c6:6b:d7:d3:d7:f8:b3:77:c4:19:44:2b:2d:88:4d: 52:0a:ef:58:01:e2:2a:e0:37:3f:9b:65:7f:c0:64: 2f:a1:55:08:07:ec:96:4d:f5:6e:9d:0c:56:1e:24: b7:84:a9:5d:1d:14:94:4a:a1:e8:ff:db:7e:5a:73: 7b:07:0c:d7:b7:e9:1e:05:2e:16:9c:f1:78:84:71: dd:5f:d6:26:23:1c:dd:d2:e1:d7:86:96:f1:a7:e0: 0c:3e:b1:2f:06:9b:ee:74:26:17:bd:2d:29:78:e3: e0:30:d1:47:4d:32:1f:a8:df:1f:17:ad:a7:19:e2: d2:41:83:2b:bc:c7:c6:33:63:a1:e7:db:99:94:1f: 16:fc:43:67:61:44:aa:07:5f:4a:e3:f5:9e:06:42: a0:3a:d9:87:42:36:10:ab:78:c6:0f:3f:03:e8:7a: 52:75:1a:14:3c:80:1b:14:b1:25:f4:a7:4b:0b:0b: d5:d6:01:02:58:e4:5e:22:2a:52:6a:fb:1c:4e:bd: 4f:54:bc:bb:a2:0d:6f:b4:67:82:17:20:1d:19:b7: 73:6b:38:38:5e:15:42:d6:96:e9:7d:fd:47:06:f8: 76:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:09:5F:F6:65:CD:F4:43:82:6E:86:68:9F:70:AB:C9:69:9C:C7:72 X509v3 Authority Key Identifier: keyid:DE:8E:38:18:7A:E7:0C:BC:7B:ED:69:57:59:F0:E0:32:99:FB:B3:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3o44GHrnDLx77WlXWfDgMpn7swI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/580c11-3913-4479-bea3-5b1f48b3e214/1/3o44GHrnDLx77WlXWfDgMpn7swI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/580c11-3913-4479-bea3-5b1f48b3e214/1/3o44GHrnDLx77WlXWfDgMpn7swI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:d2:22:88:e7:3b:a2:99:a8:dc:65:dc:29:6c:8a:c0:a4:49: a4:47:3a:f9:70:81:b8:10:23:f7:4f:cb:19:42:d0:38:dd:98: 03:9f:c3:bd:09:32:ee:4e:f7:fc:94:ec:2a:63:7b:9e:98:c4: ca:d6:76:32:8f:4b:87:84:ec:ee:30:b8:e0:49:65:3a:37:54: 1a:d7:54:30:00:70:57:8b:dc:a6:9e:0e:c8:ee:22:03:d6:0e: ea:22:d5:a3:bf:7e:d1:5e:be:85:c5:81:c2:19:ce:64:2b:99: 90:09:d0:df:76:c2:6d:8a:a5:72:a4:71:ea:2b:1f:f9:9a:1e: 2e:84:61:25:92:3c:99:22:a9:d8:82:5c:76:35:2a:9f:f6:e7: 1f:ae:a0:fa:43:b9:c9:56:fb:34:8e:14:a2:19:f8:74:58:b3: b1:1d:5e:27:3c:dd:d3:79:0e:d9:f7:e5:e6:9f:86:12:4f:72: 05:90:85:67:ed:f5:28:bb:0c:14:c5:12:35:be:cd:24:99:0f: 43:75:cd:84:8c:f3:e2:f4:52:74:9f:a4:ac:af:6e:fc:84:e2: 73:d7:9a:7e:16:1d:5c:15:74:ca:92:a5:67:00:fa:0e:dd:69: 94:56:5c:9c:c2:4d:bd:a4:8d:3b:26:f3:25:5f:17:16:b8:9e: e1:f5:5b:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtT4Yflav0+HpfhyLJVMfpZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlOGUzODE4N2FlNzBjYmM3YmVkNjk1NzU5ZjBlMDMyOTlm YmIzMDIwHhcNMjUxMjI1MDUwMDQ3WhcNMjUxMjI2MDUwMDQ3WjAzMTEwLwYDVQQD EyhkNDA5NWZmNjY1Y2RmNDQzODI2ZTg2Njg5ZjcwYWJjOTY5OWNjNzcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuIRrH2LxyCB9Z4cbIH+onQrlR0T XCtkuYDKFafGa9fT1/izd8QZRCstiE1SCu9YAeIq4Dc/m2V/wGQvoVUIB+yWTfVu nQxWHiS3hKldHRSUSqHo/9t+WnN7BwzXt+keBS4WnPF4hHHdX9YmIxzd0uHXhpbx p+AMPrEvBpvudCYXvS0peOPgMNFHTTIfqN8fF62nGeLSQYMrvMfGM2Oh59uZlB8W /ENnYUSqB19K4/WeBkKgOtmHQjYQq3jGDz8D6HpSdRoUPIAbFLEl9KdLCwvV1gEC WOReIipSavscTr1PVLy7og1vtGeCFyAdGbdzazg4XhVC1pbpff1HBvh2YQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNQJX/ZlzfRDgm6GaJ9wq8lpnMdyMB8GA1UdIwQY MBaAFN6OOBh65wy8e+1pV1nw4DKZ+7MCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM280NEdIcm5ETHg3N1dsWFdmRGdNcG43c3dJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81ODBjMTEtMzkxMy00NDc5LWJlYTMt NWIxZjQ4YjNlMjE0LzEvM280NEdIcm5ETHg3N1dsWFdmRGdNcG43c3dJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS81ODBjMTEtMzkxMy00NDc5LWJlYTMtNWIxZjQ4YjNlMjE0 LzEvM280NEdIcm5ETHg3N1dsWFdmRGdNcG43c3dJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfdIiiOc7 opmo3GXcKWyKwKRJpEc6+XCBuBAj90/LGULQON2YA5/DvQky7k73/JTsKmN7npjE ytZ2Mo9Lh4Ts7jC44EllOjdUGtdUMABwV4vcpp4OyO4iA9YO6iLVo79+0V6+hcWB whnOZCuZkAnQ33bCbYqlcqRx6isf+ZoeLoRhJZI8mSKp2IJcdjUqn/bnH66g+kO5 yVb7NI4Uohn4dFizsR1eJzzd03kO2ffl5p+GEk9yBZCFZ+31KLsMFMUSNb7NJJkP Q3XNhIzz4vRSdJ+krK9u/ITic9eafhYdXBV0ypKlZwD6Dt1plFZcnMJNvaSNOybz JV8XFrie4fVbCA== -----END CERTIFICATE-----Generated at Thu Dec 25 09:16:01 2025 by rpki-client