This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft File: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json) Hash identifier: Ou69DlPGERpMBZ/04JhUHAJvVM0J4iSM9h7Q/BmpoLY= Subject key identifier: A8:01:FE:34:3B:74:A3:1A:FB:DD:5C:3B:47:41:BB:19:A9:4D:28:2E Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 Certificate issuer: /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Certificate serial: 019B51BCCAD3188A4172E1793A463E76ABDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft Manifest number: 08B9 Signing time: Wed 24 Dec 2025 19:01:25 +0000 Manifest this update: Wed 24 Dec 2025 19:01:25 +0000 Manifest next update: Thu 25 Dec 2025 19:01:25 +0000 Files and hashes: 1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: CqONFJ8aqCanDTmU77cbPEKI+eNukrx+XAb2sCS6BDc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:ca:d3:18:8a:41:72:e1:79:3a:46:3e:76:ab:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Validity Not Before: Dec 24 19:01:25 2025 GMT Not After : Dec 25 19:01:25 2025 GMT Subject: CN=a801fe343b74a31afbdd5c3b4741bb19a94d282e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:88:0f:30:c0:b0:2e:5c:21:8c:8a:a0:1b:9a: b4:13:b9:f4:72:30:2d:06:d7:09:fc:ae:a1:9b:55: 9b:f1:da:9e:09:59:13:17:68:cb:9d:30:8d:3e:91: c0:d5:6e:6a:17:2e:b8:2f:a6:c2:98:ef:9e:9e:61: b6:5a:ac:42:5a:dd:2a:49:57:60:ff:15:6f:b6:da: e9:c2:8f:8c:dc:f8:de:9a:a4:12:f5:95:27:26:43: 33:4e:f0:dc:dc:5f:3e:be:03:6b:b8:d5:81:6e:02: b5:64:f6:19:73:e7:75:3e:23:27:86:59:76:c9:9a: 15:36:1f:2e:ce:3e:3d:94:fb:c0:2d:a2:e1:75:f4: b4:e0:2b:f4:0d:a0:99:35:6b:ef:53:9b:b6:76:9c: 32:95:99:29:b4:5e:43:97:f7:c9:35:63:ad:be:92: e9:d0:fa:8a:91:c8:56:24:a3:7b:9f:1a:34:60:4b: b4:a2:c1:45:26:b9:f4:f0:d5:94:d8:3a:ba:5d:8e: 26:85:08:b3:ba:5f:fc:ab:75:43:6c:5e:ff:82:d5: d0:f1:81:56:f8:9b:15:ac:e4:30:c7:c8:ac:cc:2d: 63:d2:cf:df:cb:84:c1:8c:64:99:5c:26:b6:4a:05: 8b:3e:28:81:52:11:9a:ff:53:83:43:ca:07:c8:84: 3e:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:01:FE:34:3B:74:A3:1A:FB:DD:5C:3B:47:41:BB:19:A9:4D:28:2E X509v3 Authority Key Identifier: keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:ae:28:3c:29:65:77:e8:57:2f:9e:4e:83:d5:66:68:6f:2c: 57:79:36:62:94:e0:2b:16:54:28:87:f6:fa:ce:a7:d0:4b:7e: 8b:c3:a5:2d:34:bd:c2:e9:4f:22:29:10:d5:74:7c:56:31:83: a3:5a:a1:e6:8b:9e:e4:3f:3b:55:ec:32:81:af:5e:32:dd:6e: eb:61:1f:38:0b:d1:b2:3f:d0:d9:2e:5c:da:6d:0e:20:d1:69: 16:3b:39:09:18:68:c9:7c:66:fe:8b:a3:6c:14:b9:c3:77:ec: 24:5b:98:ed:c1:65:c3:c6:66:ac:d9:be:cf:83:e1:7a:ba:93: 0c:34:24:84:5b:99:44:a0:35:0d:d0:55:35:dd:83:82:0e:6b: a3:31:18:68:15:ce:d4:9d:eb:c9:cd:65:67:20:c1:f2:2f:14: 11:f7:69:e2:91:bc:61:96:18:2c:f4:cf:3e:c3:2a:8a:62:ce: 29:db:f3:38:6f:3e:dc:49:1d:cf:43:b1:c3:51:fd:f6:fc:9f: 30:6d:f4:35:97:11:28:40:fe:4b:9a:c9:ff:cd:f6:e3:78:e3: 3d:99:eb:43:dc:a6:2b:88:47:28:78:64:8e:ca:42:32:8d:40: ed:96:8f:45:df:23:ef:25:5a:c6:8a:8e:97:e9:d4:47:df:5d: 2c:4a:2f:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvMrTGIpBcuF5OkY+dqvcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0 OTA3YjMwHhcNMjUxMjI0MTkwMTI1WhcNMjUxMjI1MTkwMTI1WjAzMTEwLwYDVQQD EyhhODAxZmUzNDNiNzRhMzFhZmJkZDVjM2I0NzQxYmIxOWE5NGQyODJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYgPMMCwLlwhjIqgG5q0E7n0cjAt BtcJ/K6hm1Wb8dqeCVkTF2jLnTCNPpHA1W5qFy64L6bCmO+enmG2WqxCWt0qSVdg /xVvttrpwo+M3PjemqQS9ZUnJkMzTvDc3F8+vgNruNWBbgK1ZPYZc+d1PiMnhll2 yZoVNh8uzj49lPvALaLhdfS04Cv0DaCZNWvvU5u2dpwylZkptF5Dl/fJNWOtvpLp 0PqKkchWJKN7nxo0YEu0osFFJrn08NWU2Dq6XY4mhQizul/8q3VDbF7/gtXQ8YFW +JsVrOQwx8iszC1j0s/fy4TBjGSZXCa2SgWLPiiBUhGa/1ODQ8oHyIQ+iQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKgB/jQ7dKMa+91cO0dBuxmpTSguMB8GA1UdIwQY MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADq4oPCll d+hXL55Og9VmaG8sV3k2YpTgKxZUKIf2+s6n0Et+i8OlLTS9wulPIikQ1XR8VjGD o1qh5oue5D87Vewyga9eMt1u62EfOAvRsj/Q2S5c2m0OINFpFjs5CRhoyXxm/ouj bBS5w3fsJFuY7cFlw8ZmrNm+z4PherqTDDQkhFuZRKA1DdBVNd2Dgg5rozEYaBXO 1J3ryc1lZyDB8i8UEfdp4pG8YZYYLPTPPsMqimLOKdvzOG8+3Ekdz0Oxw1H99vyf MG30NZcRKED+S5rJ/83243jjPZnrQ9ymK4hHKHhkjspCMo1A7ZaPRd8j7yVaxoqO l+nUR99dLEov8g== -----END CERTIFICATE-----Generated at Thu Dec 25 03:15:52 2025 by rpki-client