This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json) Hash identifier: kBNbF+K+M/OXZPEPSnDOh/AReIekzuxqRKa6Dqr2L74= Subject key identifier: 34:0A:AB:82:05:AA:5E:F1:2E:EE:F9:77:E7:82:38:0D:D2:30:45:59 Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Certificate serial: 019B3CB506239B0EAC3325941F1FFA9E8BB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft Manifest number: 0837 Signing time: Sat 20 Dec 2025 17:00:54 +0000 Manifest this update: Sat 20 Dec 2025 17:00:54 +0000 Manifest next update: Sun 21 Dec 2025 17:00:54 +0000 Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: 4k9xpGh92jW34PA5os23GaT/HCwzjz+/E6IRIr7BdvE=) 2: ZADDQFMtFH6S9zPMPQBQ4k81zyw.roa (hash: Ha83MqIvOdOtkCK5xewSiOaqIZRDTizbHU6fnUXgFbA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b5:06:23:9b:0e:ac:33:25:94:1f:1f:fa:9e:8b:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Validity Not Before: Dec 20 17:00:54 2025 GMT Not After : Dec 21 17:00:54 2025 GMT Subject: CN=340aab8205aa5ef12eeef977e782380dd2304559 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:4b:1b:e2:b9:a1:2c:c2:10:0b:5b:eb:92:61: 8a:85:69:db:93:31:cb:20:bd:7c:dc:7b:d8:a7:03: b6:a6:7a:a7:ae:bf:13:36:eb:1d:f3:e6:3b:86:01: 72:67:86:eb:ec:2a:fc:7a:e5:df:22:0c:e4:37:16: 7d:ab:55:2f:54:74:cd:38:7f:e3:c5:07:f2:dc:d3: 00:20:cc:a6:ac:82:41:55:9e:fb:16:59:c4:0d:1b: 3d:d7:1d:a1:3c:8b:c1:97:c2:c2:e7:ca:87:09:f6: f0:16:17:b5:bb:8a:23:84:6f:f0:da:d4:8e:eb:3f: 2c:ca:d3:79:41:ba:2b:c6:5e:29:8a:ea:08:6a:a0: 94:9d:4b:74:96:54:24:87:3b:e0:b5:32:5a:0a:8b: 45:23:9e:91:94:1d:c8:a4:a8:f7:a2:15:9d:80:72: 04:29:58:72:58:25:90:89:73:27:ab:3f:61:8e:b1: 2d:95:1a:e6:27:a9:96:58:04:3d:0a:ab:ec:6d:68: 26:5d:b4:c3:eb:8a:e6:b8:7a:95:8e:12:38:41:17: dd:c2:a7:53:b3:d4:5a:a7:a0:e9:07:df:9e:2d:24: 0e:93:2a:f2:01:a2:43:6d:fd:56:e8:2f:25:eb:6f: 71:91:ea:ef:58:8a:71:75:00:bf:51:4e:b9:8f:9f: 1a:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:0A:AB:82:05:AA:5E:F1:2E:EE:F9:77:E7:82:38:0D:D2:30:45:59 X509v3 Authority Key Identifier: keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:d9:19:43:1d:b6:f4:ad:c4:d9:cd:60:03:e6:7b:9c:6a:e7: 12:f8:eb:a9:63:2c:44:7d:96:53:b0:41:6f:05:3a:f4:01:85: 38:a1:1c:e5:d5:ae:a6:67:81:ef:b4:99:06:04:67:e7:9f:64: a9:19:99:fc:5f:b4:3c:e2:31:e4:85:70:a7:3d:47:37:6f:50: 0b:ac:70:de:6e:75:20:b6:7e:b1:99:aa:7d:27:4b:f3:38:a5: 41:1a:b5:20:8d:60:bb:db:ce:18:38:c2:04:1e:31:bc:a6:05: 80:8c:e4:14:96:de:e2:e2:f6:86:e6:78:2f:93:7e:38:90:44: 26:9a:dd:17:f5:5c:47:1f:45:9b:5b:6a:74:95:51:81:70:06: 5b:ae:43:ba:a9:1c:09:18:0c:20:ca:8d:b1:27:d8:a6:75:bd: 76:6a:cd:11:fb:0f:d7:56:46:ee:13:db:af:2b:42:9a:30:0f: af:ea:7a:fb:75:53:44:2b:5f:c3:49:77:0b:2e:87:41:1e:3f: f2:4a:be:e7:89:5f:94:82:cd:e0:5a:5f:0b:20:d3:96:44:38: 05:6e:ba:7d:6f:69:1f:7d:bf:47:dd:5f:4c:6f:01:1a:e6:e1: 9f:46:49:98:8e:4a:9d:1c:f3:96:50:41:12:03:48:09:9f:1b: 27:0e:3b:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tQYjmw6sMyWUHx/6nou3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw NWNkYjIwHhcNMjUxMjIwMTcwMDU0WhcNMjUxMjIxMTcwMDU0WjAzMTEwLwYDVQQD EygzNDBhYWI4MjA1YWE1ZWYxMmVlZWY5NzdlNzgyMzgwZGQyMzA0NTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUsb4rmhLMIQC1vrkmGKhWnbkzHL IL183HvYpwO2pnqnrr8TNusd8+Y7hgFyZ4br7Cr8euXfIgzkNxZ9q1UvVHTNOH/j xQfy3NMAIMymrIJBVZ77FlnEDRs91x2hPIvBl8LC58qHCfbwFhe1u4ojhG/w2tSO 6z8sytN5Qborxl4piuoIaqCUnUt0llQkhzvgtTJaCotFI56RlB3IpKj3ohWdgHIE KVhyWCWQiXMnqz9hjrEtlRrmJ6mWWAQ9CqvsbWgmXbTD64rmuHqVjhI4QRfdwqdT s9Rap6DpB9+eLSQOkyryAaJDbf1W6C8l629xkervWIpxdQC/UU65j58aEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQKq4IFql7xLu75d+eCOA3SMEVZMB8GA1UdIwQY MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK9kZQx22 9K3E2c1gA+Z7nGrnEvjrqWMsRH2WU7BBbwU69AGFOKEc5dWupmeB77SZBgRn559k qRmZ/F+0POIx5IVwpz1HN29QC6xw3m51ILZ+sZmqfSdL8zilQRq1II1gu9vOGDjC BB4xvKYFgIzkFJbe4uL2huZ4L5N+OJBEJprdF/VcRx9Fm1tqdJVRgXAGW65Duqkc CRgMIMqNsSfYpnW9dmrNEfsP11ZG7hPbrytCmjAPr+p6+3VTRCtfw0l3Cy6HQR4/ 8kq+54lflILN4FpfCyDTlkQ4BW66fW9pH32/R91fTG8BGubhn0ZJmI5KnRzzllBB EgNICZ8bJw47ng== -----END CERTIFICATE-----Generated at Sat Dec 20 23:38:34 2025 by rpki-client