This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft File: a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json) Hash identifier: NQM7bqeBmqrGNcCMNkZx733ZQPxK5vudofHBIvbA3E8= Subject key identifier: FF:FA:BC:C4:B4:F7:CB:47:08:42:2D:E4:E2:28:A2:45:DA:7C:EE:9C Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D Certificate issuer: /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d Certificate serial: 019B2D0C9A5C2C93FFF2B49E88A1715D1F17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft Manifest number: 177B Signing time: Wed 17 Dec 2025 16:02:39 +0000 Manifest this update: Wed 17 Dec 2025 16:02:39 +0000 Manifest next update: Thu 18 Dec 2025 16:02:39 +0000 Files and hashes: 1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: bXfGXsfowt+zeUXqd//+R4rwBL5VeGOjhR4CirN6DD4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 16:02:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0c:9a:5c:2c:93:ff:f2:b4:9e:88:a1:71:5d:1f:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d Validity Not Before: Dec 17 16:02:39 2025 GMT Not After : Dec 18 16:02:39 2025 GMT Subject: CN=fffabcc4b4f7cb4708422de4e228a245da7cee9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:8d:59:50:37:8d:c8:3b:94:f0:87:ae:7a:97: c8:05:9b:3b:b7:8f:0f:da:71:82:7f:6c:71:c8:20: d2:c3:58:91:6b:cf:92:f9:64:b9:ba:b7:16:7e:ba: 85:21:54:2f:bf:20:c8:3b:14:f7:3e:7a:de:ee:28: df:2c:11:c2:cc:ba:6e:f4:55:94:fc:9b:f1:46:fa: 9f:ad:01:73:68:57:a3:79:69:49:fa:bc:b4:8c:52: b7:e4:1c:d8:89:36:02:a3:3e:23:e8:b0:07:25:2a: 56:21:b7:65:b7:77:3b:3b:94:f1:f1:76:72:94:a0: a9:7a:29:4e:a2:90:91:13:8a:92:63:2d:0a:0b:93: 55:63:b7:3a:1c:4a:2f:bd:58:24:71:44:d6:e6:80: 44:b3:f9:6e:0c:bb:7d:b8:8d:57:87:88:18:6f:f4: f7:93:bd:b8:62:42:5c:23:20:49:33:c8:6c:61:5a: 47:9a:dc:7d:88:1d:b1:85:d7:6f:72:a4:7e:6d:d4: 44:2d:c6:f3:ab:db:69:3e:c0:b9:1b:ab:78:23:50: af:16:dd:ad:1c:e7:8d:fe:57:b2:a2:a5:dd:3a:98: 2a:87:fd:27:df:bb:99:6f:2d:6e:9d:51:03:d3:d2: 87:31:87:78:b4:07:48:81:92:1e:18:0e:9d:bf:5d: 83:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:FA:BC:C4:B4:F7:CB:47:08:42:2D:E4:E2:28:A2:45:DA:7C:EE:9C X509v3 Authority Key Identifier: keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:4e:3c:d3:de:0e:17:bc:90:ef:d1:23:7e:7e:3e:a5:7c:51: ba:0f:99:d0:08:17:1f:24:4f:46:3e:b7:d9:31:1f:a2:be:46: 8a:7b:0b:7e:e6:ef:a9:e2:2f:3f:02:a3:f1:a0:44:95:87:39: b1:27:31:bc:7d:a1:10:89:32:47:11:32:8a:cc:87:63:17:73: 08:e2:0b:2d:58:19:16:0f:e6:82:27:a6:93:35:de:05:72:6b: 86:2f:fe:b9:60:7b:df:0e:8f:b6:1b:ba:80:58:75:1d:26:2e: fc:ef:49:54:4f:22:73:a6:cd:c9:96:15:04:03:c0:24:33:97: ba:71:af:9c:e9:be:42:f0:2b:2d:4d:66:54:49:cc:2f:95:a9: ce:88:78:ed:fd:18:63:18:d4:8a:97:4a:4a:74:4c:ed:ab:26: 26:45:f2:3d:09:3e:f2:55:1c:6a:8c:fb:78:b8:f7:c6:69:1e: 22:16:59:7e:11:fd:aa:25:f6:64:1f:de:71:c9:45:e8:7a:15: 50:90:07:d1:8a:d4:c5:d9:81:d5:5e:e8:9c:e8:d4:4c:50:e9: 4d:87:2b:2b:28:86:70:c5:7d:99:28:ab:3b:ec:ca:5e:07:27: 59:28:3e:5f:bb:63:cf:1f:4f:61:51:54:b9:cc:7b:2c:3c:d1: 65:43:86:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstDJpcLJP/8rSeiKFxXR8XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1 ZjY2MWQwHhcNMjUxMjE3MTYwMjM5WhcNMjUxMjE4MTYwMjM5WjAzMTEwLwYDVQQD EyhmZmZhYmNjNGI0ZjdjYjQ3MDg0MjJkZTRlMjI4YTI0NWRhN2NlZTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY1ZUDeNyDuU8IeuepfIBZs7t48P 2nGCf2xxyCDSw1iRa8+S+WS5urcWfrqFIVQvvyDIOxT3Pnre7ijfLBHCzLpu9FWU /JvxRvqfrQFzaFejeWlJ+ry0jFK35BzYiTYCoz4j6LAHJSpWIbdlt3c7O5Tx8XZy lKCpeilOopCRE4qSYy0KC5NVY7c6HEovvVgkcUTW5oBEs/luDLt9uI1Xh4gYb/T3 k724YkJcIyBJM8hsYVpHmtx9iB2xhddvcqR+bdRELcbzq9tpPsC5G6t4I1CvFt2t HOeN/leyoqXdOpgqh/0n37uZby1unVED09KHMYd4tAdIgZIeGA6dv12DEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP/6vMS098tHCEIt5OIookXafO6cMB8GA1UdIwQY MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS048094O F7yQ79Ejfn4+pXxRug+Z0AgXHyRPRj632TEfor5GinsLfubvqeIvPwKj8aBElYc5 sScxvH2hEIkyRxEyisyHYxdzCOILLVgZFg/mgiemkzXeBXJrhi/+uWB73w6Pthu6 gFh1HSYu/O9JVE8ic6bNyZYVBAPAJDOXunGvnOm+QvArLU1mVEnML5Wpzoh47f0Y YxjUipdKSnRM7asmJkXyPQk+8lUcaoz7eLj3xmkeIhZZfhH9qiX2ZB/ecclF6HoV UJAH0YrUxdmB1V7onOjUTFDpTYcrKyiGcMV9mSirO+zKXgcnWSg+X7tjzx9PYVFU ucx7LDzRZUOGtA== -----END CERTIFICATE-----Generated at Wed Dec 17 20:47:37 2025 by rpki-client