This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.mft File: 3fz_0QDcAH8alqRDDqhyOJxX1s8.mft (raw, json) Hash identifier: QdnSXQio/RIZN4aXyHGw6FXSXz+rGrIw7HRT0Jt5ZDY= Subject key identifier: 5D:0A:B2:EA:16:99:D6:56:80:CA:83:94:94:E0:72:D4:F7:5B:45:76 Authority key identifier: DD:FC:FF:D1:00:DC:00:7F:1A:96:A4:43:0E:A8:72:38:9C:57:D6:CF Certificate issuer: /CN=ddfcffd100dc007f1a96a4430ea872389c57d6cf Certificate serial: 019B424A3F8A15E729496CFE1CC20C807FE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fz_0QDcAH8alqRDDqhyOJxX1s8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.mft Manifest number: 047D Signing time: Sun 21 Dec 2025 19:02:00 +0000 Manifest this update: Sun 21 Dec 2025 19:02:00 +0000 Manifest next update: Mon 22 Dec 2025 19:02:00 +0000 Files and hashes: 1: 3fz_0QDcAH8alqRDDqhyOJxX1s8.crl (hash: VhX4cf3XsmUU/q3XaNMtyDIUzNRVKmCtOsWsk+XL/EI=) 2: SHvoKKIBU3wgrybj6zWAE812zjc.roa (hash: yK7W9vbdAmqtnEpvGmawrHGyq/oUYACQgVTYc+60SM0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.mft rsync://rpki.ripe.net/repository/DEFAULT/3fz_0QDcAH8alqRDDqhyOJxX1s8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:3f:8a:15:e7:29:49:6c:fe:1c:c2:0c:80:7f:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddfcffd100dc007f1a96a4430ea872389c57d6cf Validity Not Before: Dec 21 19:02:00 2025 GMT Not After : Dec 22 19:02:00 2025 GMT Subject: CN=5d0ab2ea1699d65680ca839494e072d4f75b4576 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:2d:30:c3:d8:e0:4d:b5:24:26:15:0d:c3:2c: 57:f2:4a:51:12:b8:7b:d9:c3:21:b8:12:cc:8b:1a: ad:c0:99:d2:7a:9e:8b:f6:42:fe:e6:97:5f:61:a3: 71:9a:b9:3f:32:68:21:a5:8c:1a:4f:ca:1c:06:ac: b8:c6:d6:ff:fe:da:9e:f2:58:b2:3c:5c:2b:6b:14: d2:51:c8:76:33:fc:34:56:05:ec:91:b9:ab:dd:51: 85:6e:9c:59:91:b3:e3:78:17:a6:03:5d:71:a7:c4: 4d:cc:a7:4e:d8:03:4e:37:db:a8:f5:51:a4:4a:c7: 2f:74:00:64:c5:d8:50:ba:90:0e:98:3c:c1:64:b5: 05:b5:38:f4:58:d4:08:d2:78:06:d7:5a:43:26:c2: 89:8c:b0:c9:60:80:48:4d:bd:5a:e4:22:3a:89:51: a6:9f:b4:d0:a8:d3:5e:3a:d4:27:a2:83:27:73:23: 1c:b5:fb:2c:bc:75:e3:ef:d4:40:15:07:b6:af:6e: d5:f7:32:45:e6:77:9c:5e:6e:75:77:ef:1d:53:e2: 8f:04:8b:c3:84:3a:47:81:49:e7:07:fe:cb:18:87: 0e:3b:e6:bb:ce:49:fa:66:bc:f5:7e:ab:a4:22:b9: d4:6f:88:5e:23:77:2b:2a:d6:10:e2:46:d1:8f:3d: fe:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:0A:B2:EA:16:99:D6:56:80:CA:83:94:94:E0:72:D4:F7:5B:45:76 X509v3 Authority Key Identifier: keyid:DD:FC:FF:D1:00:DC:00:7F:1A:96:A4:43:0E:A8:72:38:9C:57:D6:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fz_0QDcAH8alqRDDqhyOJxX1s8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2fc375-da14-4f7f-8fae-15a6e7df45c9/1/3fz_0QDcAH8alqRDDqhyOJxX1s8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:01:c2:04:6a:bb:43:67:45:3a:2e:cb:4a:ea:bd:b0:45:f2: 84:d4:de:e1:e8:0a:e8:2f:fd:a4:72:a7:71:02:cd:a3:80:ae: e6:18:06:4c:16:60:15:b5:09:6c:56:ba:7a:c2:a0:20:ef:2a: e3:1f:7d:c1:9b:d0:44:3a:ae:a5:07:92:48:7f:2b:1f:b8:20: bd:5d:e5:a0:56:b0:c9:18:f0:7e:3b:46:97:13:ef:ef:dd:09: 7d:b1:97:d0:af:2a:44:b3:85:ed:c9:66:f6:cc:35:bd:c5:68: 54:42:22:de:f7:75:7a:d6:f4:91:60:e1:65:3d:a4:28:fc:b2: 08:bf:9d:45:17:1d:0a:68:1e:c1:9a:6f:3f:45:35:2b:08:bb: 8e:47:fe:c7:cc:71:5d:24:13:8d:26:46:11:29:0b:89:8e:3d: bd:26:11:b1:d5:d1:21:93:06:e1:d3:6b:87:bd:da:8a:43:47: 5e:db:f4:68:9d:a9:2c:6e:72:44:31:c6:50:ef:e7:68:52:6e: 9f:8b:57:c9:09:d2:67:a6:9d:0a:87:5e:4c:30:1a:69:eb:51: 27:a5:f0:c8:a5:8d:25:96:a3:de:f8:41:e3:a6:61:6a:93:ed: 95:ed:b5:b7:13:d9:76:a0:96:9a:9d:75:36:e9:b0:8f:fa:97: 5b:51:a6:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSj+KFecpSWz+HMIMgH/iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZmNmZmQxMDBkYzAwN2YxYTk2YTQ0MzBlYTg3MjM4OWM1 N2Q2Y2YwHhcNMjUxMjIxMTkwMjAwWhcNMjUxMjIyMTkwMjAwWjAzMTEwLwYDVQQD Eyg1ZDBhYjJlYTE2OTlkNjU2ODBjYTgzOTQ5NGUwNzJkNGY3NWI0NTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy0ww9jgTbUkJhUNwyxX8kpRErh7 2cMhuBLMixqtwJnSep6L9kL+5pdfYaNxmrk/MmghpYwaT8ocBqy4xtb//tqe8liy PFwraxTSUch2M/w0VgXskbmr3VGFbpxZkbPjeBemA11xp8RNzKdO2ANON9uo9VGk SscvdABkxdhQupAOmDzBZLUFtTj0WNQI0ngG11pDJsKJjLDJYIBITb1a5CI6iVGm n7TQqNNeOtQnooMncyMctfssvHXj79RAFQe2r27V9zJF5necXm51d+8dU+KPBIvD hDpHgUnnB/7LGIcOO+a7zkn6Zrz1fqukIrnUb4heI3crKtYQ4kbRjz3+WQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF0KsuoWmdZWgMqDlJTgctT3W0V2MB8GA1UdIwQY MBaAFN38/9EA3AB/GpakQw6ocjicV9bPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2Z6XzBRRGNBSDhhbHFSRERxaHlPSnhYMXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8yZmMzNzUtZGExNC00ZjdmLThmYWUt MTVhNmU3ZGY0NWM5LzEvM2Z6XzBRRGNBSDhhbHFSRERxaHlPSnhYMXM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS8yZmMzNzUtZGExNC00ZjdmLThmYWUtMTVhNmU3ZGY0NWM5 LzEvM2Z6XzBRRGNBSDhhbHFSRERxaHlPSnhYMXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADwHCBGq7 Q2dFOi7LSuq9sEXyhNTe4egK6C/9pHKncQLNo4Cu5hgGTBZgFbUJbFa6esKgIO8q 4x99wZvQRDqupQeSSH8rH7ggvV3loFawyRjwfjtGlxPv790JfbGX0K8qRLOF7clm 9sw1vcVoVEIi3vd1etb0kWDhZT2kKPyyCL+dRRcdCmgewZpvP0U1Kwi7jkf+x8xx XSQTjSZGESkLiY49vSYRsdXRIZMG4dNrh73aikNHXtv0aJ2pLG5yRDHGUO/naFJu n4tXyQnSZ6adCodeTDAaaetRJ6XwyKWNJZaj3vhB46ZhapPtle21txPZdqCWmp11 Numwj/qXW1Gm7A== -----END CERTIFICATE-----Generated at Sun Dec 21 22:05:25 2025 by rpki-client