This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft File: cl3CBR5_PY1hf1UYng7m8xdNkto.mft (raw, json) Hash identifier: 6ibJDSuhQDn+/+PWOQf0qF536mPFPbb8hvLPN48ttHo= Subject key identifier: ED:A6:95:3C:FD:18:CE:80:90:33:95:85:DC:3F:C4:E7:65:84:67:E8 Authority key identifier: 72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA Certificate issuer: /CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da Certificate serial: 019B6D332B24B868EB0A7A13258DE40D46BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft Manifest number: 04C6 Signing time: Tue 30 Dec 2025 03:00:28 +0000 Manifest this update: Tue 30 Dec 2025 03:00:28 +0000 Manifest next update: Wed 31 Dec 2025 03:00:28 +0000 Files and hashes: 1: cl3CBR5_PY1hf1UYng7m8xdNkto.crl (hash: ffbStYNP0POT0NHTJY6SeYl7uSkNMsYmCNgsmsYxCmU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:33:2b:24:b8:68:eb:0a:7a:13:25:8d:e4:0d:46:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=725dc2051e7f3d8d617f55189e0ee6f3174d92da Validity Not Before: Dec 30 03:00:28 2025 GMT Not After : Dec 31 03:00:28 2025 GMT Subject: CN=eda6953cfd18ce8090339585dc3fc4e7658467e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:03:bf:6e:0b:78:9d:59:52:5b:3c:b3:5a:57: 84:7d:b7:e7:49:51:54:5a:ea:46:d9:f6:7d:1d:e3: 90:5d:46:af:14:af:f6:ae:60:cd:ad:c0:17:8e:26: 65:95:92:1a:f3:4d:31:f7:bc:5d:f7:50:41:f8:7e: 69:30:10:d6:83:33:8d:07:dd:fc:f6:9f:00:ce:40: 45:54:41:4c:b1:f4:8a:b9:1f:1e:b3:e6:62:5b:b0: 74:67:84:be:9c:a5:03:7a:ef:4e:56:a7:3d:13:5e: a2:70:a8:08:05:d5:7e:32:53:76:57:01:e0:13:48: 4f:f4:74:d0:07:4f:1f:5c:94:28:c6:f6:81:6c:3f: b8:28:26:8e:0c:c0:11:e8:68:c6:a8:ca:2c:1c:44: 28:27:71:4b:06:8b:95:51:51:11:53:76:e6:88:ca: 61:a6:b3:74:14:c7:ed:71:f1:04:3f:72:a8:b5:92: 01:65:48:5f:9b:84:e6:ec:1e:3e:2f:e7:2a:2d:30: 4c:c2:d3:fe:e2:4c:33:69:5a:43:48:0a:c4:a5:14: 9c:59:b4:b1:a9:6b:c2:a5:66:41:2b:f0:8b:d3:72: 48:78:8b:87:43:56:12:27:a1:5f:32:a8:b6:1b:ec: a9:81:87:5b:a0:5a:31:85:9e:29:86:f3:5c:a2:6f: 1e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:A6:95:3C:FD:18:CE:80:90:33:95:85:DC:3F:C4:E7:65:84:67:E8 X509v3 Authority Key Identifier: keyid:72:5D:C2:05:1E:7F:3D:8D:61:7F:55:18:9E:0E:E6:F3:17:4D:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cl3CBR5_PY1hf1UYng7m8xdNkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/984111-6f7c-4e69-94c9-ff0f52633527/1/cl3CBR5_PY1hf1UYng7m8xdNkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:a4:48:32:d7:0c:0d:a9:4a:53:0f:2e:7c:a4:af:6e:63:26: 9f:dc:81:f3:37:54:0d:77:6c:3d:b7:45:7e:1d:6d:b2:41:76: bc:78:62:b3:57:43:9c:e9:8b:45:5f:06:40:68:c0:fa:7d:05: 71:d7:43:eb:47:41:b0:44:84:9b:2e:25:31:1d:12:57:cc:a8: 20:fc:9c:c8:ba:a9:30:81:a6:08:f4:45:ec:4c:4d:5e:61:77: 69:a0:c8:98:cf:9e:92:98:ab:38:2c:4d:b6:39:55:28:41:cb: 11:16:d7:80:79:b9:21:10:30:45:8c:ca:17:47:92:52:d4:99: da:cb:0a:b0:1e:f5:51:a5:3a:bd:5f:82:40:fc:69:b3:e6:70: bf:34:7f:66:ed:ac:41:63:b4:03:1c:cd:4f:5d:f4:a2:ea:02: b4:69:59:f5:42:d3:78:62:0a:fe:63:43:a0:0d:0e:69:35:40: 4a:1e:06:69:88:e2:0c:dd:f9:56:86:b4:95:ed:dc:59:d1:d2: 64:5a:cb:83:18:f1:8c:49:46:41:98:21:49:84:03:53:8e:82: 52:8c:47:99:12:4a:37:6b:ba:71:50:2d:95:42:55:2c:39:0c: 9f:d2:54:5c:3f:8a:4f:49:88:cf:c7:24:8f:98:26:07:8b:c0: 10:97:53:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttMyskuGjrCnoTJY3kDUa7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNWRjMjA1MWU3ZjNkOGQ2MTdmNTUxODllMGVlNmYzMTc0 ZDkyZGEwHhcNMjUxMjMwMDMwMDI4WhcNMjUxMjMxMDMwMDI4WjAzMTEwLwYDVQQD EyhlZGE2OTUzY2ZkMThjZTgwOTAzMzk1ODVkYzNmYzRlNzY1ODQ2N2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQO/bgt4nVlSWzyzWleEfbfnSVFU WupG2fZ9HeOQXUavFK/2rmDNrcAXjiZllZIa800x97xd91BB+H5pMBDWgzONB938 9p8AzkBFVEFMsfSKuR8es+ZiW7B0Z4S+nKUDeu9OVqc9E16icKgIBdV+MlN2VwHg E0hP9HTQB08fXJQoxvaBbD+4KCaODMAR6GjGqMosHEQoJ3FLBouVUVERU3bmiMph prN0FMftcfEEP3KotZIBZUhfm4Tm7B4+L+cqLTBMwtP+4kwzaVpDSArEpRScWbSx qWvCpWZBK/CL03JIeIuHQ1YSJ6FfMqi2G+ypgYdboFoxhZ4phvNcom8eEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO2mlTz9GM6AkDOVhdw/xOdlhGfoMB8GA1UdIwQY MBaAFHJdwgUefz2NYX9VGJ4O5vMXTZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0Yzkt ZmYwZjUyNjMzNTI3LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC85ODQxMTEtNmY3Yy00ZTY5LTk0YzktZmYwZjUyNjMzNTI3 LzEvY2wzQ0JSNV9QWTFoZjFVWW5nN204eGROa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfKRIMtcM DalKUw8ufKSvbmMmn9yB8zdUDXdsPbdFfh1tskF2vHhis1dDnOmLRV8GQGjA+n0F cddD60dBsESEmy4lMR0SV8yoIPycyLqpMIGmCPRF7ExNXmF3aaDImM+ekpirOCxN tjlVKEHLERbXgHm5IRAwRYzKF0eSUtSZ2ssKsB71UaU6vV+CQPxps+ZwvzR/Zu2s QWO0AxzNT130ouoCtGlZ9ULTeGIK/mNDoA0OaTVASh4GaYjiDN35Voa0le3cWdHS ZFrLgxjxjElGQZghSYQDU46CUoxHmRJKN2u6cVAtlUJVLDkMn9JUXD+KT0mIz8ck j5gmB4vAEJdTVw== -----END CERTIFICATE-----Generated at Tue Dec 30 08:01:02 2025 by rpki-client