This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft File: 3erZGbhaEwUdAgi34o3cyzmLFNY.mft (raw, json) Hash identifier: hJvCqMALkWoTBCdCXOuDC9erugSPOhSKU4Db7aq6GH0= Subject key identifier: 9C:84:9F:4C:22:72:68:E2:4F:FF:2A:D6:16:29:3E:18:99:E5:4B:D5 Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6 Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6 Certificate serial: 019B454A8AF591628033589EB238E6011926 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft Manifest number: 1791 Signing time: Mon 22 Dec 2025 09:01:11 +0000 Manifest this update: Mon 22 Dec 2025 09:01:11 +0000 Manifest next update: Tue 23 Dec 2025 09:01:11 +0000 Files and hashes: 1: 3erZGbhaEwUdAgi34o3cyzmLFNY.crl (hash: sKUEWbKl+Dq/hfTeRUyfr9i11K/UcBP86OGV9zuVzZI=) 2: gyBGqWNKS8K0vTNBAA3GKNL77Vo.roa (hash: BXXbMCiaPDwWpKluJbMJNiQFpxOCWm/ZXx0AVN6V8Ew=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 09:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:4a:8a:f5:91:62:80:33:58:9e:b2:38:e6:01:19:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6 Validity Not Before: Dec 22 09:01:11 2025 GMT Not After : Dec 23 09:01:11 2025 GMT Subject: CN=9c849f4c227268e24fff2ad616293e1899e54bd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:f3:6c:2f:7f:1e:3a:d9:cb:7e:20:2e:7c:b8: cc:59:68:11:57:6e:5f:ca:76:d2:e8:ed:40:c0:63: fb:34:a5:cf:04:98:c2:b6:f8:f6:0e:63:66:57:d4: 09:16:5f:ae:d2:33:b9:d9:7d:98:f4:3c:60:21:46: 31:0e:f4:b8:ce:37:9e:cc:30:74:b7:47:3c:84:b1: a2:05:93:55:9f:94:da:bf:c2:1a:e6:d0:87:87:57: 07:2a:07:dc:7d:81:a5:60:34:62:bb:95:cd:6f:57: 3d:3d:b9:50:16:d6:ca:b2:7e:f8:46:79:dd:52:a8: ec:51:f3:1d:26:6a:d8:12:dc:49:6b:94:86:df:ba: 44:d5:3b:4d:5e:62:bd:51:79:de:2f:59:c2:f4:5b: b4:b8:aa:51:82:44:03:49:de:0f:28:86:2a:70:6f: 28:b0:86:d2:f8:93:ed:18:85:b2:72:f1:df:74:71: 57:8d:6a:ff:8f:da:d1:1a:18:23:46:ef:e1:98:a2: 79:b7:f1:5f:e0:d4:17:1b:d6:92:a2:de:aa:a1:06: d7:c8:54:a3:62:82:ba:d2:5b:e0:30:56:c8:3a:b5: 55:7e:bf:38:e3:3c:2b:b3:00:85:14:ec:16:fe:f3: 4d:a7:2d:ae:b2:01:9e:cc:ac:4e:2c:63:a6:25:0c: 0a:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:84:9F:4C:22:72:68:E2:4F:FF:2A:D6:16:29:3E:18:99:E5:4B:D5 X509v3 Authority Key Identifier: keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:ab:76:08:b0:5c:ef:a7:a7:60:47:83:68:87:b0:5a:ba:9a: b9:3b:99:9a:c4:47:48:53:87:8e:c2:7d:8b:7b:6d:97:14:4e: 8a:5d:a8:89:81:5b:f8:59:ab:99:ee:33:a0:b8:8e:66:95:de: 28:02:0d:11:d4:46:4d:bc:ed:70:f9:50:c4:49:d1:03:5e:4a: 0c:35:eb:1c:7e:8e:f7:ac:f5:1f:9a:fc:71:38:4f:58:b2:2e: 3d:9b:68:75:3f:88:c4:c8:aa:3e:81:c8:2e:d9:ce:e8:fc:96: ef:d2:34:c8:8b:07:75:91:2a:66:18:49:80:66:54:c8:70:10: e4:3e:88:ca:48:e4:86:3c:13:a4:8d:ab:d2:89:a6:77:8a:21: 4a:c8:a5:53:ae:b6:70:ce:f9:ed:32:d4:71:d7:5d:18:4b:db: ae:76:c4:6d:a4:e2:f4:be:e3:03:3f:97:c2:12:8e:ce:c0:ec: 39:41:35:c5:ca:e3:95:4a:ff:64:b7:86:b0:fb:72:59:72:a7: a9:14:d2:66:ef:69:99:55:5e:c9:3b:29:67:1c:62:9c:c2:ae: d9:b4:0b:5f:6b:6e:c4:ca:62:74:39:09:19:5e:ca:61:24:c0: 44:2a:48:b0:d1:f6:fe:b9:38:a3:9f:77:40:44:55:ad:a9:57: 57:dd:70:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtFSor1kWKAM1iesjjmARkmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4 YjE0ZDYwHhcNMjUxMjIyMDkwMTExWhcNMjUxMjIzMDkwMTExWjAzMTEwLwYDVQQD Eyg5Yzg0OWY0YzIyNzI2OGUyNGZmZjJhZDYxNjI5M2UxODk5ZTU0YmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfNsL38eOtnLfiAufLjMWWgRV25f ynbS6O1AwGP7NKXPBJjCtvj2DmNmV9QJFl+u0jO52X2Y9DxgIUYxDvS4zjeezDB0 t0c8hLGiBZNVn5Tav8Ia5tCHh1cHKgfcfYGlYDRiu5XNb1c9PblQFtbKsn74Rnnd UqjsUfMdJmrYEtxJa5SG37pE1TtNXmK9UXneL1nC9Fu0uKpRgkQDSd4PKIYqcG8o sIbS+JPtGIWycvHfdHFXjWr/j9rRGhgjRu/hmKJ5t/Ff4NQXG9aSot6qoQbXyFSj YoK60lvgMFbIOrVVfr844zwrswCFFOwW/vNNpy2usgGezKxOLGOmJQwKTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJyEn0wicmjiT/8q1hYpPhiZ5UvVMB8GA1UdIwQY MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt NDhiOGI1YTliNDExLzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi6t2CLBc 76enYEeDaIewWrqauTuZmsRHSFOHjsJ9i3ttlxROil2oiYFb+Fmrme4zoLiOZpXe KAINEdRGTbztcPlQxEnRA15KDDXrHH6O96z1H5r8cThPWLIuPZtodT+IxMiqPoHI LtnO6PyW79I0yIsHdZEqZhhJgGZUyHAQ5D6IykjkhjwTpI2r0ommd4ohSsilU662 cM757TLUcdddGEvbrnbEbaTi9L7jAz+XwhKOzsDsOUE1xcrjlUr/ZLeGsPtyWXKn qRTSZu9pmVVeyTspZxxinMKu2bQLX2tuxMpidDkJGV7KYSTARCpIsNH2/rk4o593 QERVralXV91w0w== -----END CERTIFICATE-----Generated at Mon Dec 22 17:40:15 2025 by rpki-client