This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft File: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json) Hash identifier: bRlJhgSoxLcXM1a/EtbaC/Aja+8xyt5WkmRmQ/iBYRY= Subject key identifier: D3:D7:72:F4:A8:FD:4C:8D:F7:60:23:80:3E:DC:D6:C1:46:60:6E:63 Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4 Certificate issuer: /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4 Certificate serial: 019B53AB5FDDC9F91A052BFF729802E6F000 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft Manifest number: 0E86 Signing time: Thu 25 Dec 2025 04:01:38 +0000 Manifest this update: Thu 25 Dec 2025 04:01:38 +0000 Manifest next update: Fri 26 Dec 2025 04:01:38 +0000 Files and hashes: 1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: cWq4ph9R1OY/6HnwMf7jcdtkwYQd2WujfhttJap1Z2Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:ab:5f:dd:c9:f9:1a:05:2b:ff:72:98:02:e6:f0:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4 Validity Not Before: Dec 25 04:01:38 2025 GMT Not After : Dec 26 04:01:38 2025 GMT Subject: CN=d3d772f4a8fd4c8df76023803edcd6c146606e63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:36:3a:86:b9:d7:1c:a4:86:92:9f:fe:1f:eb: fb:b9:0c:13:75:17:21:ff:9d:03:f8:9f:08:bb:92: 0e:52:4b:ab:59:52:c5:44:86:bf:2d:c4:52:4d:7f: c4:ee:55:68:c0:aa:db:fc:40:3d:29:01:95:ba:7e: f8:fc:9c:a1:45:ba:d5:71:19:29:e6:99:3b:d4:35: 81:19:5b:7d:49:4c:d3:ed:6e:a9:c4:87:3a:a1:4c: e9:29:22:0e:5a:b9:fe:d3:7f:a9:9c:91:c1:5d:15: 52:d1:e6:cc:b5:f7:2c:4d:fc:e5:ef:d7:ce:cc:13: 8f:80:e0:ba:3d:8d:91:9a:12:36:65:3d:df:28:1e: ea:ad:c5:1f:de:57:76:a4:d3:29:d4:2e:db:96:fe: 03:5a:e6:ac:5a:93:12:0d:e5:5e:49:95:d5:2c:25: 23:60:f9:b5:b3:29:d1:5f:ae:fd:f0:e5:dd:75:55: c2:c1:16:0e:8d:d9:cc:f5:40:b2:82:cf:8b:6d:fa: ae:5b:6a:3f:69:0a:54:9a:82:8f:5d:c3:75:02:a5: 7f:d1:f2:e1:0f:8a:14:51:b7:32:96:14:44:53:04: 60:dc:71:3f:4c:c6:76:ba:42:8b:c5:fe:90:60:50: d9:f3:90:67:5e:a4:71:a6:dc:ba:ac:26:d4:48:58: 26:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:D7:72:F4:A8:FD:4C:8D:F7:60:23:80:3E:DC:D6:C1:46:60:6E:63 X509v3 Authority Key Identifier: keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:c9:8a:f1:2b:08:9e:8b:b9:7e:78:71:f2:43:42:87:dd:56: 13:fb:72:79:f4:75:b9:77:a7:12:b3:09:ae:fb:9a:8e:7f:8a: 2b:de:63:59:0d:6a:01:9c:7e:ea:83:96:67:0a:9f:5d:f3:0d: c4:8d:18:dd:6b:91:32:03:06:00:c0:71:b4:f7:c0:0c:88:a6: 56:d5:41:7d:84:d2:9b:e4:1d:00:1c:1b:70:fb:7e:09:0b:1b: 95:07:f1:23:fb:df:a4:ad:00:16:96:89:ca:f5:38:2c:d1:4e: de:c8:51:76:66:c5:bb:75:42:de:37:95:81:45:03:80:20:ab: 48:62:76:7d:53:61:12:59:33:86:46:b7:97:9c:bc:51:c2:12: 25:b6:13:a5:57:48:7d:4c:8d:c0:25:86:8c:08:19:e4:83:71: 01:ed:ee:d1:61:d9:61:39:10:a5:53:c2:62:58:3a:51:2a:7a: 0f:28:b4:2a:24:ca:9f:5b:a0:fb:d1:24:f6:4d:a7:98:da:ec: 76:9e:42:78:50:26:a9:aa:f7:ae:e4:63:15:f4:f9:ff:f4:e8: 16:50:26:bd:c7:01:49:66:50:4f:45:73:05:71:f3:59:63:56: dd:8b:99:8b:a0:e4:46:02:1d:37:20:88:d5:92:f5:aa:e6:ce: 3e:6e:17:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTq1/dyfkaBSv/cpgC5vAAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0 MDNjZDQwHhcNMjUxMjI1MDQwMTM4WhcNMjUxMjI2MDQwMTM4WjAzMTEwLwYDVQQD EyhkM2Q3NzJmNGE4ZmQ0YzhkZjc2MDIzODAzZWRjZDZjMTQ2NjA2ZTYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTY6hrnXHKSGkp/+H+v7uQwTdRch /50D+J8Iu5IOUkurWVLFRIa/LcRSTX/E7lVowKrb/EA9KQGVun74/JyhRbrVcRkp 5pk71DWBGVt9SUzT7W6pxIc6oUzpKSIOWrn+03+pnJHBXRVS0ebMtfcsTfzl79fO zBOPgOC6PY2RmhI2ZT3fKB7qrcUf3ld2pNMp1C7blv4DWuasWpMSDeVeSZXVLCUj YPm1synRX6798OXddVXCwRYOjdnM9UCygs+LbfquW2o/aQpUmoKPXcN1AqV/0fLh D4oUUbcylhREUwRg3HE/TMZ2ukKLxf6QYFDZ85BnXqRxpty6rCbUSFgmmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNPXcvSo/UyN92AjgD7c1sFGYG5jMB8GA1UdIwQY MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAncmK8SsI nou5fnhx8kNCh91WE/tyefR1uXenErMJrvuajn+KK95jWQ1qAZx+6oOWZwqfXfMN xI0Y3WuRMgMGAMBxtPfADIimVtVBfYTSm+QdABwbcPt+CQsblQfxI/vfpK0AFpaJ yvU4LNFO3shRdmbFu3VC3jeVgUUDgCCrSGJ2fVNhElkzhka3l5y8UcISJbYTpVdI fUyNwCWGjAgZ5INxAe3u0WHZYTkQpVPCYlg6USp6Dyi0KiTKn1ug+9Ek9k2nmNrs dp5CeFAmqar3ruRjFfT5//ToFlAmvccBSWZQT0VzBXHzWWNW3YuZi6DkRgIdNyCI 1ZL1qubOPm4XZA== -----END CERTIFICATE-----Generated at Thu Dec 25 07:12:44 2025 by rpki-client