This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.mft File: 3iPxjFdtb6YJEzUzwNDjjXcyxlI.mft (raw, json) Hash identifier: 9SaVbB2Si4dJAegjYvLD74faLh1BWLP7VD2u/ygUTws= Subject key identifier: D4:3D:A6:FB:18:E4:56:EC:D8:43:C2:C9:D4:F1:79:2D:EB:F9:E7:85 Authority key identifier: DE:23:F1:8C:57:6D:6F:A6:09:13:35:33:C0:D0:E3:8D:77:32:C6:52 Certificate issuer: /CN=de23f18c576d6fa609133533c0d0e38d7732c652 Certificate serial: 019BABDBBC213CD68984A399B403A8CDB856 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3iPxjFdtb6YJEzUzwNDjjXcyxlI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.mft Manifest number: 046A Signing time: Sun 11 Jan 2026 07:01:02 +0000 Manifest this update: Sun 11 Jan 2026 07:01:02 +0000 Manifest next update: Mon 12 Jan 2026 07:01:02 +0000 Files and hashes: 1: 3iPxjFdtb6YJEzUzwNDjjXcyxlI.crl (hash: 4kVABsu0vRvyBRlZwQ8EaYMNUf/xltT5grZFQvKgOIA=) 2: GUtmTasoYg9vC_X6TeYo5LqnthI.roa (hash: h4pcOYZGVhmcTnXyyDF08GhSsY9jTxf6Vxsbll0E63Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.mft rsync://rpki.ripe.net/repository/DEFAULT/3iPxjFdtb6YJEzUzwNDjjXcyxlI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ab:db:bc:21:3c:d6:89:84:a3:99:b4:03:a8:cd:b8:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de23f18c576d6fa609133533c0d0e38d7732c652 Validity Not Before: Jan 11 07:01:02 2026 GMT Not After : Jan 12 07:01:02 2026 GMT Subject: CN=d43da6fb18e456ecd843c2c9d4f1792debf9e785 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:94:45:0a:fd:b2:3e:fc:16:63:09:a5:d3:b2: 26:83:a6:bc:c8:df:b7:8c:09:45:2b:2c:57:ae:57: 59:8f:5b:2f:6c:2d:77:2a:d7:33:2e:b0:a1:38:53: 0f:17:99:53:ce:84:04:e2:2f:43:b9:70:34:c1:52: 39:5b:55:46:36:8d:37:d5:ff:a4:32:5c:e0:9a:c7: 79:d7:f4:88:bf:6c:65:22:77:23:53:ec:de:e9:37: 9c:c7:6e:02:fc:df:1a:c2:af:62:4a:78:a3:9a:55: dc:68:1b:49:ac:58:a7:21:64:b3:99:ad:43:99:d9: 72:a0:f8:a9:d7:a0:c2:37:df:ce:18:f5:c0:63:8b: 00:18:c5:e1:20:ec:a9:51:ec:8b:e2:6f:b1:b1:13: df:9a:b1:d5:28:ae:77:12:e1:11:76:2d:81:61:c2: 47:4a:5b:3d:35:69:e4:8d:5f:cb:e7:a6:4f:ca:9e: 3c:5d:c3:63:cb:2f:e4:75:9c:24:18:1e:c8:a9:33: 0e:8f:65:48:80:87:12:63:fb:01:69:b8:b0:44:be: d1:66:43:bd:72:8c:a4:13:1c:8d:c0:dd:74:5d:19: 0c:a8:14:cd:aa:11:50:ff:b0:48:e3:6f:26:25:96: 13:d1:23:0b:db:2b:ba:99:70:49:e3:d2:13:21:7a: fb:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:3D:A6:FB:18:E4:56:EC:D8:43:C2:C9:D4:F1:79:2D:EB:F9:E7:85 X509v3 Authority Key Identifier: keyid:DE:23:F1:8C:57:6D:6F:A6:09:13:35:33:C0:D0:E3:8D:77:32:C6:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3iPxjFdtb6YJEzUzwNDjjXcyxlI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/98c5d9-e2be-493b-8657-5e86006e20ae/1/3iPxjFdtb6YJEzUzwNDjjXcyxlI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:52:58:ed:52:2b:da:b7:d4:8e:fd:8d:bc:dc:5e:c7:e0:99: cd:b9:26:3d:18:2d:bf:9e:4a:59:11:5f:88:78:ce:26:5e:c5: 31:32:29:d9:35:ac:04:6b:b6:17:b4:ca:dd:85:e5:e6:03:40: bd:85:1f:98:ec:67:c2:c4:0e:b5:74:b4:16:60:e3:fc:a1:a9: 48:dd:04:b6:ef:d6:c4:4a:30:6d:c6:3e:7a:31:ae:28:42:26: 28:3a:27:5a:f4:15:c4:9a:2d:89:86:21:07:a7:3e:2d:02:18: 6d:e2:7c:04:49:3a:37:9b:67:5e:84:b2:71:64:7f:2c:9c:57: 69:05:00:fc:9b:f2:24:e8:86:16:ed:8c:b8:3f:8b:c6:b6:d8: ae:82:8e:df:c4:9c:5f:7a:30:e8:fe:7f:e6:a8:65:b7:30:77: 1f:a6:7d:3d:ed:52:26:a9:9f:5e:7c:99:d2:9f:d6:4e:8c:a9: 31:fb:74:a3:37:ec:f6:de:f1:bb:e7:ec:d3:0e:da:c7:fc:f2: 19:1a:17:0a:be:00:ac:c6:fb:2f:34:6c:59:a9:49:97:8b:87: 41:60:ea:38:a3:b4:85:db:78:89:e5:00:e2:6f:01:f7:ef:25: 95:e8:83:da:c5:41:95:fa:0c:56:ce:46:11:18:7f:69:8b:34: 41:9f:bb:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZur27whPNaJhKOZtAOozbhWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMjNmMThjNTc2ZDZmYTYwOTEzMzUzM2MwZDBlMzhkNzcz MmM2NTIwHhcNMjYwMTExMDcwMTAyWhcNMjYwMTEyMDcwMTAyWjAzMTEwLwYDVQQD EyhkNDNkYTZmYjE4ZTQ1NmVjZDg0M2MyYzlkNGYxNzkyZGViZjllNzg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5RFCv2yPvwWYwml07Img6a8yN+3 jAlFKyxXrldZj1svbC13KtczLrChOFMPF5lTzoQE4i9DuXA0wVI5W1VGNo031f+k Mlzgmsd51/SIv2xlIncjU+ze6Tecx24C/N8awq9iSnijmlXcaBtJrFinIWSzma1D mdlyoPip16DCN9/OGPXAY4sAGMXhIOypUeyL4m+xsRPfmrHVKK53EuERdi2BYcJH Sls9NWnkjV/L56ZPyp48XcNjyy/kdZwkGB7IqTMOj2VIgIcSY/sBabiwRL7RZkO9 coykExyNwN10XRkMqBTNqhFQ/7BI428mJZYT0SML2yu6mXBJ49ITIXr7BwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNQ9pvsY5Fbs2EPCydTxeS3r+eeFMB8GA1UdIwQY MBaAFN4j8YxXbW+mCRM1M8DQ4413MsZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2lQeGpGZHRiNllKRXpVendORGpqWGN5eGxJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85OGM1ZDktZTJiZS00OTNiLTg2NTct NWU4NjAwNmUyMGFlLzEvM2lQeGpGZHRiNllKRXpVendORGpqWGN5eGxJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi85OGM1ZDktZTJiZS00OTNiLTg2NTctNWU4NjAwNmUyMGFl LzEvM2lQeGpGZHRiNllKRXpVendORGpqWGN5eGxJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFJY7VIr 2rfUjv2NvNxex+CZzbkmPRgtv55KWRFfiHjOJl7FMTIp2TWsBGu2F7TK3YXl5gNA vYUfmOxnwsQOtXS0FmDj/KGpSN0Etu/WxEowbcY+ejGuKEImKDonWvQVxJotiYYh B6c+LQIYbeJ8BEk6N5tnXoSycWR/LJxXaQUA/JvyJOiGFu2MuD+LxrbYroKO38Sc X3ow6P5/5qhltzB3H6Z9Pe1SJqmfXnyZ0p/WToypMft0ozfs9t7xu+fs0w7ax/zy GRoXCr4ArMb7LzRsWalJl4uHQWDqOKO0hdt4ieUA4m8B9+8lleiD2sVBlfoMVs5G ERh/aYs0QZ+7LQ== -----END CERTIFICATE-----Generated at Sun Jan 11 11:34:55 2026 by rpki-client