This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft File: G3NaOdmSptxEu-c6TZm-PIQvqWg.mft (raw, json) Hash identifier: FwBTZooLqRAkfVpyZB8brQpcNNz+cLmr6fTK+8HFvwY= Subject key identifier: 00:4E:3F:00:90:AB:A9:27:9E:F3:EE:D0:E3:72:53:E6:38:F7:D4:E2 Authority key identifier: 1B:73:5A:39:D9:92:A6:DC:44:BB:E7:3A:4D:99:BE:3C:84:2F:A9:68 Certificate issuer: /CN=1b735a39d992a6dc44bbe73a4d99be3c842fa968 Certificate serial: 019B3AC645CE98A5D76CA5ECC3E89B4F183D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G3NaOdmSptxEu-c6TZm-PIQvqWg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft Manifest number: 0516 Signing time: Sat 20 Dec 2025 08:00:30 +0000 Manifest this update: Sat 20 Dec 2025 08:00:30 +0000 Manifest next update: Sun 21 Dec 2025 08:00:30 +0000 Files and hashes: 1: G3NaOdmSptxEu-c6TZm-PIQvqWg.crl (hash: s47xNB8PXsOMNSds7EelWfiXSdRFwcFnk2eIWEWJSqs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft rsync://rpki.ripe.net/repository/DEFAULT/G3NaOdmSptxEu-c6TZm-PIQvqWg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:c6:45:ce:98:a5:d7:6c:a5:ec:c3:e8:9b:4f:18:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b735a39d992a6dc44bbe73a4d99be3c842fa968 Validity Not Before: Dec 20 08:00:30 2025 GMT Not After : Dec 21 08:00:30 2025 GMT Subject: CN=004e3f0090aba9279ef3eed0e37253e638f7d4e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:7e:b3:09:8e:ee:b8:bc:16:9d:68:b6:c2:b8: b0:24:0e:bc:6e:e5:0d:cc:33:f8:76:fa:3b:ef:fe: d4:4d:5a:b4:8a:b9:3a:ec:65:4d:78:0a:bb:61:77: 6d:46:40:f6:57:66:c0:68:a7:7c:8a:f9:16:e6:0c: c5:16:f4:be:54:1b:3d:b2:07:ea:2b:df:7d:ed:25: df:95:de:95:b6:32:82:be:e8:41:eb:98:da:47:a2: 58:8e:40:b3:67:c8:63:4d:26:17:0b:c7:a5:d3:f7: bb:32:e6:90:8f:39:9c:80:a9:5b:13:99:54:82:e3: 15:76:72:09:6b:c1:1a:9f:11:cb:67:5d:fd:52:e9: 26:c1:d4:19:c9:b0:4d:b8:ad:42:56:29:f5:88:7d: 84:69:24:a6:0a:cb:96:36:75:61:ae:ef:b9:0a:65: 28:9c:dd:5d:23:36:aa:af:a9:3b:45:7d:63:9c:f4: 1b:0a:5e:eb:bf:27:22:75:18:c7:65:af:57:85:27: fb:55:a6:37:f4:c5:4e:bb:20:21:83:08:df:74:bc: e2:ba:9d:9c:eb:c1:63:7b:47:83:ea:31:22:e3:1b: b7:7b:0d:7a:c4:9f:cd:bd:fc:c8:84:23:02:de:d0: 2b:8d:a1:3b:ab:92:88:4d:52:52:e3:b7:df:4f:5b: 46:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:4E:3F:00:90:AB:A9:27:9E:F3:EE:D0:E3:72:53:E6:38:F7:D4:E2 X509v3 Authority Key Identifier: keyid:1B:73:5A:39:D9:92:A6:DC:44:BB:E7:3A:4D:99:BE:3C:84:2F:A9:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G3NaOdmSptxEu-c6TZm-PIQvqWg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:32:47:ee:c8:98:5f:d1:14:bb:e4:96:8a:da:e9:5f:71:39: f7:f3:de:60:25:21:33:3b:56:1c:3e:2c:8d:7d:59:dd:d1:1c: db:a2:b5:3e:61:d0:da:fc:f0:fe:89:f9:3b:77:60:ec:a9:ff: 83:21:54:47:2e:b8:3e:85:46:81:b0:5c:86:db:df:a1:dd:7f: 55:09:49:69:1d:f8:d8:2e:e3:12:df:da:8f:b6:82:28:d0:49: c9:1e:05:09:96:e1:cc:cb:6e:39:38:64:ac:09:08:dc:cf:e9: 11:f6:f2:79:ad:b0:74:f0:ad:1f:f9:68:1b:f2:70:76:5f:16: a5:74:a6:93:a6:7e:d3:a7:b2:ed:b5:4a:c0:b5:e5:8d:10:69: d6:27:2a:d0:9c:49:08:1c:e4:e8:82:a2:00:cc:27:c7:26:e5: e3:9f:9f:03:1c:f6:f7:32:cc:03:62:62:8e:fc:02:da:40:e7: 65:24:74:64:49:0c:68:43:fc:42:39:e7:4f:6a:72:41:80:83: b8:50:e8:e0:6f:49:8a:01:cc:05:53:f4:09:a0:ec:8b:f0:90: 05:e4:b1:39:6a:62:d8:77:89:85:90:c9:cc:be:00:3b:20:58: 9b:6d:e2:49:30:cb:37:4a:dc:32:67:e9:93:ea:5f:1b:6f:c4: 97:48:41:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6xkXOmKXXbKXsw+ibTxg9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiNzM1YTM5ZDk5MmE2ZGM0NGJiZTczYTRkOTliZTNjODQy ZmE5NjgwHhcNMjUxMjIwMDgwMDMwWhcNMjUxMjIxMDgwMDMwWjAzMTEwLwYDVQQD EygwMDRlM2YwMDkwYWJhOTI3OWVmM2VlZDBlMzcyNTNlNjM4ZjdkNGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn6zCY7uuLwWnWi2wriwJA68buUN zDP4dvo77/7UTVq0irk67GVNeAq7YXdtRkD2V2bAaKd8ivkW5gzFFvS+VBs9sgfq K9997SXfld6VtjKCvuhB65jaR6JYjkCzZ8hjTSYXC8el0/e7MuaQjzmcgKlbE5lU guMVdnIJa8EanxHLZ139UukmwdQZybBNuK1CVin1iH2EaSSmCsuWNnVhru+5CmUo nN1dIzaqr6k7RX1jnPQbCl7rvycidRjHZa9XhSf7VaY39MVOuyAhgwjfdLziup2c 68Fje0eD6jEi4xu3ew16xJ/NvfzIhCMC3tArjaE7q5KITVJS47ffT1tGzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFABOPwCQq6knnvPu0ONyU+Y499TiMB8GA1UdIwQY MBaAFBtzWjnZkqbcRLvnOk2ZvjyEL6loMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzNOYU9kbVNwdHhFdS1jNlRabS1QSVF2cVdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wNmRhMGItNDVmYS00YmM5LTk3MTct NDAwMTM2OWJhMTFmLzEvRzNOYU9kbVNwdHhFdS1jNlRabS1QSVF2cVdnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy8wNmRhMGItNDVmYS00YmM5LTk3MTctNDAwMTM2OWJhMTFm LzEvRzNOYU9kbVNwdHhFdS1jNlRabS1QSVF2cVdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPDJH7siY X9EUu+SWitrpX3E59/PeYCUhMztWHD4sjX1Z3dEc26K1PmHQ2vzw/on5O3dg7Kn/ gyFURy64PoVGgbBchtvfod1/VQlJaR342C7jEt/aj7aCKNBJyR4FCZbhzMtuOThk rAkI3M/pEfbyea2wdPCtH/loG/Jwdl8WpXSmk6Z+06ey7bVKwLXljRBp1icq0JxJ CBzk6IKiAMwnxybl45+fAxz29zLMA2JijvwC2kDnZSR0ZEkMaEP8QjnnT2pyQYCD uFDo4G9JigHMBVP0CaDsi/CQBeSxOWpi2HeJhZDJzL4AOyBYm23iSTDLN0rcMmfp k+pfG2/El0hBzA== -----END CERTIFICATE-----Generated at Sat Dec 20 10:42:42 2025 by rpki-client