This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft File: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json) Hash identifier: jhVOBZirJCCnDPHcEX1q20X6TrDXqbfs2FACJXWxRZ4= Subject key identifier: 3A:C3:78:25:A9:78:EB:A9:B8:B1:F8:4B:42:C3:DE:19:31:37:68:9F Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 Certificate issuer: /CN=de17fd66577b3ed358b3862a7dd980944a85d507 Certificate serial: 019B35D6F2F9DA683E2DF54BDA581456BF9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft Manifest number: 0343 Signing time: Fri 19 Dec 2025 09:00:37 +0000 Manifest this update: Fri 19 Dec 2025 09:00:37 +0000 Manifest next update: Sat 20 Dec 2025 09:00:37 +0000 Files and hashes: 1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: MVIj3KcVpXfWDpOvYhXNQ8H0/VkNX89C7qzew94RIpo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:d6:f2:f9:da:68:3e:2d:f5:4b:da:58:14:56:bf:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507 Validity Not Before: Dec 19 09:00:37 2025 GMT Not After : Dec 20 09:00:37 2025 GMT Subject: CN=3ac37825a978eba9b8b1f84b42c3de193137689f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:50:a6:7c:89:e7:26:46:7e:a7:e0:d2:cf:86: 1a:8b:4a:6a:0a:44:dc:7c:2b:69:65:5e:56:22:e3: cd:06:c0:66:66:72:d8:0e:c8:6e:3b:aa:32:79:d3: 68:bc:8e:b0:4e:86:89:31:d4:ee:10:01:fb:fb:9a: a0:0c:f0:42:63:67:2e:b0:33:61:77:8b:08:81:cb: 98:9b:1d:5e:4b:4d:65:74:50:e9:a1:a3:4f:a2:2f: 69:53:62:2c:23:27:b5:9f:01:ea:f6:c7:d5:21:9c: 44:f1:ee:df:cc:85:6e:9d:18:0f:0b:64:57:37:b3: bb:47:81:fb:65:1f:e1:a6:67:b8:62:2c:f5:8a:e5: 60:d9:30:90:f2:3f:fc:90:81:58:9d:43:b4:ff:14: 62:7f:2b:85:47:a1:de:ee:5d:97:98:b7:16:01:66: a0:13:b3:54:a3:1e:e7:36:40:57:9a:b7:ad:57:09: dc:e1:51:fc:19:d4:32:58:17:3a:b1:76:02:44:f1: e8:44:c8:67:42:f8:04:6c:7d:c4:d9:ff:c1:99:78: dc:7b:92:9a:c8:ed:62:a5:67:2b:b8:09:72:97:f3: d1:0f:72:fa:53:02:7d:8e:d2:a9:5b:e6:b6:4b:88: 8e:e0:bd:54:21:c4:09:3d:39:40:42:38:5b:ce:16: 6a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:C3:78:25:A9:78:EB:A9:B8:B1:F8:4B:42:C3:DE:19:31:37:68:9F X509v3 Authority Key Identifier: keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:d0:5c:c6:d0:53:48:01:9c:af:60:3f:67:48:51:f8:bd:83: b4:35:b9:2e:d7:6a:8e:7e:0f:4a:89:82:2e:38:45:97:75:25: 39:cf:74:77:57:0c:97:3a:97:e2:57:bb:73:ca:b8:0e:c6:c2: 19:34:f3:51:ef:c8:b4:ab:39:f8:ca:03:ec:e3:bf:73:c3:ec: c0:ef:ec:78:84:e0:5f:5f:95:ba:93:43:91:df:41:28:45:9e: f5:9b:d5:56:ed:5c:b7:fa:e8:66:b5:0a:53:5a:98:5b:41:e1: 2e:2d:a9:d6:83:d0:cd:bc:bf:dc:53:40:3f:c6:05:2b:49:bf: 0a:04:45:1d:40:76:91:a9:62:a4:1f:52:94:47:50:61:b6:2c: 17:3b:2c:53:17:57:e1:b6:b0:06:78:8f:ab:80:c7:d9:eb:38: 06:45:44:e8:7d:f0:11:84:f8:91:61:df:7b:d0:33:4d:8f:ea: 24:50:4e:8b:01:35:0c:30:4d:f4:45:c3:eb:53:7c:09:45:af: 9c:49:d9:7b:f8:e9:8c:84:3f:41:83:45:a6:77:5a:65:70:e6: b4:d1:40:1d:ab:df:43:57:44:cd:06:74:52:c6:79:af:58:fd: 9f:7c:9b:ec:e3:2e:7b:a1:02:24:ce:84:9d:2a:a9:fc:9d:34: b5:a7:3d:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs11vL52mg+LfVL2lgUVr+fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4 NWQ1MDcwHhcNMjUxMjE5MDkwMDM3WhcNMjUxMjIwMDkwMDM3WjAzMTEwLwYDVQQD EygzYWMzNzgyNWE5NzhlYmE5YjhiMWY4NGI0MmMzZGUxOTMxMzc2ODlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlCmfInnJkZ+p+DSz4Yai0pqCkTc fCtpZV5WIuPNBsBmZnLYDshuO6oyedNovI6wToaJMdTuEAH7+5qgDPBCY2cusDNh d4sIgcuYmx1eS01ldFDpoaNPoi9pU2IsIye1nwHq9sfVIZxE8e7fzIVunRgPC2RX N7O7R4H7ZR/hpme4Yiz1iuVg2TCQ8j/8kIFYnUO0/xRifyuFR6He7l2XmLcWAWag E7NUox7nNkBXmretVwnc4VH8GdQyWBc6sXYCRPHoRMhnQvgEbH3E2f/BmXjce5Ka yO1ipWcruAlyl/PRD3L6UwJ9jtKpW+a2S4iO4L1UIcQJPTlAQjhbzhZqhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDrDeCWpeOupuLH4S0LD3hkxN2ifMB8GA1UdIwQY MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzdBcxtBT SAGcr2A/Z0hR+L2DtDW5Ltdqjn4PSomCLjhFl3UlOc90d1cMlzqX4le7c8q4DsbC GTTzUe/ItKs5+MoD7OO/c8PswO/seITgX1+VupNDkd9BKEWe9ZvVVu1ct/roZrUK U1qYW0HhLi2p1oPQzby/3FNAP8YFK0m/CgRFHUB2kalipB9SlEdQYbYsFzssUxdX 4bawBniPq4DH2es4BkVE6H3wEYT4kWHfe9AzTY/qJFBOiwE1DDBN9EXD61N8CUWv nEnZe/jpjIQ/QYNFpndaZXDmtNFAHavfQ1dEzQZ0UsZ5r1j9n3yb7OMue6ECJM6E nSqp/J00tac9Tg== -----END CERTIFICATE-----Generated at Fri Dec 19 14:32:23 2025 by rpki-client