This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft File: 3kK6kvCUZ8GIi16eNEiVB0SweYE.mft (raw, json) Hash identifier: U00bp9jpgU2yjqAw7oKD/t1CroE81U46xyp8iWcm1UU= Subject key identifier: 4C:C4:F3:1B:80:75:BD:13:D7:35:23:2F:43:8B:8B:BB:18:B1:C6:8B Authority key identifier: DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81 Certificate issuer: /CN=de42ba92f09467c1888b5e9e3448950744b07981 Certificate serial: 019B6CC7102013492E59E214E78EB1094FD0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft Manifest number: 1210 Signing time: Tue 30 Dec 2025 01:02:23 +0000 Manifest this update: Tue 30 Dec 2025 01:02:23 +0000 Manifest next update: Wed 31 Dec 2025 01:02:23 +0000 Files and hashes: 1: 3kK6kvCUZ8GIi16eNEiVB0SweYE.crl (hash: zJwpC6q/M4S0sGhMb+qvJlXp4feV82sGnNQLCFM0Vk8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 23:52:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6c:c7:10:20:13:49:2e:59:e2:14:e7:8e:b1:09:4f:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de42ba92f09467c1888b5e9e3448950744b07981 Validity Not Before: Dec 30 01:02:23 2025 GMT Not After : Dec 31 01:02:23 2025 GMT Subject: CN=4cc4f31b8075bd13d735232f438b8bbb18b1c68b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:91:37:03:fa:06:58:f1:fc:8c:ad:19:c1:3a: 46:e4:ca:b3:23:8b:4e:bc:cd:b9:45:5e:5b:60:4d: bd:8d:f2:68:7d:c1:6a:e8:98:51:35:4a:80:38:95: 8e:69:37:5c:ae:ff:89:ab:22:ba:1b:c0:f2:30:e5: 4c:92:0f:b0:1c:fa:17:da:8b:b9:99:b4:7f:c9:e4: e2:f5:f1:06:8c:43:fe:85:fe:9c:56:04:c3:6f:dd: de:15:d7:6c:e5:e0:d8:0c:ce:b0:b4:f7:d5:dd:4c: 1f:11:df:34:93:ce:11:8c:f6:8c:2a:fe:45:9a:26: 3d:78:2a:84:c9:39:d6:94:93:91:a4:ef:b6:c6:c6: 04:54:de:6a:30:ca:5e:07:8c:9e:18:6b:1d:87:15: 8c:a2:2b:a4:28:85:47:0f:82:7c:05:b5:5a:72:02: e1:23:36:fe:a4:46:fc:68:3a:68:2c:03:aa:55:05: 04:26:16:cf:05:37:5b:63:25:8b:4c:3e:44:db:44: 67:98:e8:73:65:f1:b4:4c:c2:68:ce:05:21:ae:7c: 97:f5:78:a6:b0:3c:c0:53:bb:4a:d9:b8:a5:97:cb: ab:3d:f4:e1:21:6f:97:54:af:01:e4:90:1c:90:8f: fe:e8:9e:67:46:70:7f:45:76:fb:66:58:86:3c:f0: cf:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:C4:F3:1B:80:75:BD:13:D7:35:23:2F:43:8B:8B:BB:18:B1:C6:8B X509v3 Authority Key Identifier: keyid:DE:42:BA:92:F0:94:67:C1:88:8B:5E:9E:34:48:95:07:44:B0:79:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kK6kvCUZ8GIi16eNEiVB0SweYE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/3ff463-0e3d-4e77-bd13-5b3b4b913cf8/1/3kK6kvCUZ8GIi16eNEiVB0SweYE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:1e:7b:a3:3a:7c:fa:3c:a2:e5:a5:70:28:7d:c9:a0:d2:fb: 88:66:f1:6f:2a:83:79:9f:7a:b8:88:24:78:82:b4:23:96:37: 09:dc:06:23:61:6e:fb:1f:3d:09:ba:4d:c1:09:61:04:9f:78: 13:9c:7c:0d:81:c3:82:dd:97:bb:02:b7:ce:ab:78:13:1f:6c: 42:7c:b3:05:8f:93:01:a7:b1:b8:15:25:3d:ce:55:e9:a8:c5: 5e:16:5d:e6:47:e5:1a:5b:d3:da:69:90:00:ed:f2:95:92:67: 87:52:21:f4:c5:fe:79:c0:a7:86:6c:e4:5e:fa:6b:95:00:c1: b5:96:6e:51:22:91:40:f6:2b:e2:b6:1e:07:02:d7:3b:95:14: c9:46:9e:0a:3c:81:28:cc:bb:12:f5:dc:2a:01:6b:e6:be:46: 03:46:25:00:e8:df:9f:af:00:39:f4:15:d3:0f:fa:28:0a:fd: 97:ea:ab:33:46:cc:0f:fa:34:fc:14:f8:8c:4d:fb:c8:47:17: 77:60:d4:0b:f7:0c:ba:8f:5d:eb:08:f5:f0:f2:80:1f:09:a5: 6c:27:d5:bd:a9:e8:92:34:83:c2:8a:79:1b:80:33:65:eb:8b: 57:60:5d:c9:eb:7b:61:78:ef:31:69:bd:7a:4b:9d:0b:32:60: 8d:0e:e0:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtsxxAgE0kuWeIU546xCU/QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNDJiYTkyZjA5NDY3YzE4ODhiNWU5ZTM0NDg5NTA3NDRi MDc5ODEwHhcNMjUxMjMwMDEwMjIzWhcNMjUxMjMxMDEwMjIzWjAzMTEwLwYDVQQD Eyg0Y2M0ZjMxYjgwNzViZDEzZDczNTIzMmY0MzhiOGJiYjE4YjFjNjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpE3A/oGWPH8jK0ZwTpG5MqzI4tO vM25RV5bYE29jfJofcFq6JhRNUqAOJWOaTdcrv+JqyK6G8DyMOVMkg+wHPoX2ou5 mbR/yeTi9fEGjEP+hf6cVgTDb93eFdds5eDYDM6wtPfV3UwfEd80k84RjPaMKv5F miY9eCqEyTnWlJORpO+2xsYEVN5qMMpeB4yeGGsdhxWMoiukKIVHD4J8BbVacgLh Izb+pEb8aDpoLAOqVQUEJhbPBTdbYyWLTD5E20RnmOhzZfG0TMJozgUhrnyX9Xim sDzAU7tK2bill8urPfThIW+XVK8B5JAckI/+6J5nRnB/RXb7ZliGPPDP6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEzE8xuAdb0T1zUjL0OLi7sYscaLMB8GA1UdIwQY MBaAFN5CupLwlGfBiItenjRIlQdEsHmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMt NWIzYjRiOTEzY2Y4LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8zZmY0NjMtMGUzZC00ZTc3LWJkMTMtNWIzYjRiOTEzY2Y4 LzEvM2tLNmt2Q1VaOEdJaTE2ZU5FaVZCMFN3ZVlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJR57ozp8 +jyi5aVwKH3JoNL7iGbxbyqDeZ96uIgkeIK0I5Y3CdwGI2Fu+x89CbpNwQlhBJ94 E5x8DYHDgt2XuwK3zqt4Ex9sQnyzBY+TAaexuBUlPc5V6ajFXhZd5kflGlvT2mmQ AO3ylZJnh1Ih9MX+ecCnhmzkXvprlQDBtZZuUSKRQPYr4rYeBwLXO5UUyUaeCjyB KMy7EvXcKgFr5r5GA0YlAOjfn68AOfQV0w/6KAr9l+qrM0bMD/o0/BT4jE37yEcX d2DUC/cMuo9d6wj18PKAHwmlbCfVvanokjSDwop5G4AzZeuLV2Bdyet7YXjvMWm9 ekudCzJgjQ7g9Q== -----END CERTIFICATE-----Generated at Tue Dec 30 03:16:34 2025 by rpki-client