This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft File: 3AWXDmUMKq8atqOjOoNzJGahUS4.mft (raw, json) Hash identifier: rSe/Gh7AoScyseLMREDcB5h6BhJ9J4O2EnCdj0u75qQ= Subject key identifier: 9E:E4:63:57:CC:0D:0F:D5:B4:A4:D2:DB:3C:D2:97:33:CC:AA:0E:BB Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E Certificate issuer: /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e Certificate serial: 019B6BE9B63A252990C5FE955F1DC27A74BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft Manifest number: 17A2 Signing time: Mon 29 Dec 2025 21:00:37 +0000 Manifest this update: Mon 29 Dec 2025 21:00:37 +0000 Manifest next update: Tue 30 Dec 2025 21:00:37 +0000 Files and hashes: 1: 3AWXDmUMKq8atqOjOoNzJGahUS4.crl (hash: 4WP/052i4oLoNIaFQLu70+KcaMfhLtXgyj3B5CI8xCo=) 2: FzwFRP4-A3VF1cOjtYqnBZUlK8Y.roa (hash: arVJNSKTx0owboHk87Pz6q3TsmBB0DVqu8a1mnGjuAI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:e9:b6:3a:25:29:90:c5:fe:95:5f:1d:c2:7a:74:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e Validity Not Before: Dec 29 21:00:37 2025 GMT Not After : Dec 30 21:00:37 2025 GMT Subject: CN=9ee46357cc0d0fd5b4a4d2db3cd29733ccaa0ebb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:20:b0:cf:b4:de:38:ac:ec:56:a7:f4:db:cc: 61:83:8d:ca:11:9b:2e:ef:85:8f:71:1b:d2:b7:c0: c6:1f:63:58:b4:69:76:68:47:6a:fe:1e:3b:ef:f6: 58:60:55:b1:d2:ed:c0:7d:43:c5:b5:ff:86:6a:95: 1d:cd:0b:97:10:9a:20:59:91:9e:a9:79:39:24:71: 78:46:26:f7:f0:73:55:ba:a3:60:3d:7a:f4:e0:98: b4:f9:29:31:e2:39:94:5e:45:c8:72:26:5d:b9:19: ad:e3:59:57:2d:48:51:93:25:3c:52:c2:98:c4:03: e5:0c:41:69:cf:89:e0:c9:e8:b2:ee:e3:7e:62:f8: 9b:ee:ef:eb:00:4d:30:e2:82:fe:34:0c:7b:59:81: 69:7c:05:49:fd:6c:08:50:a7:ca:dc:a9:37:f5:08: 03:26:6b:84:64:58:e5:f0:9f:10:c2:d8:b2:80:0a: 1f:a9:e7:55:7f:b1:12:f9:3f:2c:53:c7:ec:69:96: 6e:7d:fa:49:b7:7d:53:64:53:89:1a:b8:6a:9e:c7: df:13:d6:cc:b5:ca:23:0f:a1:e4:1a:87:fb:c3:01: e7:d9:06:81:9e:7a:f0:87:8a:fa:e6:7d:46:69:b0: b2:da:be:74:08:9a:0a:f2:78:e7:45:b9:d4:ea:a1: 97:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:E4:63:57:CC:0D:0F:D5:B4:A4:D2:DB:3C:D2:97:33:CC:AA:0E:BB X509v3 Authority Key Identifier: keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:06:3e:f0:34:8a:b2:24:c3:89:c6:2d:ca:4c:ab:71:22:a5: 50:16:98:cc:1f:6c:0e:2d:c4:26:82:fe:cc:c6:05:eb:83:85: 13:11:36:cd:51:aa:fd:b1:4f:9b:9b:76:6d:9b:b1:63:8f:f0: c5:38:a7:1f:99:cc:a6:5e:30:81:71:cc:c5:6e:94:5f:34:98: 17:21:ca:ea:0b:be:5c:43:76:f2:d8:18:e7:45:d9:24:45:8a: 3c:1a:0a:a9:f9:dc:ef:65:42:d5:8a:6e:34:df:0a:bd:8f:4d: c5:0c:52:80:f6:bc:ef:78:67:66:57:72:c4:f8:c8:ef:93:5b: 48:a7:66:2e:79:ad:45:fc:04:6d:66:e5:e1:c7:27:73:35:cc: df:9c:b2:35:59:af:91:3a:9b:4c:f1:f4:49:49:dd:ea:1d:26: cd:80:84:2b:1e:d8:d9:0f:e1:89:9e:64:05:04:b1:df:ed:9c: 1d:cb:29:f9:d3:4e:5a:66:0b:76:b1:92:df:71:ec:cf:ba:83: ca:33:5c:e1:5e:90:7d:be:b8:76:59:2d:58:ba:f3:99:ff:f0: 5d:1d:55:ad:05:76:91:5a:d5:93:77:5d:19:4f:24:81:de:27: eb:0a:c6:f6:bd:bc:33:d5:2b:b9:67:de:c4:56:c7:de:24:c6: 43:11:86:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtr6bY6JSmQxf6VXx3CenS7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh MTUxMmUwHhcNMjUxMjI5MjEwMDM3WhcNMjUxMjMwMjEwMDM3WjAzMTEwLwYDVQQD Eyg5ZWU0NjM1N2NjMGQwZmQ1YjRhNGQyZGIzY2QyOTczM2NjYWEwZWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniCwz7TeOKzsVqf028xhg43KEZsu 74WPcRvSt8DGH2NYtGl2aEdq/h477/ZYYFWx0u3AfUPFtf+GapUdzQuXEJogWZGe qXk5JHF4Rib38HNVuqNgPXr04Ji0+Skx4jmUXkXIciZduRmt41lXLUhRkyU8UsKY xAPlDEFpz4ngyeiy7uN+Yvib7u/rAE0w4oL+NAx7WYFpfAVJ/WwIUKfK3Kk39QgD JmuEZFjl8J8QwtiygAofqedVf7ES+T8sU8fsaZZuffpJt31TZFOJGrhqnsffE9bM tcojD6HkGof7wwHn2QaBnnrwh4r65n1GabCy2r50CJoK8njnRbnU6qGXhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ7kY1fMDQ/VtKTS2zzSlzPMqg67MB8GA1UdIwQY MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt NjdhNTQwZTI5N2YwLzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwY+8DSK siTDicYtykyrcSKlUBaYzB9sDi3EJoL+zMYF64OFExE2zVGq/bFPm5t2bZuxY4/w xTinH5nMpl4wgXHMxW6UXzSYFyHK6gu+XEN28tgY50XZJEWKPBoKqfnc72VC1Ypu NN8KvY9NxQxSgPa873hnZldyxPjI75NbSKdmLnmtRfwEbWbl4ccnczXM35yyNVmv kTqbTPH0SUnd6h0mzYCEKx7Y2Q/hiZ5kBQSx3+2cHcsp+dNOWmYLdrGS33Hsz7qD yjNc4V6Qfb64dlktWLrzmf/wXR1VrQV2kVrVk3ddGU8kgd4n6wrG9r28M9UruWfe xFbH3iTGQxGGSw== -----END CERTIFICATE-----Generated at Mon Dec 29 22:45:31 2025 by rpki-client