This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft File: h3YEKrfwcZWY6znlPvkuCsz6T6M.mft (raw, json) Hash identifier: /vJxBsdErY6QarV+AY24qzGGqP+bXTxQ2GtI25o3I8Y= Subject key identifier: D1:4D:34:2C:32:E0:C5:F9:A9:59:16:00:13:B7:A3:45:A4:F6:C0:00 Authority key identifier: 87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3 Certificate issuer: /CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3 Certificate serial: 019B2B1DE891A138FC662916CC64C7880311 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft Manifest number: 0B80 Signing time: Wed 17 Dec 2025 07:02:18 +0000 Manifest this update: Wed 17 Dec 2025 07:02:18 +0000 Manifest next update: Thu 18 Dec 2025 07:02:18 +0000 Files and hashes: 1: h3YEKrfwcZWY6znlPvkuCsz6T6M.crl (hash: g9+QAopZRZNhafUUt+q8ZEwfaW3QFknkHRVtmf0df08=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 07:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:1d:e8:91:a1:38:fc:66:29:16:cc:64:c7:88:03:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3 Validity Not Before: Dec 17 07:02:18 2025 GMT Not After : Dec 18 07:02:18 2025 GMT Subject: CN=d14d342c32e0c5f9a959160013b7a345a4f6c000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:bc:a2:23:3c:d5:4f:00:67:37:dc:54:2e:5f: 15:59:e7:aa:69:13:b8:b3:be:69:8b:70:08:31:23: 65:9c:aa:7c:7a:58:34:c1:e1:15:88:4e:50:ae:19: 9a:b7:08:36:b2:a9:ec:26:ff:a2:c4:81:5c:f1:12: 79:8b:7a:b3:eb:92:2e:a9:31:29:22:0e:d2:ea:6f: 95:8c:c6:15:50:b1:e1:d0:13:a9:49:65:f2:ec:ef: 2e:ae:0e:d8:80:9a:f2:72:a9:72:84:78:42:32:1c: 62:67:ff:6f:29:c9:4d:6e:c5:fa:50:7c:1e:62:d1: a8:4b:87:c3:6e:aa:a8:39:15:ed:19:52:5b:34:ba: cd:41:ac:8f:a8:13:e6:86:03:43:ba:df:72:e6:2e: 60:02:7b:48:b3:1d:e5:f4:34:1e:91:b1:38:53:a2: 0f:d9:5d:53:ea:c6:b9:11:ef:ba:b6:ba:0b:8f:82: 38:9c:70:be:d1:ff:80:aa:10:9b:af:fe:f1:ad:b2: cd:21:cc:75:e0:af:74:bc:83:14:d1:e0:0e:f4:61: 2f:5d:5a:8b:39:09:cf:94:90:99:bd:8d:9f:d5:bf: 63:6f:af:0f:7b:56:50:7f:78:df:15:51:96:f3:6f: 96:a5:2f:f3:7b:ae:b4:b2:4a:5a:9f:43:83:3b:31: a9:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:4D:34:2C:32:E0:C5:F9:A9:59:16:00:13:B7:A3:45:A4:F6:C0:00 X509v3 Authority Key Identifier: keyid:87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:2a:ee:bb:cb:84:ec:c9:20:88:3a:11:bf:99:4e:92:8a:e7: 5a:7f:1d:50:b2:b6:38:eb:fb:86:1c:44:c3:08:3f:09:12:3e: ae:7f:64:6f:84:fe:e5:58:0d:9a:8d:cd:08:b8:ce:da:69:92: 9f:41:ef:b7:60:2e:1d:04:77:0b:cd:c9:af:53:42:58:43:39: 7e:3b:6e:40:ae:1c:c1:42:1b:aa:3c:a9:8d:c4:f3:8d:22:e5: 2d:5e:1a:42:21:b4:92:c4:42:50:40:f4:15:b2:f1:a5:fe:c3: bf:97:cd:fe:1a:e7:31:10:7e:29:eb:aa:db:58:c5:8e:54:b9: 6a:04:01:2b:c1:fd:f5:27:f3:d3:57:c2:7b:53:52:a8:f4:6d: 7f:1a:7a:0d:fc:2d:8f:f8:ba:df:89:08:b0:d2:d8:3d:40:ff: b9:e2:d4:f0:4e:94:78:02:9a:e9:95:67:58:9b:da:05:6a:76: 97:9c:73:e0:c5:29:07:cd:f3:98:3f:fd:ed:e2:6e:bc:c5:7a: 56:54:62:16:3e:11:b8:c2:1f:9d:6f:8e:eb:13:d8:9a:a8:92: 30:9e:9d:7f:62:46:40:ff:6b:26:23:c0:34:7f:be:c4:b1:57: 2b:fd:44:de:34:1d:1e:4d:f2:6a:4a:63:2e:1b:a8:2b:4b:04: 03:79:b3:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrHeiRoTj8ZikWzGTHiAMRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NzYwNDJhYjdmMDcxOTU5OGViMzllNTNlZjkyZTBhY2Nm YTRmYTMwHhcNMjUxMjE3MDcwMjE4WhcNMjUxMjE4MDcwMjE4WjAzMTEwLwYDVQQD EyhkMTRkMzQyYzMyZTBjNWY5YTk1OTE2MDAxM2I3YTM0NWE0ZjZjMDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3byiIzzVTwBnN9xULl8VWeeqaRO4 s75pi3AIMSNlnKp8elg0weEViE5Qrhmatwg2sqnsJv+ixIFc8RJ5i3qz65IuqTEp Ig7S6m+VjMYVULHh0BOpSWXy7O8urg7YgJrycqlyhHhCMhxiZ/9vKclNbsX6UHwe YtGoS4fDbqqoORXtGVJbNLrNQayPqBPmhgNDut9y5i5gAntIsx3l9DQekbE4U6IP 2V1T6sa5Ee+6troLj4I4nHC+0f+AqhCbr/7xrbLNIcx14K90vIMU0eAO9GEvXVqL OQnPlJCZvY2f1b9jb68Pe1ZQf3jfFVGW82+WpS/ze660skpan0ODOzGp8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNFNNCwy4MX5qVkWABO3o0Wk9sAAMB8GA1UdIwQY MBaAFId2BCq38HGVmOs55T75LgrM+k+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEt ZTNjY2YzZWEzYzRhLzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEtZTNjY2YzZWEzYzRh LzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAyruu8uE 7MkgiDoRv5lOkornWn8dULK2OOv7hhxEwwg/CRI+rn9kb4T+5VgNmo3NCLjO2mmS n0Hvt2AuHQR3C83Jr1NCWEM5fjtuQK4cwUIbqjypjcTzjSLlLV4aQiG0ksRCUED0 FbLxpf7Dv5fN/hrnMRB+Keuq21jFjlS5agQBK8H99Sfz01fCe1NSqPRtfxp6Dfwt j/i634kIsNLYPUD/ueLU8E6UeAKa6ZVnWJvaBWp2l5xz4MUpB83zmD/97eJuvMV6 VlRiFj4RuMIfnW+O6xPYmqiSMJ6df2JGQP9rJiPANH++xLFXK/1E3jQdHk3yakpj LhuoK0sEA3mzEQ== -----END CERTIFICATE-----Generated at Wed Dec 17 16:47:53 2025 by rpki-client