This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json) Hash identifier: RcO8tbyJbVOzs3p1d1bXO7DSIWjDXUHfmGnbw+T3Z1s= Subject key identifier: 28:2B:93:4A:95:DD:D2:C3:DA:BA:B6:DA:C3:76:F9:73:13:9F:CD:B8 Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc Certificate serial: 019B55D051944D05C57EC1D7AFE72C63C72E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft Manifest number: 122F Signing time: Thu 25 Dec 2025 14:01:14 +0000 Manifest this update: Thu 25 Dec 2025 14:01:14 +0000 Manifest next update: Fri 26 Dec 2025 14:01:14 +0000 Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: iT49IWcXDobiQ+LCKtSpO6BAN4lxklyzu9h6szEoH8U=) 2: V06h50tDruiBUg9uiKF_DSq52w8.roa (hash: A6FA8GQqXA3RMWxT5r25HFVTJrUQ2PZEYKc6YcmeWfw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 14:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:d0:51:94:4d:05:c5:7e:c1:d7:af:e7:2c:63:c7:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc Validity Not Before: Dec 25 14:01:14 2025 GMT Not After : Dec 26 14:01:14 2025 GMT Subject: CN=282b934a95ddd2c3dabab6dac376f973139fcdb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:cd:46:46:f1:d1:cb:fb:31:e8:d6:2a:9b:b4: c4:74:8a:28:6e:6c:e6:75:3d:92:d0:30:80:ef:6f: 6e:75:e0:c5:6c:a9:d3:d4:98:85:66:31:04:31:66: 40:99:c1:41:dc:cc:01:f1:08:ec:8e:7a:c0:8b:82: a0:a6:ba:0a:9a:fa:94:eb:92:4b:af:f1:b5:ed:02: 0f:db:0f:1a:1c:a1:be:8c:8d:41:c3:5a:55:de:13: 79:db:25:43:22:65:1f:f6:f9:c5:a8:c5:66:44:4d: 64:e7:ff:5f:f9:0b:92:08:54:23:e6:2a:8d:69:37: b9:b9:96:e3:4e:bc:31:64:84:69:3f:ac:3b:3d:21: ae:a9:a8:01:6b:ca:9b:e0:82:0d:93:e7:0f:8f:79: 18:3d:f0:b2:cc:2a:93:f4:d2:79:a2:c3:8d:f9:09: 20:51:46:25:8d:56:16:30:6d:84:ac:f8:dd:a1:28: 01:ca:4c:fd:76:7f:a7:14:94:73:4c:1e:e0:d0:55: 6c:dc:c9:b8:dd:7d:26:67:c8:91:f0:51:08:cf:45: da:33:12:f2:6b:71:3b:56:2b:a9:61:d5:0c:a4:2c: 02:6a:a2:21:33:ab:aa:14:40:36:bd:ae:4e:47:df: f7:2b:05:d7:71:5f:50:d4:b3:36:90:3c:9a:3f:59: 43:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:2B:93:4A:95:DD:D2:C3:DA:BA:B6:DA:C3:76:F9:73:13:9F:CD:B8 X509v3 Authority Key Identifier: keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:78:b3:1e:3b:54:73:28:bf:10:21:b4:91:3b:e9:f2:86:0e: d7:b0:89:63:2f:5f:f6:44:f5:9e:e6:f6:27:13:0d:36:66:96: 7d:72:6d:26:4c:70:b5:3d:c7:a1:13:8d:c4:03:cc:74:30:18: 4f:d9:b8:c5:2f:3b:f0:3e:18:46:a6:ac:65:b9:58:3d:14:bb: 9b:85:4c:6c:fa:0b:a1:21:b1:5e:d5:e4:2f:7a:c1:fb:d9:43: 7e:e0:54:f4:ec:9d:e4:a0:89:74:bf:4b:c1:10:e4:79:85:9c: b5:ae:92:e4:8d:70:b8:52:c9:71:0d:c8:13:6d:d4:dc:5e:30: 07:af:a2:df:c5:16:aa:4b:28:71:4f:a0:e5:95:48:f3:0d:16: e7:b7:a1:18:57:d0:5f:86:bb:20:f6:3f:44:fd:e2:f3:f5:13: 42:09:43:55:fa:7f:59:80:da:b6:ba:9a:37:97:70:03:d7:57: eb:8d:24:12:2e:33:b5:39:41:89:e5:f2:16:0e:d6:8e:2c:c1: 38:27:b5:da:d3:6b:f9:97:a6:f5:22:6a:38:43:c7:78:ce:4f: 17:38:4e:00:70:4b:cb:64:f6:1e:fd:5f:ee:85:60:62:a2:eb: 96:4d:a1:47:ef:8f:d7:2a:c6:6e:b2:86:f7:0e:07:08:71:ce: fc:13:69:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtV0FGUTQXFfsHXr+csY8cuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm NDhhZGMwHhcNMjUxMjI1MTQwMTE0WhcNMjUxMjI2MTQwMTE0WjAzMTEwLwYDVQQD EygyODJiOTM0YTk1ZGRkMmMzZGFiYWI2ZGFjMzc2Zjk3MzEzOWZjZGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc1GRvHRy/sx6NYqm7TEdIoobmzm dT2S0DCA729udeDFbKnT1JiFZjEEMWZAmcFB3MwB8QjsjnrAi4KgproKmvqU65JL r/G17QIP2w8aHKG+jI1Bw1pV3hN52yVDImUf9vnFqMVmRE1k5/9f+QuSCFQj5iqN aTe5uZbjTrwxZIRpP6w7PSGuqagBa8qb4IINk+cPj3kYPfCyzCqT9NJ5osON+Qkg UUYljVYWMG2ErPjdoSgBykz9dn+nFJRzTB7g0FVs3Mm43X0mZ8iR8FEIz0XaMxLy a3E7ViupYdUMpCwCaqIhM6uqFEA2va5OR9/3KwXXcV9Q1LM2kDyaP1lDFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCgrk0qV3dLD2rq22sN2+XMTn824MB8GA1UdIwQY MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnizHjtU cyi/ECG0kTvp8oYO17CJYy9f9kT1nub2JxMNNmaWfXJtJkxwtT3HoRONxAPMdDAY T9m4xS878D4YRqasZblYPRS7m4VMbPoLoSGxXtXkL3rB+9lDfuBU9Oyd5KCJdL9L wRDkeYWcta6S5I1wuFLJcQ3IE23U3F4wB6+i38UWqksocU+g5ZVI8w0W57ehGFfQ X4a7IPY/RP3i8/UTQglDVfp/WYDatrqaN5dwA9dX640kEi4ztTlBieXyFg7WjizB OCe12tNr+Zem9SJqOEPHeM5PFzhOAHBLy2T2Hv1f7oVgYqLrlk2hR++P1yrGbrKG 9w4HCHHO/BNpwQ== -----END CERTIFICATE-----Generated at Thu Dec 25 23:23:53 2025 by rpki-client