This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft File: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft (raw, json) Hash identifier: 9FhENDrpsGwZHGLZ10+LuOVz60f8XJj7GPprUkjIFsE= Subject key identifier: 56:70:37:E6:23:6F:12:C3:07:6E:3B:24:C4:F5:A7:08:97:99:9E:60 Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96 Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796 Certificate serial: 019B3C10758737B146A1CB677CDA0291B007 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft Manifest number: 0F70 Signing time: Sat 20 Dec 2025 14:01:10 +0000 Manifest this update: Sat 20 Dec 2025 14:01:10 +0000 Manifest next update: Sun 21 Dec 2025 14:01:10 +0000 Files and hashes: 1: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl (hash: 0ZCmJulv0/q38rW4SL/QAh2OI0AbTtEoGpY/shX9hkg=) 2: plkAs-IyDZJCIAE40BkNI36hTng.roa (hash: wOkXtaw5IC+9zxwCff906pm32/bh8wTs2La7fXktK8s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:75:87:37:b1:46:a1:cb:67:7c:da:02:91:b0:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796 Validity Not Before: Dec 20 14:01:10 2025 GMT Not After : Dec 21 14:01:10 2025 GMT Subject: CN=567037e6236f12c3076e3b24c4f5a70897999e60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:f3:8d:8a:9f:4b:aa:b5:aa:1b:00:59:a9:85: 6a:01:e1:72:62:22:46:92:66:18:e6:ac:30:de:ec: be:ad:7a:de:c2:07:da:9b:9d:0a:8a:9e:73:68:19: 8b:52:db:26:b2:0d:f6:08:99:0c:5b:7e:b5:3a:f2: 91:2c:3d:8d:e1:58:8c:bc:6f:df:12:b8:d1:62:5c: 99:6a:33:38:12:21:35:a4:8f:d0:f4:30:85:31:87: 23:cf:ef:2f:22:78:82:d6:4e:d6:6e:38:7d:4b:10: a6:9d:a3:24:bd:de:d3:78:74:f5:70:fc:c1:62:06: 2f:a4:fd:00:41:14:bb:bd:3e:4d:d9:07:f5:84:6f: 46:51:ee:61:11:91:a0:cd:5e:93:dd:65:b8:16:72: 51:e5:24:37:72:b2:d2:b9:82:8d:28:e1:b3:1d:cd: 45:47:23:1d:cd:87:35:4c:db:ef:34:21:d5:e6:4c: a2:5e:f2:9f:4c:65:1f:93:85:bf:c6:5f:80:4a:09: 13:29:5d:9f:c4:37:37:69:da:a8:78:21:81:fb:ec: 69:7a:45:1f:bf:e3:6c:af:3d:fe:d3:be:a7:fe:04: 19:73:a4:83:ae:2f:ba:62:d9:bd:82:ca:d4:09:86: c1:07:42:7a:37:8f:88:5d:7c:cf:81:07:57:d3:18: 99:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:70:37:E6:23:6F:12:C3:07:6E:3B:24:C4:F5:A7:08:97:99:9E:60 X509v3 Authority Key Identifier: keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:1b:22:74:10:f6:2b:08:f8:ab:8f:3d:04:1b:62:e5:66:34: 48:8d:43:ca:47:e3:10:c6:7b:96:f7:9f:3d:7f:3c:10:94:cd: ef:64:98:1d:cb:30:58:3e:b4:fb:db:ee:1b:d3:bc:28:ce:b7: 9e:13:d9:3d:f5:29:dd:fb:0f:8a:e3:aa:15:e2:8c:ed:3e:b3: dc:79:d5:88:a4:54:9d:c1:08:89:be:e4:6c:41:f4:5e:a7:be: 5b:34:32:a6:38:fd:f6:83:be:e9:a3:bb:71:69:c7:b0:0f:fb: 52:ac:77:a9:4e:31:90:73:5c:2b:4e:f2:7c:26:19:0a:5d:73: 31:9e:25:7e:ff:00:47:d6:ed:5e:77:24:6a:40:c5:69:2f:50: f4:30:fc:57:c5:d7:77:e3:ab:37:94:2b:11:f2:2b:c0:a6:ef: 83:65:66:8a:6e:6b:a5:17:b2:90:df:33:11:55:c1:e7:ff:a3: f9:c5:97:38:bd:77:4a:ef:df:75:53:85:09:4c:c4:31:d9:03: ef:43:d4:d9:8a:cd:b4:f9:ac:24:b7:09:c4:47:33:61:3c:56: 07:24:8d:a7:f8:9e:04:b8:f3:54:e2:a6:32:e1:1a:18:1e:00: e5:fe:97:48:9d:e4:5e:36:57:3f:d5:f0:aa:a5:27:c7:d6:96: 04:11:00:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EHWHN7FGoctnfNoCkbAHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy Yjg3OTYwHhcNMjUxMjIwMTQwMTEwWhcNMjUxMjIxMTQwMTEwWjAzMTEwLwYDVQQD Eyg1NjcwMzdlNjIzNmYxMmMzMDc2ZTNiMjRjNGY1YTcwODk3OTk5ZTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPONip9LqrWqGwBZqYVqAeFyYiJG kmYY5qww3uy+rXrewgfam50Kip5zaBmLUtsmsg32CJkMW361OvKRLD2N4ViMvG/f ErjRYlyZajM4EiE1pI/Q9DCFMYcjz+8vIniC1k7Wbjh9SxCmnaMkvd7TeHT1cPzB YgYvpP0AQRS7vT5N2Qf1hG9GUe5hEZGgzV6T3WW4FnJR5SQ3crLSuYKNKOGzHc1F RyMdzYc1TNvvNCHV5kyiXvKfTGUfk4W/xl+ASgkTKV2fxDc3adqoeCGB++xpekUf v+Nsrz3+076n/gQZc6SDri+6Ytm9gsrUCYbBB0J6N4+IXXzPgQdX0xiZLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFZwN+YjbxLDB247JMT1pwiXmZ5gMB8GA1UdIwQY MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt NjFiNzMzNTRhYmRiLzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVxsidBD2 Kwj4q489BBti5WY0SI1DykfjEMZ7lvefPX88EJTN72SYHcswWD60+9vuG9O8KM63 nhPZPfUp3fsPiuOqFeKM7T6z3HnViKRUncEIib7kbEH0Xqe+WzQypjj99oO+6aO7 cWnHsA/7Uqx3qU4xkHNcK07yfCYZCl1zMZ4lfv8AR9btXnckakDFaS9Q9DD8V8XX d+OrN5QrEfIrwKbvg2Vmim5rpReykN8zEVXB5/+j+cWXOL13Su/fdVOFCUzEMdkD 70PU2YrNtPmsJLcJxEczYTxWBySNp/ieBLjzVOKmMuEaGB4A5f6XSJ3kXjZXP9Xw qqUnx9aWBBEArQ== -----END CERTIFICATE-----Generated at Sat Dec 20 22:20:21 2025 by rpki-client