This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft File: 03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json) Hash identifier: 5iT84JfMUk2Zm0x2lGlWWXvUDf4lr7hR4byISTgEAMU= Subject key identifier: 95:4A:1F:07:23:2F:FA:33:72:75:FC:75:56:AB:8B:9D:24:9E:93:A6 Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43 Certificate issuer: /CN=d378771a106f6b0d054a57785356922caf02e343 Certificate serial: 019B44A55B60DEA0BA8303EA26B9DA5D0D30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft Manifest number: 0B36 Signing time: Mon 22 Dec 2025 06:00:46 +0000 Manifest this update: Mon 22 Dec 2025 06:00:46 +0000 Manifest next update: Tue 23 Dec 2025 06:00:46 +0000 Files and hashes: 1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: dMKC2BJQwQjQ7ZqOX1qA1mDmFfRPAPL6dbneMwKKT5g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:5b:60:de:a0:ba:83:03:ea:26:b9:da:5d:0d:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d378771a106f6b0d054a57785356922caf02e343 Validity Not Before: Dec 22 06:00:46 2025 GMT Not After : Dec 23 06:00:46 2025 GMT Subject: CN=954a1f07232ffa337275fc7556ab8b9d249e93a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fb:ac:e5:a1:ef:7b:81:90:83:e3:99:50:12: 64:85:2f:4a:d5:c6:35:03:e1:57:f2:e1:a3:3a:80: f2:57:3a:f2:a9:ba:93:ca:21:f3:df:44:ba:20:ec: 9b:27:39:1f:25:2c:83:0e:a0:34:46:c6:01:73:b8: 07:3b:a3:60:94:1d:89:67:be:20:8b:c6:4a:08:74: e5:f1:6c:92:2a:ea:ee:31:5b:50:7e:a1:2d:22:4c: f3:00:cd:8c:e3:5d:d3:8a:82:01:80:4d:f9:f4:61: 80:75:5f:84:52:dd:23:81:55:b0:16:de:4a:a4:a6: c5:e6:1e:25:13:19:99:6b:65:56:33:c9:05:16:77: 0b:98:50:22:97:e7:08:42:15:79:01:af:f6:1c:15: 68:9d:e2:6e:d8:ac:00:2f:45:d2:c1:ff:33:b7:65: b5:48:c4:9c:6c:9f:47:ff:20:6e:57:78:3f:78:ca: 70:ef:62:f5:cc:76:a1:5f:c1:37:91:43:fd:a6:60: 93:ff:47:d9:a2:92:1a:ad:c3:67:1e:8e:73:c7:66: 08:ac:75:3e:e0:23:28:9a:73:76:7f:55:8a:21:1b: 1d:9b:0f:45:04:f0:a4:3b:09:a0:f7:a9:08:10:53: a1:ac:7a:94:c8:89:5e:34:66:1e:14:75:fe:90:23: 2b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:4A:1F:07:23:2F:FA:33:72:75:FC:75:56:AB:8B:9D:24:9E:93:A6 X509v3 Authority Key Identifier: keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:18:52:15:98:f2:2d:7e:fa:49:f7:29:66:1c:1a:6a:9b:de: 22:0b:5f:29:4e:ca:a2:9e:2f:5f:73:82:df:16:ed:b1:32:4a: b8:0b:93:2b:6e:e6:45:94:57:38:df:ca:3d:77:e7:11:47:25: 7d:a4:56:a6:ca:92:3b:b4:7b:7c:b0:2b:05:fe:e6:7b:10:f0: 50:cc:12:d5:46:65:9d:78:c7:bf:56:27:76:2d:c7:3e:cf:1d: a1:b0:bc:ae:d8:e8:13:3c:4f:53:d8:d3:f0:a2:50:58:84:82: 08:5e:5f:d6:98:a6:23:75:49:46:9d:08:56:42:5f:26:6e:fe: 05:e9:25:b9:c6:1c:74:3d:88:0f:62:6b:37:b5:f6:4c:63:94: 4e:09:ce:bc:5a:60:b0:31:fd:86:95:0c:ee:06:24:79:5d:10: bb:23:74:16:8d:25:5a:d5:e0:11:ff:cb:a3:04:60:e9:74:62: 1e:ac:90:10:17:97:f8:85:63:19:a1:f4:9d:0c:71:08:7b:62: d7:3e:38:c1:ad:e3:75:a6:e7:6e:6b:70:f5:1f:be:2f:43:26: b8:8d:00:19:31:4e:bc:09:b2:44:78:d0:51:5f:2e:12:c7:24: f6:b9:cc:67:fd:ef:79:2f:71:9d:b3:55:d2:76:f6:2d:79:fc: 01:70:3e:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpVtg3qC6gwPqJrnaXQ0wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw MmUzNDMwHhcNMjUxMjIyMDYwMDQ2WhcNMjUxMjIzMDYwMDQ2WjAzMTEwLwYDVQQD Eyg5NTRhMWYwNzIzMmZmYTMzNzI3NWZjNzU1NmFiOGI5ZDI0OWU5M2E2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfus5aHve4GQg+OZUBJkhS9K1cY1 A+FX8uGjOoDyVzryqbqTyiHz30S6IOybJzkfJSyDDqA0RsYBc7gHO6NglB2JZ74g i8ZKCHTl8WySKuruMVtQfqEtIkzzAM2M413TioIBgE359GGAdV+EUt0jgVWwFt5K pKbF5h4lExmZa2VWM8kFFncLmFAil+cIQhV5Aa/2HBVoneJu2KwAL0XSwf8zt2W1 SMScbJ9H/yBuV3g/eMpw72L1zHahX8E3kUP9pmCT/0fZopIarcNnHo5zx2YIrHU+ 4CMomnN2f1WKIRsdmw9FBPCkOwmg96kIEFOhrHqUyIleNGYeFHX+kCMrOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJVKHwcjL/ozcnX8dVari50knpOmMB8GA1UdIwQY MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5 LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhhSFZjy LX76SfcpZhwaapveIgtfKU7Kop4vX3OC3xbtsTJKuAuTK27mRZRXON/KPXfnEUcl faRWpsqSO7R7fLArBf7mexDwUMwS1UZlnXjHv1Yndi3HPs8dobC8rtjoEzxPU9jT 8KJQWISCCF5f1pimI3VJRp0IVkJfJm7+BeklucYcdD2ID2JrN7X2TGOUTgnOvFpg sDH9hpUM7gYkeV0QuyN0Fo0lWtXgEf/LowRg6XRiHqyQEBeX+IVjGaH0nQxxCHti 1z44wa3jdabnbmtw9R++L0MmuI0AGTFOvAmyRHjQUV8uEsck9rnMZ/3veS9xnbNV 0nb2LXn8AXA+bQ== -----END CERTIFICATE-----Generated at Mon Dec 22 11:31:22 2025 by rpki-client