This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft File: 3Rc4MRWBIorSh1OUS-i88hafq6k.mft (raw, json) Hash identifier: rcPmCjvId5fiAkboObgfLChaVF4XwzXRcrsccCbNY7M= Subject key identifier: 1D:45:45:F8:C3:60:A8:39:AC:52:83:0B:A2:94:1D:DB:9B:FE:1C:F6 Authority key identifier: DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9 Certificate issuer: /CN=dd1738311581228ad28753944be8bcf2169faba9 Certificate serial: 019AF12ED7C11B50711A163AA3BB809B008C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft Manifest number: 0F02 Signing time: Sat 06 Dec 2025 01:02:50 +0000 Manifest this update: Sat 06 Dec 2025 01:02:50 +0000 Manifest next update: Sun 07 Dec 2025 01:02:50 +0000 Files and hashes: 1: 3Rc4MRWBIorSh1OUS-i88hafq6k.crl (hash: fAgu6TA1uoQmsFuL76Fn0hdKFg3OnnHRbQ55qqmW7Wc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:d7:c1:1b:50:71:1a:16:3a:a3:bb:80:9b:00:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd1738311581228ad28753944be8bcf2169faba9 Validity Not Before: Dec 6 01:02:50 2025 GMT Not After : Dec 7 01:02:50 2025 GMT Subject: CN=1d4545f8c360a839ac52830ba2941ddb9bfe1cf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:7f:f7:8f:f6:03:4b:a3:42:2d:b9:3c:0a:b3: 80:66:b8:35:d0:54:35:09:dc:7e:31:cd:5c:1e:f9: 95:6e:b4:ea:34:c8:ba:d1:f3:f7:3f:d9:b4:37:09: 99:85:7a:5c:83:65:65:7a:ab:f1:4f:48:aa:5b:fd: 8d:e8:69:c3:c4:1c:d1:de:79:33:92:af:83:ed:ec: bb:36:b2:64:69:a7:b8:49:ed:e3:c9:b2:5c:26:98: d3:05:19:5f:65:55:b1:1e:5a:8d:84:8e:bb:2a:39: 69:c3:d8:36:a5:54:54:27:4c:61:70:9d:0e:0d:88: 93:b0:60:19:c9:ab:7f:73:68:2e:37:ed:cd:e6:fa: 76:75:65:a2:d0:99:94:3e:d1:44:52:9e:f8:51:8b: c3:f3:fb:e9:fd:69:e6:fb:aa:8a:91:08:3d:f1:39: 05:95:01:2f:5a:c3:a1:e9:18:8d:f6:36:ed:a0:17: 59:3d:f6:9c:9f:b1:b6:20:6c:f6:96:29:4f:ed:8f: d0:e9:1c:91:b5:34:2a:6a:eb:b1:17:54:f7:b3:fa: d9:af:75:00:ae:a8:17:02:59:29:9c:9c:b4:b7:76: bf:ac:df:80:20:1d:a7:d7:c9:07:09:f0:09:80:e1: ad:0a:11:87:aa:28:f1:56:d1:eb:cb:10:4e:e2:42: 1b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:45:45:F8:C3:60:A8:39:AC:52:83:0B:A2:94:1D:DB:9B:FE:1C:F6 X509v3 Authority Key Identifier: keyid:DD:17:38:31:15:81:22:8A:D2:87:53:94:4B:E8:BC:F2:16:9F:AB:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Rc4MRWBIorSh1OUS-i88hafq6k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bc41f1-ca7e-4205-b81b-bebfa2fca46f/1/3Rc4MRWBIorSh1OUS-i88hafq6k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:d6:77:39:e7:2b:9d:38:95:fc:be:06:0a:f0:3e:cc:b2:75: 99:20:75:97:60:d3:2d:ca:4e:a6:45:34:fc:de:b8:49:60:17: 7f:60:68:59:eb:1b:48:ef:d6:fb:82:88:9a:f7:e8:c5:78:1c: ce:52:23:aa:17:43:78:8a:29:69:f7:00:90:73:a3:91:1a:a1: dd:42:71:b1:b3:22:29:e6:34:d4:19:35:80:13:e1:1d:56:5c: 5f:cf:6c:ae:4c:45:0b:e0:ea:59:c3:61:0b:60:11:7e:86:e4: 18:26:87:6b:79:f8:eb:83:9d:2c:db:38:5d:1e:a1:f1:95:87: ac:a5:58:38:26:2b:a7:a2:24:9b:25:c6:d8:24:13:46:7e:89: e5:67:22:1c:38:15:a4:c0:cc:2c:29:0b:f8:8d:91:5d:d8:8f: e4:63:5a:bb:40:c7:32:cb:50:ad:33:c6:e7:ae:f1:6b:83:24: db:7c:aa:2c:21:1d:a6:2b:2e:10:d1:59:c2:12:18:9f:1a:5f: 5c:52:cf:ff:a4:60:72:b1:41:35:99:6f:a3:73:f1:d1:27:ee: f3:cd:19:b7:f8:ba:2d:89:af:c6:f7:80:3b:cd:c0:b8:44:17: 32:53:e5:34:f6:3f:1e:0a:5d:b2:82:56:c3:18:33:f4:14:3f: 7b:15:6c:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLtfBG1BxGhY6o7uAmwCMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMTczODMxMTU4MTIyOGFkMjg3NTM5NDRiZThiY2YyMTY5 ZmFiYTkwHhcNMjUxMjA2MDEwMjUwWhcNMjUxMjA3MDEwMjUwWjAzMTEwLwYDVQQD EygxZDQ1NDVmOGMzNjBhODM5YWM1MjgzMGJhMjk0MWRkYjliZmUxY2Y2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X/3j/YDS6NCLbk8CrOAZrg10FQ1 Cdx+Mc1cHvmVbrTqNMi60fP3P9m0NwmZhXpcg2VleqvxT0iqW/2N6GnDxBzR3nkz kq+D7ey7NrJkaae4Se3jybJcJpjTBRlfZVWxHlqNhI67Kjlpw9g2pVRUJ0xhcJ0O DYiTsGAZyat/c2guN+3N5vp2dWWi0JmUPtFEUp74UYvD8/vp/Wnm+6qKkQg98TkF lQEvWsOh6RiN9jbtoBdZPfacn7G2IGz2lilP7Y/Q6RyRtTQqauuxF1T3s/rZr3UA rqgXAlkpnJy0t3a/rN+AIB2n18kHCfAJgOGtChGHqijxVtHryxBO4kIbyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB1FRfjDYKg5rFKDC6KUHdub/hz2MB8GA1UdIwQY MBaAFN0XODEVgSKK0odTlEvovPIWn6upMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWIt YmViZmEyZmNhNDZmLzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9iYzQxZjEtY2E3ZS00MjA1LWI4MWItYmViZmEyZmNhNDZm LzEvM1JjNE1SV0JJb3JTaDFPVVMtaTg4aGFmcTZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxtZ3Oecr nTiV/L4GCvA+zLJ1mSB1l2DTLcpOpkU0/N64SWAXf2BoWesbSO/W+4KImvfoxXgc zlIjqhdDeIopafcAkHOjkRqh3UJxsbMiKeY01Bk1gBPhHVZcX89srkxFC+DqWcNh C2ARfobkGCaHa3n464OdLNs4XR6h8ZWHrKVYOCYrp6IkmyXG2CQTRn6J5WciHDgV pMDMLCkL+I2RXdiP5GNau0DHMstQrTPG567xa4Mk23yqLCEdpisuENFZwhIYnxpf XFLP/6RgcrFBNZlvo3Px0Sfu880Zt/i6LYmvxveAO83AuEQXMlPlNPY/HgpdsoJW wxgz9BQ/exVsXQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:55:50 2025 by rpki-client