This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft File: 04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json) Hash identifier: 5KM+MJbqCL2yo0TEM8uruFXWfd5LQZ/9MTF20+lcAe0= Subject key identifier: D3:42:85:6B:9D:67:21:3E:31:4B:0F:60:03:1B:6A:D7:9E:04:93:F3 Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65 Certificate issuer: /CN=d381b701705190b9ce9d1b184535384e71ca3165 Certificate serial: 019AF12E42BC245F7E4FBED34B7FB0950F38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:02:11 +0000 Manifest this update: Sat 06 Dec 2025 01:02:11 +0000 Manifest next update: Sun 07 Dec 2025 01:02:11 +0000 Files and hashes: 1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: nVzSjT3wDxdVyRNw6YNp8DROTfHfOlgBgzCDyR4VW3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:42:bc:24:5f:7e:4f:be:d3:4b:7f:b0:95:0f:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165 Validity Not Before: Dec 6 01:02:11 2025 GMT Not After : Dec 7 01:02:11 2025 GMT Subject: CN=d342856b9d67213e314b0f60031b6ad79e0493f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:41:ef:e3:8d:53:6b:2b:cd:9a:c4:b6:1c:19: e4:a0:e9:93:02:60:2d:d3:3e:01:48:f3:4f:e2:42: 82:8f:30:a7:d9:12:aa:59:81:ef:c9:be:a4:0a:6a: 6d:3c:fe:6f:09:c1:58:5c:09:55:f6:62:33:26:d5: 52:c0:f9:cb:b1:b7:41:c7:4e:0b:f9:93:05:a2:93: de:23:d7:3f:9d:4d:26:18:5a:22:cf:24:fc:0d:13: e3:c5:27:05:9b:71:95:64:2c:03:c1:b7:25:a7:84: 13:57:c2:9b:24:fa:03:1f:79:25:ed:89:f8:9c:58: 3e:51:46:07:0c:fc:02:62:37:74:1e:ac:9d:6d:58: 69:6a:32:4f:67:92:65:70:d4:96:87:cb:b7:9f:c4: a3:2b:1a:4b:3b:a2:cc:35:24:ed:31:23:da:9c:4c: 7c:58:82:5d:5a:ea:6d:41:89:62:3e:37:ae:00:27: 7c:3b:f4:25:7d:c7:6f:4b:3a:29:64:9a:a2:6a:75: bb:5f:f3:a4:61:31:d6:ca:d7:67:a0:49:16:2d:0a: 37:cf:1f:00:de:c4:26:5b:99:23:99:f2:5c:99:ae: 82:d6:3b:c2:1e:c6:38:6e:c8:e0:06:03:eb:60:2a: bb:35:c1:15:b1:26:b5:9e:35:fb:6b:61:bf:c8:21: 6b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:42:85:6B:9D:67:21:3E:31:4B:0F:60:03:1B:6A:D7:9E:04:93:F3 X509v3 Authority Key Identifier: keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:ac:a9:52:8e:22:a7:24:bf:d6:05:c5:7c:75:0a:05:bf:7a: 69:55:78:0e:f7:aa:2c:70:df:c0:68:e2:66:cf:e2:12:8f:a6: b8:aa:d4:a0:b9:a8:8c:96:93:9d:d1:9b:6b:1b:07:fe:38:7a: 7c:4f:ad:67:0a:ef:27:9b:1d:3f:7a:50:a0:59:20:74:d9:04: c7:45:88:71:2a:14:eb:82:b1:d9:9a:02:02:bf:7c:f1:de:90: 6e:fa:3b:fa:53:80:81:72:2f:dc:7a:4b:d8:07:d4:3a:e6:2b: e4:79:9c:8e:89:c7:d9:a7:ca:bc:fb:df:67:1a:9c:8f:6e:2b: 94:13:d5:b7:4c:f0:3d:45:20:80:86:ac:8e:d6:5e:27:19:b0: b4:99:87:2a:69:97:01:ce:d3:10:8a:5b:55:2d:9f:58:30:61: e3:94:c2:35:aa:39:81:1d:47:a3:5a:4b:23:9e:22:57:3b:f2: 1e:08:7b:fa:21:cd:4b:68:e9:d2:19:95:32:2c:ad:3c:a1:5c: ae:78:09:28:22:fd:0b:1f:0c:af:b8:56:58:d8:08:63:fb:b3: 85:8b:04:f1:d5:19:0e:76:74:db:94:e9:e1:d4:a1:e5:b6:75: ab:4d:c6:5e:22:27:ff:d5:09:88:6d:a6:30:d3:e8:6d:f9:be: 6b:2f:e0:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLkK8JF9+T77TS3+wlQ84MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj YTMxNjUwHhcNMjUxMjA2MDEwMjExWhcNMjUxMjA3MDEwMjExWjAzMTEwLwYDVQQD EyhkMzQyODU2YjlkNjcyMTNlMzE0YjBmNjAwMzFiNmFkNzllMDQ5M2YzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEHv441TayvNmsS2HBnkoOmTAmAt 0z4BSPNP4kKCjzCn2RKqWYHvyb6kCmptPP5vCcFYXAlV9mIzJtVSwPnLsbdBx04L +ZMFopPeI9c/nU0mGFoizyT8DRPjxScFm3GVZCwDwbclp4QTV8KbJPoDH3kl7Yn4 nFg+UUYHDPwCYjd0HqydbVhpajJPZ5JlcNSWh8u3n8SjKxpLO6LMNSTtMSPanEx8 WIJdWuptQYliPjeuACd8O/QlfcdvSzopZJqianW7X/OkYTHWytdnoEkWLQo3zx8A 3sQmW5kjmfJcma6C1jvCHsY4bsjgBgPrYCq7NcEVsSa1njX7a2G/yCFrXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNNChWudZyE+MUsPYAMbateeBJPzMB8GA1UdIwQY MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkqypUo4i pyS/1gXFfHUKBb96aVV4DveqLHDfwGjiZs/iEo+muKrUoLmojJaTndGbaxsH/jh6 fE+tZwrvJ5sdP3pQoFkgdNkEx0WIcSoU64Kx2ZoCAr988d6Qbvo7+lOAgXIv3HpL 2AfUOuYr5HmcjonH2afKvPvfZxqcj24rlBPVt0zwPUUggIasjtZeJxmwtJmHKmmX Ac7TEIpbVS2fWDBh45TCNao5gR1Ho1pLI54iVzvyHgh7+iHNS2jp0hmVMiytPKFc rngJKCL9Cx8Mr7hWWNgIY/uzhYsE8dUZDnZ025Tp4dSh5bZ1q03GXiIn/9UJiG2m MNPobfm+ay/g2Q== -----END CERTIFICATE-----Generated at Sat Dec 6 11:32:22 2025 by rpki-client