This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft File: 3APMhzX27sAjqfI6BLLpDVOpIVI.mft (raw, json) Hash identifier: hg4uKXGWicAWM/NVDz20Cw74VbN1MaurtQaW0gNJWxg= Subject key identifier: 92:A4:B1:1C:67:28:43:78:5B:45:78:50:4C:91:8C:F9:D6:73:66:2A Authority key identifier: DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52 Certificate issuer: /CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152 Certificate serial: 019AF50BB8B92C7E7A8B4592FF6FC7BE57FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft Manifest number: 07F4 Signing time: Sat 06 Dec 2025 19:02:57 +0000 Manifest this update: Sat 06 Dec 2025 19:02:57 +0000 Manifest next update: Sun 07 Dec 2025 19:02:57 +0000 Files and hashes: 1: 3APMhzX27sAjqfI6BLLpDVOpIVI.crl (hash: Soh/voD95gUv2rXlViISuHBXsQ59Joyvm1YSoDjmFQY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:b8:b9:2c:7e:7a:8b:45:92:ff:6f:c7:be:57:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc03cc8735f6eec023a9f23a04b2e90d53a92152 Validity Not Before: Dec 6 19:02:57 2025 GMT Not After : Dec 7 19:02:57 2025 GMT Subject: CN=92a4b11c672843785b4578504c918cf9d673662a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:81:b3:61:69:a7:2c:36:e1:32:80:09:2a:57: 6a:e4:5e:ef:e6:76:e7:73:ed:37:0f:34:f0:7a:b2: 11:0f:b3:c1:3a:76:68:40:31:cf:f5:6e:2a:d9:2c: 15:22:cc:8c:2b:aa:f1:79:1c:37:ca:1f:e4:11:62: a2:d0:47:f6:af:db:1a:c1:f5:f0:9e:f5:11:80:ce: a8:c2:8a:68:d7:c6:09:b9:41:5e:d1:88:78:22:66: 8c:b0:74:7f:20:47:4a:03:9b:91:31:50:86:67:f0: 42:8f:d6:e9:93:b7:40:d2:48:a1:55:a8:09:cd:33: 81:20:5b:28:47:13:ca:31:29:5a:7b:01:9d:b7:02: 33:14:c7:c7:cc:a3:53:6a:cd:55:b9:18:34:30:1c: d4:86:52:1f:15:cf:60:59:16:27:89:3c:d4:d6:21: 2b:c3:70:a7:2a:f7:45:81:e1:08:1d:8c:d9:e6:21: 99:ea:11:a2:b2:9b:c6:f4:cd:9b:8e:db:87:c5:58: 5d:a1:46:d2:e9:fd:6f:2d:eb:4d:26:0f:23:e8:b7: 5c:e3:59:81:62:d9:1b:ce:c8:10:9e:27:9b:ff:96: 8d:da:c1:c1:74:7a:4b:3b:a9:72:19:a6:e7:35:b0: 54:64:73:e9:b6:bb:04:3b:ac:69:f3:57:9b:f6:39: ab:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:A4:B1:1C:67:28:43:78:5B:45:78:50:4C:91:8C:F9:D6:73:66:2A X509v3 Authority Key Identifier: keyid:DC:03:CC:87:35:F6:EE:C0:23:A9:F2:3A:04:B2:E9:0D:53:A9:21:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3APMhzX27sAjqfI6BLLpDVOpIVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b5662a-61a5-48a9-877b-c4453afb2933/1/3APMhzX27sAjqfI6BLLpDVOpIVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:5b:59:a7:31:87:39:d3:b5:c9:bf:1c:48:25:ef:a2:ac:d4: 4c:3e:7c:60:ba:35:fc:2b:51:a8:01:a3:cd:6c:ff:68:c3:6f: 8f:ba:ef:33:96:97:0b:e8:1d:7d:b4:5d:18:72:ae:fc:00:a9: fa:83:4d:ac:5c:c5:ab:6d:40:98:3c:0c:bd:d6:d9:1d:dd:f4: 4d:ac:7f:40:2f:6d:d0:2b:96:1d:3a:8d:7c:85:6b:07:1f:05: 42:7f:c6:41:2e:84:4b:5c:83:48:05:89:c2:c6:b3:9b:72:16: dc:e5:a4:16:d5:d8:7c:9e:03:6b:ef:d2:3d:d8:94:2f:14:e0: 89:77:4a:97:f5:a7:a1:41:34:e0:66:dc:15:31:d5:66:31:54: f3:0f:4c:45:dd:b5:5c:c8:91:d6:a8:b1:ed:61:65:95:4d:c9: 97:7d:ec:90:c7:0f:7c:0d:c9:ce:d7:5f:78:75:06:90:fc:9b: 7f:30:f7:b2:07:f0:42:70:0e:6c:72:dc:c1:71:05:f3:b7:01: fa:62:44:ee:0c:00:6f:b1:ff:ba:e6:32:8d:0e:24:9f:75:5b: 0a:5a:bf:81:76:14:c0:40:15:c3:11:b4:77:70:6a:b2:2c:69: ce:9a:6a:09:f2:31:2a:8d:8b:de:25:da:d5:da:ed:5a:61:76: 88:88:fa:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C7i5LH56i0WS/2/Hvlf/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDNjYzg3MzVmNmVlYzAyM2E5ZjIzYTA0YjJlOTBkNTNh OTIxNTIwHhcNMjUxMjA2MTkwMjU3WhcNMjUxMjA3MTkwMjU3WjAzMTEwLwYDVQQD Eyg5MmE0YjExYzY3Mjg0Mzc4NWI0NTc4NTA0YzkxOGNmOWQ2NzM2NjJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoGzYWmnLDbhMoAJKldq5F7v5nbn c+03DzTwerIRD7PBOnZoQDHP9W4q2SwVIsyMK6rxeRw3yh/kEWKi0Ef2r9sawfXw nvURgM6owopo18YJuUFe0Yh4ImaMsHR/IEdKA5uRMVCGZ/BCj9bpk7dA0kihVagJ zTOBIFsoRxPKMSlaewGdtwIzFMfHzKNTas1VuRg0MBzUhlIfFc9gWRYniTzU1iEr w3CnKvdFgeEIHYzZ5iGZ6hGispvG9M2bjtuHxVhdoUbS6f1vLetNJg8j6Ldc41mB YtkbzsgQnieb/5aN2sHBdHpLO6lyGabnNbBUZHPptrsEO6xp81eb9jmrOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJKksRxnKEN4W0V4UEyRjPnWc2YqMB8GA1UdIwQY MBaAFNwDzIc19u7AI6nyOgSy6Q1TqSFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2It YzQ0NTNhZmIyOTMzLzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9iNTY2MmEtNjFhNS00OGE5LTg3N2ItYzQ0NTNhZmIyOTMz LzEvM0FQTWh6WDI3c0FqcWZJNkJMTHBEVk9wSVZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApltZpzGH OdO1yb8cSCXvoqzUTD58YLo1/CtRqAGjzWz/aMNvj7rvM5aXC+gdfbRdGHKu/ACp +oNNrFzFq21AmDwMvdbZHd30Tax/QC9t0CuWHTqNfIVrBx8FQn/GQS6ES1yDSAWJ wsazm3IW3OWkFtXYfJ4Da+/SPdiULxTgiXdKl/WnoUE04GbcFTHVZjFU8w9MRd21 XMiR1qix7WFllU3Jl33skMcPfA3JztdfeHUGkPybfzD3sgfwQnAObHLcwXEF87cB +mJE7gwAb7H/uuYyjQ4kn3VbClq/gXYUwEAVwxG0d3BqsixpzppqCfIxKo2L3iXa 1drtWmF2iIj6vw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:42:58 2025 by rpki-client