This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft File: 3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json) Hash identifier: 2PAOks3TSWe2xwUleqGog6nd1HmVCyuJvUHyTj3yqNI= Subject key identifier: 3E:54:F0:D1:07:7B:00:62:B4:75:9D:F9:6B:EC:67:43:2E:F9:64:89 Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F Certificate issuer: /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f Certificate serial: 019AFCC41ADA2A2862ABCD5FB0FD9CF49933 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft Manifest number: 0A33 Signing time: Mon 08 Dec 2025 07:01:41 +0000 Manifest this update: Mon 08 Dec 2025 07:01:41 +0000 Manifest next update: Tue 09 Dec 2025 07:01:41 +0000 Files and hashes: 1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: 717rrZ5QKb15twBl/NUT/3P7O62BYLKwHir6Uead7Vk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:c4:1a:da:2a:28:62:ab:cd:5f:b0:fd:9c:f4:99:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f Validity Not Before: Dec 8 07:01:41 2025 GMT Not After : Dec 9 07:01:41 2025 GMT Subject: CN=3e54f0d1077b0062b4759df96bec67432ef96489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:43:91:48:e7:c3:24:45:68:51:24:01:22:ec: e5:2e:2a:20:87:ee:82:55:66:1b:c1:7e:19:a6:c8: 09:ea:79:8b:4b:d5:02:b9:a7:04:22:4e:34:2b:e9: 16:8e:24:43:28:2c:b1:40:38:8e:a9:62:eb:a9:4d: 53:a0:ac:50:de:b9:58:b3:7e:45:5b:3f:b4:35:3c: 85:99:10:e4:dd:88:db:6c:a6:55:73:bb:ba:c0:87: 8b:79:70:f3:1b:19:50:f7:0b:b9:fd:c2:bb:a3:6e: 2d:71:b9:b1:c4:dd:15:04:7a:bf:91:57:38:d5:cf: 80:b5:43:46:bf:15:5f:d6:b9:32:9d:0e:8f:47:2b: ed:ae:b7:9f:03:88:5c:4c:06:fd:19:3d:55:5a:bb: 6e:b1:91:30:e0:c8:28:6b:31:c0:8e:b0:bb:ed:79: 9a:f1:4d:e5:aa:09:d1:ae:b9:d8:6c:d6:d8:5c:ec: ed:bc:7f:b1:3b:cd:96:ec:b8:b2:3d:d0:1b:bc:8b: 10:7a:14:0c:df:b0:29:58:75:29:ce:ec:25:37:9e: a7:cb:09:a9:e4:56:89:b8:31:85:22:5a:0a:f8:fc: f0:c9:0c:e5:58:fa:e7:eb:04:ee:5d:00:f6:79:f1: ef:ef:e5:6a:8f:bf:d4:67:ae:f9:f1:eb:63:df:23: 0f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:54:F0:D1:07:7B:00:62:B4:75:9D:F9:6B:EC:67:43:2E:F9:64:89 X509v3 Authority Key Identifier: keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:cf:e5:23:99:06:7e:a8:4a:c7:aa:48:67:1e:40:0a:8c:f2: ef:62:70:38:cb:19:aa:4c:51:4d:71:30:03:15:61:23:e2:68: c8:ad:d6:53:d5:c0:2d:da:00:35:c2:d9:12:74:1e:23:36:3f: c9:78:2c:86:81:c0:94:69:0f:86:10:25:e7:58:c4:23:1d:16: 3d:8d:51:8a:88:62:9a:d4:91:3a:21:cb:8a:ff:ce:2d:f2:99: 93:93:64:05:9f:39:35:53:e1:bc:9f:7f:e6:6f:d2:1c:1e:b7: 19:e6:eb:3e:27:ba:fa:b7:b2:a2:db:bf:51:1c:89:f1:cb:6d: 77:c7:76:2f:ea:d6:7c:6b:25:a0:f5:0a:0a:ba:43:dc:ff:43: a1:09:dc:3f:73:d9:a4:87:b1:c7:92:c6:4d:f4:32:d0:1e:7b: 0b:04:7f:42:cf:f4:71:1b:65:6a:8f:89:fd:bd:8a:43:2c:06: 4d:c3:b5:cd:62:df:b6:cd:76:f0:13:f4:e7:2a:f2:54:6c:55: 9a:88:46:4e:55:b5:e2:9d:4b:43:b3:0c:8b:7d:94:5a:4a:9d: ba:2c:0c:65:e3:25:bb:0d:c5:88:a6:b7:a6:ab:f0:ba:23:bc: eb:bc:7b:3c:6f:2d:59:94:4d:0e:ec:4c:b1:7f:d3:40:1a:6a: 56:e8:07:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8xBraKihiq81fsP2c9JkzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl NjkwOWYwHhcNMjUxMjA4MDcwMTQxWhcNMjUxMjA5MDcwMTQxWjAzMTEwLwYDVQQD EygzZTU0ZjBkMTA3N2IwMDYyYjQ3NTlkZjk2YmVjNjc0MzJlZjk2NDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EORSOfDJEVoUSQBIuzlLiogh+6C VWYbwX4ZpsgJ6nmLS9UCuacEIk40K+kWjiRDKCyxQDiOqWLrqU1ToKxQ3rlYs35F Wz+0NTyFmRDk3YjbbKZVc7u6wIeLeXDzGxlQ9wu5/cK7o24tcbmxxN0VBHq/kVc4 1c+AtUNGvxVf1rkynQ6PRyvtrrefA4hcTAb9GT1VWrtusZEw4MgoazHAjrC77Xma 8U3lqgnRrrnYbNbYXOztvH+xO82W7LiyPdAbvIsQehQM37ApWHUpzuwlN56nywmp 5FaJuDGFIloK+PzwyQzlWPrn6wTuXQD2efHv7+Vqj7/UZ6758etj3yMPgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD5U8NEHewBitHWd+WvsZ0Mu+WSJMB8GA1UdIwQY MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYM/lI5kG fqhKx6pIZx5ACozy72JwOMsZqkxRTXEwAxVhI+JoyK3WU9XALdoANcLZEnQeIzY/ yXgshoHAlGkPhhAl51jEIx0WPY1RiohimtSROiHLiv/OLfKZk5NkBZ85NVPhvJ9/ 5m/SHB63GebrPie6+reyotu/URyJ8cttd8d2L+rWfGsloPUKCrpD3P9DoQncP3PZ pIexx5LGTfQy0B57CwR/Qs/0cRtlao+J/b2KQywGTcO1zWLfts128BP05yryVGxV mohGTlW14p1LQ7MMi32UWkqduiwMZeMluw3FiKa3pqvwuiO867x7PG8tWZRNDuxM sX/TQBpqVugHPA== -----END CERTIFICATE-----Generated at Mon Dec 8 09:39:17 2025 by rpki-client