This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft File: 3itcv5Z6A0nYiXBLtNYfpSajHW8.mft (raw, json) Hash identifier: UcoAb7gFmoz738V1Nh0dDuBECJ6t7hp8GWQKvDRLsn8= Subject key identifier: A8:33:45:D2:13:5F:AA:6B:DF:14:D8:18:B9:4D:BF:80:52:13:9B:A6 Authority key identifier: DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F Certificate issuer: /CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f Certificate serial: 019AF23F86350E1CBC6E89848DDB4DE28A35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft Manifest number: 16A1 Signing time: Sat 06 Dec 2025 06:00:40 +0000 Manifest this update: Sat 06 Dec 2025 06:00:40 +0000 Manifest next update: Sun 07 Dec 2025 06:00:40 +0000 Files and hashes: 1: 3itcv5Z6A0nYiXBLtNYfpSajHW8.crl (hash: ESakVDboN23fJZFbY20bGdFJFFyzYl/QaNRShnwNqm0=) 2: RmRTHkNLraqOOzazgFQdU_YCKkM.roa (hash: 5SoXabo2aLivwm4lm+kA69S7S7+v67Nc52d80muCgcE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:86:35:0e:1c:bc:6e:89:84:8d:db:4d:e2:8a:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f Validity Not Before: Dec 6 06:00:40 2025 GMT Not After : Dec 7 06:00:40 2025 GMT Subject: CN=a83345d2135faa6bdf14d818b94dbf8052139ba6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:d2:d6:55:1c:51:ec:d9:99:6f:a9:d3:21:b3: 2e:d5:67:38:cf:6d:99:1c:bb:a9:b7:09:6c:00:b3: 9b:08:3a:ff:26:18:ca:e2:14:b0:53:0d:94:b3:ad: b7:5a:2a:17:17:8b:ba:b4:7e:6c:ce:81:eb:bf:6c: 02:cf:3d:80:fc:34:a3:1d:45:73:7d:75:8c:ca:22: 30:2c:f9:91:11:7e:ff:cf:42:ad:84:db:5f:f9:52: 34:69:5d:44:e6:07:b5:34:46:df:57:fb:a1:a6:ed: dd:42:55:91:4f:73:06:0f:bb:b7:ff:74:22:01:b3: 59:24:9a:a2:01:52:1a:33:61:62:9d:39:8f:58:28: 61:fb:3e:69:aa:9a:2f:2b:17:85:cf:49:9d:54:27: 18:3e:dd:b5:d5:1f:55:1b:69:2d:83:54:42:bc:92: 6a:a9:dd:24:2a:fe:32:9f:40:7e:16:83:f8:ea:18: 2e:f2:db:27:f9:01:60:4a:54:c2:f1:7d:d0:2f:e9: 1f:a6:04:f3:ea:aa:f3:66:a1:91:ad:c1:93:1d:77: 06:cd:27:68:29:2c:ef:4a:64:da:69:ce:6f:e5:bf: 47:7d:53:61:5d:bf:af:65:f0:81:d1:e2:d7:04:db: 04:e2:39:5a:4f:d2:79:80:46:d6:b2:82:0d:b0:03: 45:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:33:45:D2:13:5F:AA:6B:DF:14:D8:18:B9:4D:BF:80:52:13:9B:A6 X509v3 Authority Key Identifier: keyid:DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:a2:66:a8:72:b3:82:36:34:fb:3a:da:ba:a7:cb:19:85:b5: ce:27:d1:29:69:09:33:38:72:d8:66:0e:1e:78:7c:0f:bd:af: 1d:fb:9e:77:3e:5c:9e:f0:d8:00:25:9a:8f:2a:3f:7d:48:c3: 1c:ec:85:32:33:85:0c:74:86:81:f6:00:4a:91:86:37:80:ff: 89:01:82:b8:9d:c2:a9:2f:2c:45:36:7a:64:8c:66:63:f2:8d: 17:d2:76:2d:c5:7a:1f:92:62:4f:2d:a4:20:99:f6:93:37:08: 7e:6b:d4:23:48:7d:6f:db:d9:5e:60:66:ba:3c:89:5f:05:71: 84:2a:ef:8e:f3:30:ce:22:ee:28:65:d1:ad:f4:16:1c:67:c5: 29:6c:d9:3d:ad:71:6d:65:81:18:31:be:a0:59:e9:d1:5c:80: 71:b6:42:f4:c5:57:8c:47:0d:88:ae:7d:f8:b8:7a:e0:81:2b: 6f:92:8d:6a:08:9a:96:88:64:20:ec:5f:ad:ce:45:85:52:83: 5f:b1:10:3f:19:45:0f:c5:97:d0:f6:b0:a3:c9:ba:bc:e7:75: b2:cf:94:0e:e5:ec:88:fb:3b:dd:06:c7:6a:b2:9a:ea:2d:29: b9:4c:e6:4e:97:c4:4f:b7:2d:e4:ab:4c:ff:2b:4c:72:c3:ea: 78:9a:8a:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP4Y1Dhy8bomEjdtN4oo1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMmI1Y2JmOTY3YTAzNDlkODg5NzA0YmI0ZDYxZmE1MjZh MzFkNmYwHhcNMjUxMjA2MDYwMDQwWhcNMjUxMjA3MDYwMDQwWjAzMTEwLwYDVQQD EyhhODMzNDVkMjEzNWZhYTZiZGYxNGQ4MThiOTRkYmY4MDUyMTM5YmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9LWVRxR7NmZb6nTIbMu1Wc4z22Z HLuptwlsALObCDr/JhjK4hSwUw2Us623WioXF4u6tH5szoHrv2wCzz2A/DSjHUVz fXWMyiIwLPmREX7/z0KthNtf+VI0aV1E5ge1NEbfV/uhpu3dQlWRT3MGD7u3/3Qi AbNZJJqiAVIaM2FinTmPWChh+z5pqpovKxeFz0mdVCcYPt211R9VG2ktg1RCvJJq qd0kKv4yn0B+FoP46hgu8tsn+QFgSlTC8X3QL+kfpgTz6qrzZqGRrcGTHXcGzSdo KSzvSmTaac5v5b9HfVNhXb+vZfCB0eLXBNsE4jlaT9J5gEbWsoINsANFJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKgzRdITX6pr3xTYGLlNv4BSE5umMB8GA1UdIwQY MBaAFN4rXL+WegNJ2IlwS7TWH6Umox1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAt ZmQ3MmQ5NjJkZjI3LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAtZmQ3MmQ5NjJkZjI3 LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASqJmqHKz gjY0+zrauqfLGYW1zifRKWkJMzhy2GYOHnh8D72vHfuedz5cnvDYACWajyo/fUjD HOyFMjOFDHSGgfYASpGGN4D/iQGCuJ3CqS8sRTZ6ZIxmY/KNF9J2LcV6H5JiTy2k IJn2kzcIfmvUI0h9b9vZXmBmujyJXwVxhCrvjvMwziLuKGXRrfQWHGfFKWzZPa1x bWWBGDG+oFnp0VyAcbZC9MVXjEcNiK59+Lh64IErb5KNagialohkIOxfrc5FhVKD X7EQPxlFD8WX0Pawo8m6vOd1ss+UDuXsiPs73QbHarKa6i0puUzmTpfET7ct5KtM /ytMcsPqeJqKQg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:00:51 2025 by rpki-client