This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft File: 3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft (raw, json) Hash identifier: CjSJECzLFPy6pDLDLfnItSRk8LxJBjH8RNh+reBRWqs= Subject key identifier: 54:7F:A8:C4:F6:F0:8A:0B:AE:4D:17:F5:E2:E2:F5:74:12:9C:72:DC Authority key identifier: DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F Certificate issuer: /CN=df3b1d2773a03d317a7703193d2f45429a94ba9f Certificate serial: 019AF50BC51EEE4BFA983DD551E6903699E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft Manifest number: 0149 Signing time: Sat 06 Dec 2025 19:03:00 +0000 Manifest this update: Sat 06 Dec 2025 19:03:00 +0000 Manifest next update: Sun 07 Dec 2025 19:03:00 +0000 Files and hashes: 1: 1OnAxERvwCdnk__Rn-ReVSlbcoM.roa (hash: aqwsdMgIbP4mFzFG0p4x2dQgO0GnM+i3JMeyA55YC7E=) 2: 3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl (hash: A1Npgg13ZKa+roF99cXGO3/M6TP+GMc1mNjPxaenoQw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:c5:1e:ee:4b:fa:98:3d:d5:51:e6:90:36:99:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3b1d2773a03d317a7703193d2f45429a94ba9f Validity Not Before: Dec 6 19:03:00 2025 GMT Not After : Dec 7 19:03:00 2025 GMT Subject: CN=547fa8c4f6f08a0bae4d17f5e2e2f574129c72dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ff:e0:d0:53:7e:cf:bf:1c:6a:e9:73:f1:6d: d7:e9:c8:cc:19:ec:70:e8:3c:77:23:8f:f4:23:64: 74:75:88:41:d2:9e:39:18:df:8f:b3:6c:ab:7d:56: 9e:a0:91:d4:a8:e3:c3:79:0f:8a:f0:bf:67:50:4e: d7:eb:92:ab:7d:ee:32:b6:6a:0c:88:2e:33:dd:f3: 95:9d:8d:12:f3:86:23:94:77:ec:f5:20:2b:a8:4f: 05:78:c6:d0:c2:53:06:e7:f3:12:64:71:c2:f8:bc: 6b:ca:c7:18:45:a8:61:0f:57:11:de:08:f1:46:11: b9:38:2b:20:f9:c2:7e:bc:29:b1:ad:85:10:86:b7: 27:83:70:01:1a:af:73:0f:1c:19:a2:df:5d:8f:ba: 81:f1:ca:2d:28:b6:93:d1:e8:65:86:91:62:42:52: a7:79:97:46:b0:8e:00:dd:eb:18:bd:cb:26:6b:1d: 28:0c:f8:43:46:e6:85:3b:46:81:f4:04:88:ec:7a: aa:da:16:ae:23:a3:8d:9b:98:e5:2c:4b:a1:91:26: 80:85:14:4d:f9:3a:61:9a:11:43:88:85:ed:cc:ac: a1:d5:ac:a9:5f:27:3a:6a:d0:00:22:5c:b6:ba:14: 8c:c9:14:13:cb:43:9a:47:8b:c0:32:fe:5a:e5:97: fc:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:7F:A8:C4:F6:F0:8A:0B:AE:4D:17:F5:E2:E2:F5:74:12:9C:72:DC X509v3 Authority Key Identifier: keyid:DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:2b:cc:68:03:6f:6e:29:d8:2b:86:71:3f:5d:e5:dd:79:f9: 12:29:12:80:77:94:c8:63:e2:13:64:7b:0b:e1:9d:92:80:9c: 50:7b:76:32:d0:57:25:96:11:b9:b2:2f:0f:9e:e4:6e:ed:0f: d2:52:52:ab:59:48:68:0c:98:0c:e7:e4:2d:64:b1:36:be:cd: 7f:a3:7f:c6:cf:85:77:11:8d:2d:3b:8a:f4:19:54:76:b4:73: 00:0d:32:dd:0e:81:1e:77:44:bd:d9:64:b9:3a:fe:c3:13:52: 74:b0:30:f3:11:fe:e4:ae:15:d8:65:1f:bf:9c:5e:47:28:c8: 85:3b:4b:02:72:49:9f:69:67:c1:5d:25:6b:ac:5b:64:e4:1e: 57:d8:cc:96:30:e5:f9:fd:90:7b:21:b6:c8:41:02:db:3e:a9: a7:54:e9:bf:08:99:8f:1f:a5:cf:1b:11:07:58:f8:17:cf:e2: ae:ae:e4:67:0a:09:1a:74:0b:89:0e:2e:be:32:a3:38:1c:e8: 0b:62:be:88:bb:87:36:e3:79:43:e9:be:13:ba:9a:32:0b:0b: 96:82:64:3b:dd:62:a2:5a:33:1e:35:be:dd:91:46:fa:b5:32: c6:b6:d3:0a:e8:b9:17:e3:09:f9:fc:9e:36:ed:12:4f:4e:3d: fd:e2:96:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C8Ue7kv6mD3VUeaQNpnkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2IxZDI3NzNhMDNkMzE3YTc3MDMxOTNkMmY0NTQyOWE5 NGJhOWYwHhcNMjUxMjA2MTkwMzAwWhcNMjUxMjA3MTkwMzAwWjAzMTEwLwYDVQQD Eyg1NDdmYThjNGY2ZjA4YTBiYWU0ZDE3ZjVlMmUyZjU3NDEyOWM3MmRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs//g0FN+z78caulz8W3X6cjMGexw 6Dx3I4/0I2R0dYhB0p45GN+Ps2yrfVaeoJHUqOPDeQ+K8L9nUE7X65Krfe4ytmoM iC4z3fOVnY0S84YjlHfs9SArqE8FeMbQwlMG5/MSZHHC+LxryscYRahhD1cR3gjx RhG5OCsg+cJ+vCmxrYUQhrcng3ABGq9zDxwZot9dj7qB8cotKLaT0ehlhpFiQlKn eZdGsI4A3esYvcsmax0oDPhDRuaFO0aB9ASI7Hqq2hauI6ONm5jlLEuhkSaAhRRN +TphmhFDiIXtzKyh1aypXyc6atAAIly2uhSMyRQTy0OaR4vAMv5a5Zf8iwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFR/qMT28IoLrk0X9eLi9XQSnHLcMB8GA1UdIwQY MBaAFN87HSdzoD0xencDGT0vRUKalLqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3Nzct NTI2ZGNiMmEyM2JkLzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3NzctNTI2ZGNiMmEyM2Jk LzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIivMaANv binYK4ZxP13l3Xn5EikSgHeUyGPiE2R7C+GdkoCcUHt2MtBXJZYRubIvD57kbu0P 0lJSq1lIaAyYDOfkLWSxNr7Nf6N/xs+FdxGNLTuK9BlUdrRzAA0y3Q6BHndEvdlk uTr+wxNSdLAw8xH+5K4V2GUfv5xeRyjIhTtLAnJJn2lnwV0la6xbZOQeV9jMljDl +f2QeyG2yEEC2z6pp1TpvwiZjx+lzxsRB1j4F8/irq7kZwoJGnQLiQ4uvjKjOBzo C2K+iLuHNuN5Q+m+E7qaMgsLloJkO91iolozHjW+3ZFG+rUyxrbTCui5F+MJ+fye Nu0ST049/eKWEA== -----END CERTIFICATE-----Generated at Sat Dec 6 22:06:47 2025 by rpki-client