This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft File: MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json) Hash identifier: o9Zosiik3uQKFyGGxVDasoXLS6Cnps0/dznWOhm2h3U= Subject key identifier: 87:E3:A9:F8:3B:6A:EC:6B:88:92:06:DA:F4:22:92:BA:96:77:04:15 Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E Certificate issuer: /CN=313dcd18712266504586976733ca1f92f6261f5e Certificate serial: 019B32D5D8BAAFA50FDCA78C3C903E789999 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft Manifest number: 15AE Signing time: Thu 18 Dec 2025 19:00:33 +0000 Manifest this update: Thu 18 Dec 2025 19:00:33 +0000 Manifest next update: Fri 19 Dec 2025 19:00:33 +0000 Files and hashes: 1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: SGoUWhNkTpxpWWJCFzBJ+oucsgNBylvKO9m8UtEJ7FE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d5:d8:ba:af:a5:0f:dc:a7:8c:3c:90:3e:78:99:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e Validity Not Before: Dec 18 19:00:33 2025 GMT Not After : Dec 19 19:00:33 2025 GMT Subject: CN=87e3a9f83b6aec6b889206daf42292ba96770415 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:ce:8f:7c:ce:d9:52:2e:0a:76:18:77:5e:7d: fa:18:1a:6a:d0:90:e7:4e:f2:cc:89:36:8e:01:33: ae:bd:9f:9e:21:c3:33:cc:28:9a:6b:12:a3:ae:7a: 4c:24:c0:04:e0:b0:a0:9b:2f:2c:c9:4f:9a:ea:ac: 3e:95:62:a1:1c:5f:42:56:3b:ea:59:05:95:80:38: 25:1c:bf:09:5e:e6:72:6d:b3:dc:90:2b:9d:48:84: 32:03:6d:97:d2:51:37:c7:14:1d:9b:2e:80:a4:b9: 08:e8:30:cd:83:59:1c:7d:5e:07:96:f3:ae:aa:e7: 42:16:4c:2b:48:3e:13:e1:5d:d5:d9:66:ba:4f:1e: 28:81:a8:c4:a5:5e:34:5b:86:ee:37:48:eb:df:f0: 9c:b9:58:e2:e2:c5:76:a1:08:6d:31:6c:d3:13:8a: 1b:4c:9c:fc:a5:0d:12:4c:88:fd:82:26:05:7d:03: e3:01:ec:d3:7f:af:c3:77:83:94:54:d2:8d:9d:04: 11:80:b7:ae:90:67:97:a6:88:8e:0a:33:8c:13:87: 8c:94:c5:eb:a5:41:49:a8:54:f4:d6:f3:66:9b:33: 03:de:26:c8:f5:6f:a7:6f:c3:8f:c1:07:9e:18:9c: dc:d4:9c:52:0d:25:a6:33:81:2d:4b:bc:9f:54:b6: 13:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:E3:A9:F8:3B:6A:EC:6B:88:92:06:DA:F4:22:92:BA:96:77:04:15 X509v3 Authority Key Identifier: keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:cf:8e:f3:a4:c7:78:e0:d7:58:92:d2:43:1a:38:e5:df:8c: 11:7f:92:f7:63:63:c3:40:27:c4:2f:50:d9:bc:b6:4f:bb:94: c0:71:a8:5c:e9:5e:19:16:80:8d:6f:d2:6b:fc:2e:37:83:c1: b7:9b:6d:ad:2a:74:2b:00:e7:14:32:b6:46:07:9f:b8:97:02: b5:0c:a8:bb:76:ee:41:6f:e3:3d:ec:1c:c3:48:47:fb:f2:4c: ef:de:0b:13:fd:5b:aa:cf:2f:e2:81:61:7f:2d:9f:3c:eb:8b: 91:f0:e9:f2:aa:39:2b:2d:15:1f:34:60:43:d3:1a:e8:31:ce: ee:fb:37:8e:a0:c3:80:59:6f:10:62:39:f9:49:3f:da:7b:2d: 25:2d:6b:cf:5d:be:46:5a:53:33:18:fb:23:6f:8b:c0:32:d3: d3:7a:f4:32:a8:8d:14:f6:a4:73:3d:3f:fd:b1:d7:44:42:5b: d6:b9:28:16:5c:71:be:b4:da:60:94:b9:1a:76:17:04:3b:2c: 86:4b:f4:c0:58:44:0e:98:de:32:31:e7:a3:d3:97:6e:20:79: d6:68:6a:47:33:51:37:9a:4b:f3:3e:64:85:e9:0d:ca:e9:50: 08:af:04:ea:2f:dc:9b:41:7a:46:b8:48:f3:73:ec:45:e5:73: 36:3b:d9:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1di6r6UP3KeMPJA+eJmZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy NjFmNWUwHhcNMjUxMjE4MTkwMDMzWhcNMjUxMjE5MTkwMDMzWjAzMTEwLwYDVQQD Eyg4N2UzYTlmODNiNmFlYzZiODg5MjA2ZGFmNDIyOTJiYTk2NzcwNDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5M6PfM7ZUi4Kdhh3Xn36GBpq0JDn TvLMiTaOATOuvZ+eIcMzzCiaaxKjrnpMJMAE4LCgmy8syU+a6qw+lWKhHF9CVjvq WQWVgDglHL8JXuZybbPckCudSIQyA22X0lE3xxQdmy6ApLkI6DDNg1kcfV4HlvOu qudCFkwrSD4T4V3V2Wa6Tx4ogajEpV40W4buN0jr3/CcuVji4sV2oQhtMWzTE4ob TJz8pQ0STIj9giYFfQPjAezTf6/Dd4OUVNKNnQQRgLeukGeXpoiOCjOME4eMlMXr pUFJqFT01vNmmzMD3ibI9W+nb8OPwQeeGJzc1JxSDSWmM4EtS7yfVLYTDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIfjqfg7auxriJIG2vQikrqWdwQVMB8GA1UdIwQY MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhM+O86TH eODXWJLSQxo45d+MEX+S92Njw0AnxC9Q2by2T7uUwHGoXOleGRaAjW/Sa/wuN4PB t5ttrSp0KwDnFDK2RgefuJcCtQyou3buQW/jPewcw0hH+/JM794LE/1bqs8v4oFh fy2fPOuLkfDp8qo5Ky0VHzRgQ9Ma6DHO7vs3jqDDgFlvEGI5+Uk/2nstJS1rz12+ RlpTMxj7I2+LwDLT03r0MqiNFPakcz0//bHXREJb1rkoFlxxvrTaYJS5GnYXBDss hkv0wFhEDpjeMjHno9OXbiB51mhqRzNRN5pL8z5khekNyulQCK8E6i/cm0F6RrhI 83PsReVzNjvZEg== -----END CERTIFICATE-----Generated at Thu Dec 18 23:46:38 2025 by rpki-client