This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft File: w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft (raw, json) Hash identifier: PWNBCossuro2pDoV4k6G2azbsWmRXXPzRufxPbb+DMA= Subject key identifier: 28:E9:AE:F3:2B:B4:54:97:3F:60:BD:62:34:73:C5:3B:6A:69:AD:8D Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04 Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04 Certificate serial: 019AF12DA34BBDD9745048B29DB952028622 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft Manifest number: 0A14 Signing time: Sat 06 Dec 2025 01:01:31 +0000 Manifest this update: Sat 06 Dec 2025 01:01:31 +0000 Manifest next update: Sun 07 Dec 2025 01:01:31 +0000 Files and hashes: 1: w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl (hash: IbPNrHRq/EPTpJYA3UkNlfVnXYVkVXXCoHMUpo++cuA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:a3:4b:bd:d9:74:50:48:b2:9d:b9:52:02:86:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04 Validity Not Before: Dec 6 01:01:31 2025 GMT Not After : Dec 7 01:01:31 2025 GMT Subject: CN=28e9aef32bb454973f60bd623473c53b6a69ad8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:3f:00:06:02:7a:f0:1f:96:24:45:bd:6a:a8: 15:27:18:80:a5:dc:e7:f0:10:a1:cf:9d:5d:5a:ba: 32:91:96:64:9c:b3:2e:5c:42:24:0a:2d:2e:0f:51: a5:f0:62:b7:ce:ee:83:cb:c8:d1:ec:9a:b1:5b:35: 10:84:07:80:08:e5:51:be:25:a9:d6:a0:a3:e4:f0: 06:fe:8a:8f:7b:7f:88:00:3c:76:6c:df:19:1b:53: d5:d1:e9:12:d8:77:21:44:47:95:49:d6:e0:95:81: 14:c6:2d:78:17:63:95:43:5e:12:44:23:4a:32:a6: b7:07:1c:82:85:4f:44:0b:9e:4b:82:72:20:6c:b7: 4d:a0:fc:dd:5b:2f:54:ae:9f:12:ed:1b:df:6e:e7: e5:31:73:38:11:c4:9f:3c:fe:f3:24:41:35:f7:d9: 72:2f:af:70:32:3e:f8:55:a3:b2:90:03:a9:7e:77: 7d:0f:27:9c:e6:88:51:3c:56:dd:80:57:1a:d3:5d: a1:9a:95:3a:e6:83:2d:a5:65:5d:d7:6a:5a:ca:2d: d0:a1:ea:7a:8f:bd:d6:68:78:27:a5:c9:c7:d8:5f: 28:b6:dd:78:f1:9c:1a:87:4d:f8:f4:58:04:5c:93: 34:80:b6:e6:a9:de:f8:7c:f6:68:0f:14:70:bf:a7: fd:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:E9:AE:F3:2B:B4:54:97:3F:60:BD:62:34:73:C5:3B:6A:69:AD:8D X509v3 Authority Key Identifier: keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:10:ef:4d:45:f3:7b:89:d9:e8:cd:91:06:d4:f7:14:d9:38: a2:75:ee:b2:7c:6c:e2:b0:ed:40:6f:7f:5d:60:ab:a6:cf:4d: 29:8b:9a:7e:04:28:91:ca:4a:10:3f:41:ae:03:90:0a:03:da: d5:6a:cb:da:49:71:80:b3:fc:e6:ff:37:7c:f3:4f:67:7b:a3: e8:32:70:69:71:31:fc:de:24:12:6f:23:a6:6e:d6:0f:9b:25: f9:cd:80:4d:bc:4c:4e:e3:cf:18:6d:fe:d5:17:52:0a:56:6c: 5d:30:9f:f5:30:d5:00:a3:40:93:8d:4d:20:ff:96:b9:79:65: 14:b5:24:49:92:4e:0a:d6:0b:2a:e1:23:0c:df:c4:de:37:c9: 25:35:76:d2:3b:85:af:3c:e7:4c:a2:3b:78:66:b6:60:ab:31: 6b:28:9f:73:81:a7:db:57:27:78:80:58:ba:80:58:45:64:54: 7f:ed:de:a1:11:fd:d9:96:35:f4:ff:c5:ae:60:39:1b:90:96: b5:67:41:91:8d:ed:b3:1b:ed:56:be:7a:74:8e:5f:8b:88:1c: b8:34:11:88:d8:75:d4:9e:95:dd:67:ee:86:52:a3:e3:d0:a6: 88:41:f0:90:49:89:1a:e2:d8:98:01:4f:57:cc:96:53:2e:85: 95:a2:fc:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLaNLvdl0UEiynblSAoYiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx M2JjMDQwHhcNMjUxMjA2MDEwMTMxWhcNMjUxMjA3MDEwMTMxWjAzMTEwLwYDVQQD EygyOGU5YWVmMzJiYjQ1NDk3M2Y2MGJkNjIzNDczYzUzYjZhNjlhZDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T8ABgJ68B+WJEW9aqgVJxiApdzn 8BChz51dWroykZZknLMuXEIkCi0uD1Gl8GK3zu6Dy8jR7JqxWzUQhAeACOVRviWp 1qCj5PAG/oqPe3+IADx2bN8ZG1PV0ekS2HchREeVSdbglYEUxi14F2OVQ14SRCNK Mqa3BxyChU9EC55LgnIgbLdNoPzdWy9Urp8S7RvfbuflMXM4EcSfPP7zJEE199ly L69wMj74VaOykAOpfnd9Dyec5ohRPFbdgFca012hmpU65oMtpWVd12payi3Qoep6 j73WaHgnpcnH2F8ott148Zwah0349FgEXJM0gLbmqd74fPZoDxRwv6f9/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCjprvMrtFSXP2C9YjRzxTtqaa2NMB8GA1UdIwQY MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt MWRlNTZlNDc1ZmJmLzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhDvTUXz e4nZ6M2RBtT3FNk4onXusnxs4rDtQG9/XWCrps9NKYuafgQokcpKED9BrgOQCgPa 1WrL2klxgLP85v83fPNPZ3uj6DJwaXEx/N4kEm8jpm7WD5sl+c2ATbxMTuPPGG3+ 1RdSClZsXTCf9TDVAKNAk41NIP+WuXllFLUkSZJOCtYLKuEjDN/E3jfJJTV20juF rzznTKI7eGa2YKsxayifc4Gn21cneIBYuoBYRWRUf+3eoRH92ZY19P/FrmA5G5CW tWdBkY3tsxvtVr56dI5fi4gcuDQRiNh11J6V3WfuhlKj49CmiEHwkEmJGuLYmAFP V8yWUy6FlaL8zQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:16 2025 by rpki-client