This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft File: 3IiUXIhnpyYro3mzpphACRpPGQQ.mft (raw, json) Hash identifier: prWnsh77py+Skxvc2DI+If/YVGiZ+Hnpd0PAl5LHWts= Subject key identifier: 45:4D:D1:BD:94:42:9C:E4:89:C2:3D:9D:4E:E6:CE:E7:1D:F2:4F:9D Authority key identifier: DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04 Certificate issuer: /CN=dc88945c8867a7262ba379b3a69840091a4f1904 Certificate serial: 019AF1D186E32D6E40BDE5DA6ACAAA41ABD1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft Manifest number: 0B33 Signing time: Sat 06 Dec 2025 04:00:31 +0000 Manifest this update: Sat 06 Dec 2025 04:00:31 +0000 Manifest next update: Sun 07 Dec 2025 04:00:31 +0000 Files and hashes: 1: 3IiUXIhnpyYro3mzpphACRpPGQQ.crl (hash: WUL1m1i3sdmQf72Ij8JDfgUUX2xc1mtJEAx66Wz89VU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:86:e3:2d:6e:40:bd:e5:da:6a:ca:aa:41:ab:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc88945c8867a7262ba379b3a69840091a4f1904 Validity Not Before: Dec 6 04:00:31 2025 GMT Not After : Dec 7 04:00:31 2025 GMT Subject: CN=454dd1bd94429ce489c23d9d4ee6cee71df24f9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:33:63:78:e2:60:f1:9d:cd:d7:99:0a:bd:08: 8f:55:50:bb:66:ed:b9:58:98:21:f3:8a:f9:f6:f0: 27:c8:dd:d5:49:1d:27:2c:ed:23:37:b2:74:ba:7a: 7b:97:1f:ba:20:83:ad:8c:35:57:8c:72:2d:09:17: 10:99:f7:9c:74:62:ce:d0:30:bd:23:cc:b3:c5:46: c9:df:a3:aa:c7:f2:17:ce:1e:7c:4d:b8:9f:d3:05: 4c:a9:26:55:db:54:38:8e:17:fb:ba:a5:06:a3:6c: 87:39:42:39:10:6c:a7:b6:c5:a2:e9:d7:3d:f1:57: a3:45:41:a2:1c:b4:67:ed:9b:f3:5b:b8:78:64:ec: 72:f1:14:10:80:f5:1e:fb:0f:62:c0:56:5b:2e:86: fe:bd:4c:8a:e5:d1:7c:7f:57:57:9a:05:88:a5:49: 4c:7f:6a:02:bd:e1:3f:ce:af:82:1e:be:d7:57:70: a2:1c:78:31:2f:e0:59:b3:46:f2:8e:3c:20:8c:a5: 0a:ed:b8:7b:6a:e2:c9:96:f8:f5:3e:bc:40:b6:4c: 5c:20:d0:2e:70:d3:9d:7c:09:78:00:4f:ad:54:e3: 3d:61:b7:e4:35:a1:a1:63:6e:c1:8c:82:e4:cb:d6: b8:89:2c:c7:ba:c4:81:b5:3b:9f:de:48:8d:c8:05: 9d:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:4D:D1:BD:94:42:9C:E4:89:C2:3D:9D:4E:E6:CE:E7:1D:F2:4F:9D X509v3 Authority Key Identifier: keyid:DC:88:94:5C:88:67:A7:26:2B:A3:79:B3:A6:98:40:09:1A:4F:19:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3IiUXIhnpyYro3mzpphACRpPGQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/621022-4350-419f-947a-9cff1aee2b0c/1/3IiUXIhnpyYro3mzpphACRpPGQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:ee:aa:3c:f2:12:45:06:61:8a:ae:53:fa:41:9f:87:4b:60: 5b:9a:0c:13:a0:5b:fe:e2:fe:0e:e5:85:12:09:a6:97:96:10: 37:ff:68:1b:0f:88:b7:cf:e4:5f:24:2c:02:f3:5f:84:19:9c: 4b:01:93:25:c8:3e:15:fa:46:75:cf:f3:66:b5:a8:42:fd:cb: 7f:ca:09:70:fc:20:c8:31:e7:67:43:39:2f:4a:7b:b9:f8:a9: 44:4b:03:67:9e:2b:c8:9f:9d:c2:13:20:17:03:65:03:70:26: 24:36:ee:70:d6:27:af:6b:64:15:54:16:09:11:ea:fe:b4:29: 26:89:ac:f6:51:e4:e0:06:20:7e:dc:1c:f6:ab:dc:ac:71:cd: a5:ab:57:08:de:b0:71:95:80:b2:6a:7f:75:b4:30:8b:f2:54: 86:b9:20:77:d8:f7:53:a0:87:ea:17:0c:74:08:b4:84:55:bb: d1:4f:d6:17:15:9c:20:44:57:c0:9e:0d:db:6b:87:f5:46:34: 3d:40:83:e8:6d:9b:b2:a5:1d:62:30:44:ed:17:bc:68:08:4b: 50:7e:34:fa:e6:3b:eb:94:ad:1c:d1:97:52:9d:1b:b3:e5:7b: 1a:31:c4:e2:ff:af:09:43:d3:da:a6:0f:71:fa:b9:a8:78:d5: d6:82:05:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0YbjLW5AveXaasqqQavRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjODg5NDVjODg2N2E3MjYyYmEzNzliM2E2OTg0MDA5MWE0 ZjE5MDQwHhcNMjUxMjA2MDQwMDMxWhcNMjUxMjA3MDQwMDMxWjAzMTEwLwYDVQQD Eyg0NTRkZDFiZDk0NDI5Y2U0ODljMjNkOWQ0ZWU2Y2VlNzFkZjI0ZjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTNjeOJg8Z3N15kKvQiPVVC7Zu25 WJgh84r59vAnyN3VSR0nLO0jN7J0unp7lx+6IIOtjDVXjHItCRcQmfecdGLO0DC9 I8yzxUbJ36Oqx/IXzh58Tbif0wVMqSZV21Q4jhf7uqUGo2yHOUI5EGyntsWi6dc9 8VejRUGiHLRn7ZvzW7h4ZOxy8RQQgPUe+w9iwFZbLob+vUyK5dF8f1dXmgWIpUlM f2oCveE/zq+CHr7XV3CiHHgxL+BZs0byjjwgjKUK7bh7auLJlvj1PrxAtkxcINAu cNOdfAl4AE+tVOM9YbfkNaGhY27BjILky9a4iSzHusSBtTuf3kiNyAWdlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEVN0b2UQpzkicI9nU7mzucd8k+dMB8GA1UdIwQY MBaAFNyIlFyIZ6cmK6N5s6aYQAkaTxkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2Et OWNmZjFhZWUyYjBjLzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS82MjEwMjItNDM1MC00MTlmLTk0N2EtOWNmZjFhZWUyYjBj LzEvM0lpVVhJaG5weVlybzNtenBwaEFDUnBQR1FRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+6qPPIS RQZhiq5T+kGfh0tgW5oME6Bb/uL+DuWFEgmml5YQN/9oGw+It8/kXyQsAvNfhBmc SwGTJcg+FfpGdc/zZrWoQv3Lf8oJcPwgyDHnZ0M5L0p7ufipREsDZ54ryJ+dwhMg FwNlA3AmJDbucNYnr2tkFVQWCRHq/rQpJoms9lHk4AYgftwc9qvcrHHNpatXCN6w cZWAsmp/dbQwi/JUhrkgd9j3U6CH6hcMdAi0hFW70U/WFxWcIERXwJ4N22uH9UY0 PUCD6G2bsqUdYjBE7Re8aAhLUH40+uY765StHNGXUp0bs+V7GjHE4v+vCUPT2qYP cfq5qHjV1oIFrQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:39:47 2025 by rpki-client