This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft File: T03F1MB2_YQmOrcubxe1_0rLhEg.mft (raw, json) Hash identifier: Y/ScPuSCHA/5jNCYOCTBwbdAwkJvCXGnSAMkyTYCog0= Subject key identifier: DC:30:B4:88:CA:E3:DA:6E:F7:30:61:E5:B2:F2:E1:02:3A:AA:56:14 Authority key identifier: 4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48 Certificate issuer: /CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448 Certificate serial: 019AF2E42736EFB0C9ED6CE26B4493BD7B77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft Manifest number: 0A7F Signing time: Sat 06 Dec 2025 09:00:29 +0000 Manifest this update: Sat 06 Dec 2025 09:00:29 +0000 Manifest next update: Sun 07 Dec 2025 09:00:29 +0000 Files and hashes: 1: T03F1MB2_YQmOrcubxe1_0rLhEg.crl (hash: kZXbM3T1Pk6jBCatDVe0U/xNjGga5VIFnYpW2NmTThk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:27:36:ef:b0:c9:ed:6c:e2:6b:44:93:bd:7b:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448 Validity Not Before: Dec 6 09:00:29 2025 GMT Not After : Dec 7 09:00:29 2025 GMT Subject: CN=dc30b488cae3da6ef73061e5b2f2e1023aaa5614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d5:ca:01:74:68:d5:8a:21:70:4f:e3:dd:ad: 22:d0:46:73:7f:79:77:a0:ef:7e:0a:d6:94:fe:db: 6a:eb:21:a9:8f:df:a4:aa:a6:c8:0b:34:8d:bf:ff: 17:fe:e8:cc:07:fe:b1:ae:ba:7d:4f:3e:37:bd:85: 79:c5:a4:7d:a5:e4:ab:f6:f8:24:ae:81:88:be:27: 75:e5:e8:56:0f:66:22:f0:8e:d7:fc:b6:7d:83:30: 53:fb:b7:96:bd:b6:c6:08:38:bc:26:8e:63:5d:f0: 1c:94:b3:b2:28:cf:97:64:c7:5f:1b:ea:c6:d5:af: 3f:2d:17:fc:55:32:99:f4:3e:56:30:96:de:fa:24: 42:e4:09:55:58:b0:90:96:51:8b:70:76:1d:3a:e1: 8d:88:e1:f3:e9:4c:bb:e3:78:e0:a3:8e:5d:19:18: 66:cf:49:a8:65:f7:51:f8:c6:5a:ff:32:c9:11:e4: fb:e6:da:d1:b7:5a:8c:f0:77:96:e2:80:ab:a0:a4: 61:c6:74:5f:e7:f2:ab:91:14:f3:58:28:44:a9:4d: ab:03:f2:1f:53:27:cb:16:50:01:a8:42:42:b9:71: 3b:47:e3:b8:b4:06:23:d1:b9:a0:4d:84:2e:50:5c: 4e:1d:14:66:5e:68:9c:45:4d:7b:11:e7:a0:c4:23: 1f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:30:B4:88:CA:E3:DA:6E:F7:30:61:E5:B2:F2:E1:02:3A:AA:56:14 X509v3 Authority Key Identifier: keyid:4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:fa:45:8a:22:c0:9c:1f:c6:f5:de:4e:4c:f7:03:08:86:33: 34:fc:f2:6f:82:b1:0e:45:1b:ee:5d:07:2b:f6:1e:de:b6:1b: 90:57:1c:e7:de:b0:b4:5a:1b:81:ba:79:e1:62:b5:1f:55:a3: 68:43:77:4c:98:f4:a5:36:f1:06:bd:d6:fa:60:0d:2c:6d:04: 1b:de:fe:c8:6e:bf:66:71:b8:bc:7b:1d:88:51:5b:d0:5e:77: 34:51:64:c4:13:f1:d3:c6:32:17:0c:e6:3f:08:61:a5:33:d1: ac:96:88:e6:1e:0a:c8:35:2a:ed:c6:df:1e:3f:74:b6:53:67: c4:11:ba:da:58:9c:ec:aa:7a:97:99:d3:89:c1:12:fc:07:1a: 20:f2:e7:8d:df:82:88:ba:94:0c:7c:74:df:cf:2f:db:f2:2f: f2:0b:77:8e:6c:93:3e:67:a2:7e:b0:78:c2:6b:73:46:aa:42: ec:d1:bf:2e:ea:e8:f5:66:a4:0f:d7:9f:a0:13:b7:46:65:e2: 31:ba:4e:63:99:5e:d3:b5:a8:5c:2f:6a:7f:70:47:47:4b:eb: 23:c3:1d:28:19:ce:3c:37:19:d1:b3:2e:27:81:ea:ef:65:1b: ed:ee:bc:a6:cc:6a:8e:dd:3e:54:d1:f7:2f:63:aa:0b:50:bb: 82:7b:e4:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5Cc277DJ7Wzia0STvXt3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmNGRjNWQ0YzA3NmZkODQyNjNhYjcyZTZmMTdiNWZmNGFj Yjg0NDgwHhcNMjUxMjA2MDkwMDI5WhcNMjUxMjA3MDkwMDI5WjAzMTEwLwYDVQQD EyhkYzMwYjQ4OGNhZTNkYTZlZjczMDYxZTViMmYyZTEwMjNhYWE1NjE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dXKAXRo1YohcE/j3a0i0EZzf3l3 oO9+CtaU/ttq6yGpj9+kqqbICzSNv/8X/ujMB/6xrrp9Tz43vYV5xaR9peSr9vgk roGIvid15ehWD2Yi8I7X/LZ9gzBT+7eWvbbGCDi8Jo5jXfAclLOyKM+XZMdfG+rG 1a8/LRf8VTKZ9D5WMJbe+iRC5AlVWLCQllGLcHYdOuGNiOHz6Uy743jgo45dGRhm z0moZfdR+MZa/zLJEeT75trRt1qM8HeW4oCroKRhxnRf5/KrkRTzWChEqU2rA/If UyfLFlABqEJCuXE7R+O4tAYj0bmgTYQuUFxOHRRmXmicRU17EeegxCMf4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNwwtIjK49pu9zBh5bLy4QI6qlYUMB8GA1UdIwQY MBaAFE9NxdTAdv2EJjq3Lm8Xtf9Ky4RIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUt ZmE5NmJkZDJmZmEzLzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUtZmE5NmJkZDJmZmEz LzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvpFiiLA nB/G9d5OTPcDCIYzNPzyb4KxDkUb7l0HK/Ye3rYbkFcc596wtFobgbp54WK1H1Wj aEN3TJj0pTbxBr3W+mANLG0EG97+yG6/ZnG4vHsdiFFb0F53NFFkxBPx08YyFwzm PwhhpTPRrJaI5h4KyDUq7cbfHj90tlNnxBG62lic7Kp6l5nTicES/AcaIPLnjd+C iLqUDHx0388v2/Iv8gt3jmyTPmeifrB4wmtzRqpC7NG/Luro9WakD9efoBO3RmXi MbpOY5le07WoXC9qf3BHR0vrI8MdKBnOPDcZ0bMuJ4Hq72Ub7e68psxqjt0+VNH3 L2OqC1C7gnvkDg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:51:43 2025 by rpki-client