This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft File: 3-4r9D8hqBxJLG5qn8bwdNLwohc.mft (raw, json) Hash identifier: fkEqQo78QtVXpd86SHpBuduE9DxfMVEV6nen+4vSFwg= Subject key identifier: 04:8C:A9:E5:D1:C1:AA:44:07:04:24:B3:4B:A9:38:EE:A1:6E:0C:B1 Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Certificate serial: 019B3268ACF70C43C0A205E9642B315F45E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft Manifest number: 178E Signing time: Thu 18 Dec 2025 17:01:19 +0000 Manifest this update: Thu 18 Dec 2025 17:01:19 +0000 Manifest next update: Fri 19 Dec 2025 17:01:19 +0000 Files and hashes: 1: 3-4r9D8hqBxJLG5qn8bwdNLwohc.crl (hash: BKvRoq9VRXThhmQMSCGxfpKHQ+Glj2ExD7nk5ahVo2A=) 2: K0TFEKD6Jt4eOFvjhXpLcR-sKAw.roa (hash: DiTuJ8zdptPdKEXMu7Rx5XzUhg/taulk9eNvKwAnd+E=) 3: Low4CRi4iGKYokty-NINmJn09rg.roa (hash: Mly1uM7PqUcjuRWWihLVa+ejMa5zwEjs5HqRkIM9ZCc=) 4: TUldFuXRlNkhcxG2k3pbkLp8w6k.roa (hash: u8w+hKuVRJcapFna3Gt95nB+zwn2rJ1IH60Do+ZSEr0=) 5: VFLtaw7ddcrkuS71SLZjd28hT9Y.roa (hash: wkImuoriz8/Wt+wr39TPtXLgxrVgYHqbWY2XyO00qX4=) 6: fWDdDEZ5-7TJ7ifcAQ9Kizx3VI0.roa (hash: 9iAjE9rwQQFIjLwRuw0Wl4wwOwQae4btRIJRt6LJVxE=) 7: iYMgW4EcYcU5AKm4CceLlPmJSsA.roa (hash: 7zWW49XDo1LsXGWIP2om4UTMjsubF7Ml4DbV3OJ7N00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:68:ac:f7:0c:43:c0:a2:05:e9:64:2b:31:5f:45:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Validity Not Before: Dec 18 17:01:19 2025 GMT Not After : Dec 19 17:01:19 2025 GMT Subject: CN=048ca9e5d1c1aa44070424b34ba938eea16e0cb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8a:ab:99:49:0b:da:2f:f0:44:6f:77:6a:e2: 78:3f:2f:e7:c4:43:44:c1:13:09:91:0e:4b:0b:a8: 6a:5d:0d:97:b6:3a:c1:5f:f6:d2:ba:cc:04:0e:e0: 8d:ed:20:73:81:ea:b4:d9:00:73:42:0d:da:cc:c7: 60:c1:65:e7:88:38:29:5b:c1:2c:84:ff:d6:67:55: 5d:4f:6d:01:9e:d0:a9:0e:4b:e4:c7:ad:45:8d:7c: 46:2d:09:b7:f0:a8:2c:db:90:7e:9f:31:3f:72:33: be:bd:96:28:d5:1d:8a:fd:7f:07:d6:24:2a:9c:d4: 35:f7:57:3a:d9:1d:53:f0:5c:a8:3c:5d:58:4e:1c: 5e:74:93:40:1f:a5:cd:d2:47:97:78:25:65:b9:51: 7d:45:9b:c1:67:ed:0e:ba:1c:4d:79:d8:75:d2:48: ea:81:cc:3e:a5:be:5f:d4:57:48:fb:59:17:1d:03: cd:97:18:c4:44:de:ac:73:56:5f:c0:ce:b3:6d:19: f8:01:55:b6:60:19:19:ec:53:51:e5:a4:43:02:fe: ce:3a:3a:b3:24:8f:15:72:0f:4b:1d:21:76:06:99: 11:74:4e:3c:38:a5:f9:25:e0:45:a4:d6:24:6b:e5: 1a:73:e9:c8:4c:06:94:a2:bd:26:69:bd:8c:5a:fe: d0:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:8C:A9:E5:D1:C1:AA:44:07:04:24:B3:4B:A9:38:EE:A1:6E:0C:B1 X509v3 Authority Key Identifier: keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:43:a9:a9:e3:e3:77:fd:e6:f9:08:26:a3:5b:b2:e7:82:89: 83:f6:87:b3:6e:0c:77:3e:10:a1:82:76:9b:c2:8b:89:a6:f1: 89:60:53:02:c2:e2:f9:cc:0a:35:20:aa:e8:61:13:87:1b:0b: 78:b0:f0:cf:c5:70:ac:a5:f9:cb:a6:00:60:57:27:75:9d:60: c7:84:ee:50:28:e7:d0:bb:a2:45:a1:76:3a:fa:b3:60:40:5e: 1a:1e:6e:a5:cd:d3:c8:21:ba:cf:26:11:0d:f0:61:40:3f:30: ed:4e:3e:e9:48:ae:5c:63:43:31:78:7d:0f:be:22:75:e6:92: b5:a7:44:d5:d3:f2:a2:97:32:56:7b:5e:03:f4:40:3d:a8:6e: c3:2a:22:7c:4c:4f:15:21:67:ea:5d:ec:7c:86:fb:3b:17:f9: 21:ef:7e:0a:18:d6:47:c7:ad:a5:14:1b:83:2f:ec:cb:ec:6d: 90:f0:3d:c5:74:4b:ac:c7:e1:c7:df:b3:93:1c:f3:4d:9c:b4: 6b:c2:6c:9c:36:c7:2e:87:81:28:d9:9e:bd:ab:52:a4:41:cc: a9:76:aa:ce:4d:5d:7d:4d:fb:e0:95:26:d6:c4:fb:a0:54:1b: 56:32:72:5a:a9:64:f8:27:56:aa:20:9c:7c:49:a8:01:72:30: e2:39:d8:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyaKz3DEPAogXpZCsxX0XnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm MGEyMTcwHhcNMjUxMjE4MTcwMTE5WhcNMjUxMjE5MTcwMTE5WjAzMTEwLwYDVQQD EygwNDhjYTllNWQxYzFhYTQ0MDcwNDI0YjM0YmE5MzhlZWExNmUwY2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoqrmUkL2i/wRG93auJ4Py/nxENE wRMJkQ5LC6hqXQ2XtjrBX/bSuswEDuCN7SBzgeq02QBzQg3azMdgwWXniDgpW8Es hP/WZ1VdT20BntCpDkvkx61FjXxGLQm38Kgs25B+nzE/cjO+vZYo1R2K/X8H1iQq nNQ191c62R1T8FyoPF1YThxedJNAH6XN0keXeCVluVF9RZvBZ+0OuhxNedh10kjq gcw+pb5f1FdI+1kXHQPNlxjERN6sc1ZfwM6zbRn4AVW2YBkZ7FNR5aRDAv7OOjqz JI8Vcg9LHSF2BpkRdE48OKX5JeBFpNYka+Uac+nITAaUor0mab2MWv7QxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFASMqeXRwapEBwQks0upOO6hbgyxMB8GA1UdIwQY MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt MjhkNzhlYjlmMmRjLzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbkOpqePj d/3m+Qgmo1uy54KJg/aHs24Mdz4QoYJ2m8KLiabxiWBTAsLi+cwKNSCq6GEThxsL eLDwz8VwrKX5y6YAYFcndZ1gx4TuUCjn0LuiRaF2OvqzYEBeGh5upc3TyCG6zyYR DfBhQD8w7U4+6UiuXGNDMXh9D74ideaStadE1dPyopcyVnteA/RAPahuwyoifExP FSFn6l3sfIb7Oxf5Ie9+ChjWR8etpRQbgy/sy+xtkPA9xXRLrMfhx9+zkxzzTZy0 a8JsnDbHLoeBKNmevatSpEHMqXaqzk1dfU374JUm1sT7oFQbVjJyWqlk+CdWqiCc fEmoAXIw4jnY/g== -----END CERTIFICATE-----Generated at Thu Dec 18 21:45:26 2025 by rpki-client