This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft File: 3-4r9D8hqBxJLG5qn8bwdNLwohc.mft (raw, json) Hash identifier: JPu3QWbwSjpy3Ip+PoHQSxVPbE8VrqSjBMiYSC2W+FI= Subject key identifier: AE:45:A8:53:50:CE:0C:66:76:98:87:73:6C:98:05:10:3D:D9:EA:09 Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Certificate serial: 019AF2ADC0C859056F649D1A585B4EA04F87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft Manifest number: 176D Signing time: Sat 06 Dec 2025 08:01:04 +0000 Manifest this update: Sat 06 Dec 2025 08:01:04 +0000 Manifest next update: Sun 07 Dec 2025 08:01:04 +0000 Files and hashes: 1: 3-4r9D8hqBxJLG5qn8bwdNLwohc.crl (hash: PuCpBVL0GwZt99+CswAi+BT73ndxCMnqncZDWvQ+F5o=) 2: K0TFEKD6Jt4eOFvjhXpLcR-sKAw.roa (hash: DiTuJ8zdptPdKEXMu7Rx5XzUhg/taulk9eNvKwAnd+E=) 3: Low4CRi4iGKYokty-NINmJn09rg.roa (hash: Mly1uM7PqUcjuRWWihLVa+ejMa5zwEjs5HqRkIM9ZCc=) 4: TUldFuXRlNkhcxG2k3pbkLp8w6k.roa (hash: u8w+hKuVRJcapFna3Gt95nB+zwn2rJ1IH60Do+ZSEr0=) 5: VFLtaw7ddcrkuS71SLZjd28hT9Y.roa (hash: wkImuoriz8/Wt+wr39TPtXLgxrVgYHqbWY2XyO00qX4=) 6: fWDdDEZ5-7TJ7ifcAQ9Kizx3VI0.roa (hash: 9iAjE9rwQQFIjLwRuw0Wl4wwOwQae4btRIJRt6LJVxE=) 7: iYMgW4EcYcU5AKm4CceLlPmJSsA.roa (hash: 7zWW49XDo1LsXGWIP2om4UTMjsubF7Ml4DbV3OJ7N00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:c0:c8:59:05:6f:64:9d:1a:58:5b:4e:a0:4f:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217 Validity Not Before: Dec 6 08:01:04 2025 GMT Not After : Dec 7 08:01:04 2025 GMT Subject: CN=ae45a85350ce0c66769887736c9805103dd9ea09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:23:c6:25:de:e8:35:ab:0b:97:83:ef:e8:cb: 5a:5e:96:ce:1f:7d:56:2c:8e:f5:46:8e:58:1b:d6: af:11:78:59:60:3d:04:e8:97:25:a5:f4:d9:74:50: e6:84:10:18:4c:6c:0c:a1:c4:b1:64:b9:9c:23:f8: 10:c6:a7:f3:15:9a:16:2e:fb:21:7a:eb:ac:8e:94: 9c:96:b2:75:f9:f3:28:54:a4:69:19:3b:73:fc:f8: c4:8f:cd:4a:ae:3e:9e:b7:7f:61:b4:7b:1e:c1:f6: e0:1e:a8:80:bd:3c:ec:cd:92:40:d2:c6:2c:8a:bd: 87:0b:87:ab:e5:ed:c8:0d:be:c0:93:22:4f:84:ee: a2:b4:c4:bc:79:37:01:fa:2a:0c:09:f3:3c:1e:2e: e2:a8:1f:b6:c1:ae:10:94:bf:05:e1:1a:4f:46:25: 24:5e:43:1a:c0:85:a1:00:ce:7f:36:5f:1d:25:e3: 4a:2a:20:64:13:ae:e2:a7:a3:fc:55:1f:7d:de:33: 94:9e:f2:e4:43:1d:0e:3a:a7:2e:17:30:f5:1b:de: b0:c9:af:72:10:00:99:a6:52:06:3e:a9:b8:7e:45: 82:a1:5b:14:42:02:7d:0d:17:2f:06:e0:a9:1b:f4: 42:09:4c:c1:f3:72:26:ed:78:f9:fb:4a:b1:42:2a: c8:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:45:A8:53:50:CE:0C:66:76:98:87:73:6C:98:05:10:3D:D9:EA:09 X509v3 Authority Key Identifier: keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:94:98:2b:72:37:a6:ea:50:50:97:59:bf:27:02:db:9d:1c: 28:11:34:29:d2:a8:05:f6:87:56:9a:e4:81:14:5e:a8:a4:16: e5:c9:18:20:d1:8c:02:b7:56:4f:72:f8:69:cf:7e:b8:e2:76: bd:4b:2e:c3:ff:f2:48:68:cf:07:93:28:54:1e:6c:e7:f9:8f: 40:df:52:88:80:77:5e:df:a6:35:51:c4:85:3f:51:43:27:99: a2:8d:05:b6:b2:1b:c6:06:41:95:3e:45:b4:86:10:54:c6:1e: 1a:99:06:3d:54:57:c4:d5:13:e6:a1:3e:f0:84:d4:6f:da:0d: fd:5d:c3:6e:4c:67:ff:6d:a2:3d:56:33:f0:ce:50:79:8a:1a: 6a:fc:0c:eb:99:3e:ba:1c:45:0e:af:25:86:0c:60:64:a0:5b: ee:28:9d:ca:34:2f:79:88:3c:1f:9f:9e:0b:44:0e:dd:f8:c6: 9d:e7:21:e8:7a:5b:f8:5f:05:bf:6a:6b:10:eb:67:fd:38:12: bf:e9:02:1f:0e:a8:be:95:a9:a4:50:30:6f:fc:c4:28:0e:fb: df:ee:13:79:bd:fb:71:89:70:c7:fc:57:03:10:4a:96:c5:30: 8e:63:16:fd:22:d2:4b:72:b5:67:5e:c4:d3:86:29:75:33:48: 42:c5:c7:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrcDIWQVvZJ0aWFtOoE+HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm MGEyMTcwHhcNMjUxMjA2MDgwMTA0WhcNMjUxMjA3MDgwMTA0WjAzMTEwLwYDVQQD EyhhZTQ1YTg1MzUwY2UwYzY2NzY5ODg3NzM2Yzk4MDUxMDNkZDllYTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyPGJd7oNasLl4Pv6MtaXpbOH31W LI71Ro5YG9avEXhZYD0E6JclpfTZdFDmhBAYTGwMocSxZLmcI/gQxqfzFZoWLvsh euusjpSclrJ1+fMoVKRpGTtz/PjEj81Krj6et39htHsewfbgHqiAvTzszZJA0sYs ir2HC4er5e3IDb7AkyJPhO6itMS8eTcB+ioMCfM8Hi7iqB+2wa4QlL8F4RpPRiUk XkMawIWhAM5/Nl8dJeNKKiBkE67ip6P8VR993jOUnvLkQx0OOqcuFzD1G96wya9y EACZplIGPqm4fkWCoVsUQgJ9DRcvBuCpG/RCCUzB83Im7Xj5+0qxQirIbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK5FqFNQzgxmdpiHc2yYBRA92eoJMB8GA1UdIwQY MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt MjhkNzhlYjlmMmRjLzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFJSYK3I3 pupQUJdZvycC250cKBE0KdKoBfaHVprkgRReqKQW5ckYINGMArdWT3L4ac9+uOJ2 vUsuw//ySGjPB5MoVB5s5/mPQN9SiIB3Xt+mNVHEhT9RQyeZoo0FtrIbxgZBlT5F tIYQVMYeGpkGPVRXxNUT5qE+8ITUb9oN/V3Dbkxn/22iPVYz8M5QeYoaavwM65k+ uhxFDq8lhgxgZKBb7iidyjQveYg8H5+eC0QO3fjGnech6Hpb+F8Fv2prEOtn/TgS v+kCHw6ovpWppFAwb/zEKA773+4Teb37cYlwx/xXAxBKlsUwjmMW/SLSS3K1Z17E 04YpdTNIQsXHdg== -----END CERTIFICATE-----Generated at Sat Dec 6 16:04:24 2025 by rpki-client