This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft File: 3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json) Hash identifier: YVulw7RDqWjnT0LotUtIgUXiVMOvA9znlUqAm1Df/QM= Subject key identifier: BA:1E:E4:CF:03:E7:91:AB:02:85:35:0F:83:FE:7A:35:41:A2:BC:F9 Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B Certificate issuer: /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b Certificate serial: 019AF19ABF5EFCAD8CD491069772727B0115 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft Manifest number: 0F0C Signing time: Sat 06 Dec 2025 03:00:41 +0000 Manifest this update: Sat 06 Dec 2025 03:00:41 +0000 Manifest next update: Sun 07 Dec 2025 03:00:41 +0000 Files and hashes: 1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: Smx2z4ye3TMBVMIRzSHn8Nd0/AkB7gnuVpEvSwZw7Us=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:bf:5e:fc:ad:8c:d4:91:06:97:72:72:7b:01:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b Validity Not Before: Dec 6 03:00:41 2025 GMT Not After : Dec 7 03:00:41 2025 GMT Subject: CN=ba1ee4cf03e791ab0285350f83fe7a3541a2bcf9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:0a:92:d8:d4:61:96:c2:2f:3e:a5:d6:ae:71: 54:8e:a2:07:9b:10:11:34:ab:31:74:d6:e4:55:a2: 2e:6b:7a:48:d6:cb:23:90:06:f7:7d:23:53:36:74: cc:f3:55:00:cf:cd:b6:b9:7d:6a:bc:f3:18:da:d8: ee:7e:42:b8:e1:d1:1a:0b:9a:52:08:19:bf:13:96: ad:c4:bd:bf:a9:d3:39:35:1b:9e:62:33:d6:29:14: eb:45:d3:5c:f6:fa:b7:92:95:15:15:a9:7c:66:6d: 5c:3c:25:37:3d:e0:22:d2:a2:ad:f0:e2:15:2a:ef: 2e:e0:c2:69:18:59:66:11:7f:5e:8e:3d:de:a7:87: 4a:49:40:ec:ce:56:4c:c1:d8:1b:0e:bc:54:43:de: 35:ae:fa:97:ae:1b:b2:5e:65:f1:16:88:2a:fa:a8: db:a8:31:00:38:da:4c:52:75:f8:f3:f9:4c:c5:9f: 54:79:e2:d1:04:a0:61:ec:b4:d0:0f:a9:87:51:67: 9e:98:52:62:06:78:af:e5:49:9b:49:e3:8c:7f:80: 54:a9:4b:7b:0f:1b:4b:8b:aa:1f:fd:0a:74:bb:2e: 40:f9:a2:be:fa:41:24:4e:65:6d:01:2a:df:65:fd: 46:14:5d:ec:7a:18:ac:9c:6f:e3:e7:ca:49:83:e3: 82:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:1E:E4:CF:03:E7:91:AB:02:85:35:0F:83:FE:7A:35:41:A2:BC:F9 X509v3 Authority Key Identifier: keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:a4:42:ac:18:3a:9d:c4:3e:16:c9:80:9c:c2:b4:c9:f9:5b: e9:83:c1:7f:06:18:c1:8a:68:62:e6:3d:f2:ad:d7:1d:ec:63: 51:a5:e5:8c:86:57:32:a3:c6:da:34:54:13:db:09:0e:90:a7: 6e:14:13:82:f3:dd:bf:24:a6:9f:80:c8:64:74:f9:0d:51:35: af:41:2c:32:0b:f9:5c:6e:c8:d3:66:59:d3:08:72:c8:17:75: e5:ac:8e:1b:f9:63:16:73:df:b4:c9:3e:bf:30:b6:1e:5e:f0: eb:9c:bc:44:f3:12:f8:f6:7b:95:b2:d9:e2:db:80:c8:8d:11: e0:63:cd:a7:c1:6f:3a:e0:5d:ec:96:ab:b5:8b:7b:1f:02:9a: c8:88:a7:10:13:b9:8f:b9:45:b8:f8:85:d4:39:81:28:e1:f6: ec:d2:2f:9b:16:4a:c6:db:58:fb:92:8b:19:b5:89:03:6d:c7: 34:40:0b:11:44:8e:24:e1:97:e5:0a:e2:a3:55:a5:f4:ad:08: 73:99:9f:2e:86:17:4f:d0:12:39:0c:da:2a:ca:5b:67:a4:1b: 94:06:23:39:b4:dc:9c:ec:95:86:2a:bc:6b:7f:cd:ec:a8:9a: d0:6a:0d:40:08:5b:5c:72:b4:e3:e3:5c:8d:e4:4b:e9:6b:8f: 87:fe:91:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmr9e/K2M1JEGl3JyewEVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm N2VmOWIwHhcNMjUxMjA2MDMwMDQxWhcNMjUxMjA3MDMwMDQxWjAzMTEwLwYDVQQD EyhiYTFlZTRjZjAzZTc5MWFiMDI4NTM1MGY4M2ZlN2EzNTQxYTJiY2Y5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+QqS2NRhlsIvPqXWrnFUjqIHmxAR NKsxdNbkVaIua3pI1ssjkAb3fSNTNnTM81UAz822uX1qvPMY2tjufkK44dEaC5pS CBm/E5atxL2/qdM5NRueYjPWKRTrRdNc9vq3kpUVFal8Zm1cPCU3PeAi0qKt8OIV Ku8u4MJpGFlmEX9ejj3ep4dKSUDszlZMwdgbDrxUQ941rvqXrhuyXmXxFogq+qjb qDEAONpMUnX48/lMxZ9UeeLRBKBh7LTQD6mHUWeemFJiBniv5UmbSeOMf4BUqUt7 DxtLi6of/Qp0uy5A+aK++kEkTmVtASrfZf1GFF3sehisnG/j58pJg+OCRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLoe5M8D55GrAoU1D4P+ejVBorz5MB8GA1UdIwQY MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgqRCrBg6 ncQ+FsmAnMK0yflb6YPBfwYYwYpoYuY98q3XHexjUaXljIZXMqPG2jRUE9sJDpCn bhQTgvPdvySmn4DIZHT5DVE1r0EsMgv5XG7I02ZZ0whyyBd15ayOG/ljFnPftMk+ vzC2Hl7w65y8RPMS+PZ7lbLZ4tuAyI0R4GPNp8FvOuBd7JartYt7HwKayIinEBO5 j7lFuPiF1DmBKOH27NIvmxZKxttY+5KLGbWJA23HNEALEUSOJOGX5Qrio1Wl9K0I c5mfLoYXT9ASOQzaKspbZ6QblAYjObTcnOyVhiq8a3/N7Kia0GoNQAhbXHK04+Nc jeRL6WuPh/6Reg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:06:42 2025 by rpki-client