This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft File: 3D56OUu_G77Efz-7aaGJ-KOx0FY.mft (raw, json) Hash identifier: kGYKkELX8exb2JNXNFnWsaLfxDlsCZhpHtSUKQ/VCdk= Subject key identifier: 37:0A:4E:C5:95:1F:37:41:3F:E4:71:52:07:EE:BC:29:B4:88:AD:0F Authority key identifier: DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56 Certificate issuer: /CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056 Certificate serial: 019AF2E44600461ACD20923E6CE0FF82C3E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft Manifest number: 0A0D Signing time: Sat 06 Dec 2025 09:00:37 +0000 Manifest this update: Sat 06 Dec 2025 09:00:37 +0000 Manifest next update: Sun 07 Dec 2025 09:00:37 +0000 Files and hashes: 1: 3D56OUu_G77Efz-7aaGJ-KOx0FY.crl (hash: sZuL0BZ48kf59tfZllOiulcyAiqufJXFJwJ+KTWcUI4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:46:00:46:1a:cd:20:92:3e:6c:e0:ff:82:c3:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc3e7a394bbf1bbec47f3fbb69a189f8a3b1d056 Validity Not Before: Dec 6 09:00:37 2025 GMT Not After : Dec 7 09:00:37 2025 GMT Subject: CN=370a4ec5951f37413fe4715207eebc29b488ad0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:87:40:0a:0d:af:68:d0:6e:8d:b2:fa:04:b6: 87:46:31:1d:ab:26:52:fc:e9:e3:9e:9d:a9:b4:f2: 00:42:e5:dc:7e:5c:9a:73:7a:0f:74:6b:22:1a:f7: 1b:13:41:fb:63:4f:2f:9a:07:af:d2:f7:a5:32:df: 2f:4f:f8:2f:50:d0:ed:de:ec:72:33:59:42:62:f8: 69:fd:d7:fd:f7:ec:e0:52:21:b3:99:a8:67:6a:1d: 9a:86:d1:b8:41:b8:58:fd:9d:36:49:31:ad:dd:9d: 6c:eb:73:c4:d8:d1:10:92:72:69:6b:8e:96:68:f5: b1:44:87:e3:7d:95:25:c3:b3:43:93:8e:03:36:a9: 0d:28:29:c4:da:24:93:68:30:55:8b:46:c0:1d:78: 83:12:5f:ef:3e:14:a0:80:46:4a:8c:de:ce:fe:40: cc:bc:5f:af:13:da:74:13:e2:5b:7f:73:e5:a8:db: 5d:fa:f4:18:de:9d:f7:cb:6f:f2:b3:d1:c6:e4:60: 35:59:92:7e:96:d6:2a:2e:ee:d7:38:50:78:cc:a3: 57:ac:54:06:79:fa:44:90:ca:41:6d:a4:c4:bb:8c: 45:25:94:25:8f:4e:fa:85:ed:dc:0b:bf:4f:3e:da: 02:24:5c:73:10:68:66:35:7f:c0:89:42:7b:9c:7d: c6:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:0A:4E:C5:95:1F:37:41:3F:E4:71:52:07:EE:BC:29:B4:88:AD:0F X509v3 Authority Key Identifier: keyid:DC:3E:7A:39:4B:BF:1B:BE:C4:7F:3F:BB:69:A1:89:F8:A3:B1:D0:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3D56OUu_G77Efz-7aaGJ-KOx0FY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5b684a-e409-47ea-9ccb-44b21a8bebfd/1/3D56OUu_G77Efz-7aaGJ-KOx0FY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:01:0c:ce:65:0b:08:f1:b1:3c:66:6d:f6:6f:01:b0:99:d6: 6d:bd:77:10:41:23:c6:03:48:a2:36:6d:bb:fb:84:43:8b:f1: ac:d3:0b:2d:8d:45:c0:e7:ae:1c:e7:09:16:97:e4:ae:72:a8: 3a:5a:d9:a5:02:2f:19:61:82:b3:d0:b0:b6:d8:3b:25:f4:01: 62:77:fb:7a:59:d9:f0:5e:00:1d:43:7f:4d:a0:9d:8a:4a:6b: c8:23:da:12:2f:62:32:e9:6a:b4:ff:8d:dc:2f:65:b1:47:42: b7:bf:48:b2:51:a5:19:30:a4:cc:e2:10:96:f9:07:10:52:5a: 19:0f:05:0a:a6:d7:2d:9c:34:7d:46:fc:0c:4c:be:be:a7:56: bc:3b:6e:48:9f:bd:02:99:3d:c4:cd:a8:51:93:68:d5:46:cb: 7e:0a:0d:5b:f6:47:63:2f:ff:2c:a9:3c:78:1a:ed:63:e8:91: 50:16:d0:0d:67:ee:ad:a4:8e:f6:fd:41:f6:e9:37:13:02:e5: b8:a3:c9:04:1f:2b:28:49:0e:ae:50:ad:73:15:d2:a4:b7:68: 6e:23:6c:9a:4a:e9:2b:f3:d9:40:db:9e:05:57:f7:6c:a0:89: 06:cb:35:42:ca:26:a0:05:76:5b:4c:f1:85:53:74:e7:59:be: c8:9a:8a:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5EYARhrNIJI+bOD/gsPhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjM2U3YTM5NGJiZjFiYmVjNDdmM2ZiYjY5YTE4OWY4YTNi MWQwNTYwHhcNMjUxMjA2MDkwMDM3WhcNMjUxMjA3MDkwMDM3WjAzMTEwLwYDVQQD EygzNzBhNGVjNTk1MWYzNzQxM2ZlNDcxNTIwN2VlYmMyOWI0ODhhZDBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1odACg2vaNBujbL6BLaHRjEdqyZS /Onjnp2ptPIAQuXcflyac3oPdGsiGvcbE0H7Y08vmgev0velMt8vT/gvUNDt3uxy M1lCYvhp/df99+zgUiGzmahnah2ahtG4QbhY/Z02STGt3Z1s63PE2NEQknJpa46W aPWxRIfjfZUlw7NDk44DNqkNKCnE2iSTaDBVi0bAHXiDEl/vPhSggEZKjN7O/kDM vF+vE9p0E+Jbf3PlqNtd+vQY3p33y2/ys9HG5GA1WZJ+ltYqLu7XOFB4zKNXrFQG efpEkMpBbaTEu4xFJZQlj076he3cC79PPtoCJFxzEGhmNX/AiUJ7nH3GgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDcKTsWVHzdBP+RxUgfuvCm0iK0PMB8GA1UdIwQY MBaAFNw+ejlLvxu+xH8/u2mhifijsdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2It NDRiMjFhOGJlYmZkLzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi81YjY4NGEtZTQwOS00N2VhLTljY2ItNDRiMjFhOGJlYmZk LzEvM0Q1Nk9VdV9HNzdFZnotN2FhR0otS094MEZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABgEMzmUL CPGxPGZt9m8BsJnWbb13EEEjxgNIojZtu/uEQ4vxrNMLLY1FwOeuHOcJFpfkrnKo OlrZpQIvGWGCs9Cwttg7JfQBYnf7elnZ8F4AHUN/TaCdikpryCPaEi9iMulqtP+N 3C9lsUdCt79IslGlGTCkzOIQlvkHEFJaGQ8FCqbXLZw0fUb8DEy+vqdWvDtuSJ+9 Apk9xM2oUZNo1UbLfgoNW/ZHYy//LKk8eBrtY+iRUBbQDWfuraSO9v1B9uk3EwLl uKPJBB8rKEkOrlCtcxXSpLdobiNsmkrpK/PZQNueBVf3bKCJBss1QsomoAV2W0zx hVN051m+yJqKfw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:45:43 2025 by rpki-client