This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft File: SpR3QFKci4QPf4kzCXmshyyj-rg.mft (raw, json) Hash identifier: FfHcbZfJfMf/5L/Hb4+uHztRzdpgEpM8L+NMxBBgFqo= Subject key identifier: 63:8D:59:00:1B:99:EE:94:63:18:0D:6E:52:A9:15:47:BE:30:41:1A Authority key identifier: 4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8 Certificate issuer: /CN=4a947740529c8b840f7f89330979ac872ca3fab8 Certificate serial: 019AF31D252F65455475FF21E7B9062F785E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft Manifest number: 030C Signing time: Sat 06 Dec 2025 10:02:44 +0000 Manifest this update: Sat 06 Dec 2025 10:02:44 +0000 Manifest next update: Sun 07 Dec 2025 10:02:44 +0000 Files and hashes: 1: SpR3QFKci4QPf4kzCXmshyyj-rg.crl (hash: ifFyAkHQ7VsuWGG0pUxpFvuQ0eCdS/GDYOPoMpu9p+E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:25:2f:65:45:54:75:ff:21:e7:b9:06:2f:78:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a947740529c8b840f7f89330979ac872ca3fab8 Validity Not Before: Dec 6 10:02:44 2025 GMT Not After : Dec 7 10:02:44 2025 GMT Subject: CN=638d59001b99ee9463180d6e52a91547be30411a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:dc:33:a7:d2:13:00:fd:8d:ea:0e:3e:7f:5d: 13:95:70:76:4d:3d:e3:0a:87:5a:43:04:24:c3:22: 20:00:42:69:c6:80:23:1f:cb:33:27:10:d7:00:20: 24:2e:24:5c:20:56:60:97:7e:68:3f:c4:30:5e:b3: 07:c2:56:57:87:f3:dd:34:4b:a3:0c:4c:3e:2c:c3: 04:a3:7f:c8:6c:4c:42:0c:a5:9c:20:b2:c6:b4:e2: e4:0c:68:5e:81:c4:74:85:ac:c0:0e:40:3f:54:d5: 07:f3:3c:75:4d:6f:5a:8b:59:8c:95:29:66:80:36: 29:04:d4:33:34:7c:1c:de:47:32:13:57:00:f2:38: 07:49:ee:4f:01:59:d3:88:d0:4d:6f:ea:d0:7a:87: 5f:d4:b9:b7:57:f0:4f:83:0e:91:fd:a0:b8:f1:96: e5:0a:dc:03:50:6c:71:db:ae:d1:7a:f3:d3:63:d9: ee:e8:14:6f:de:c9:94:12:38:5f:ab:3f:7a:48:20: 9e:a3:ab:ae:f4:02:14:82:71:e4:11:dc:bf:a0:68: 72:c8:98:b3:1f:c9:20:d6:2e:50:08:2c:dc:46:ee: 56:df:e0:86:b3:3e:5f:be:37:c5:f9:44:e1:24:0f: 18:13:d8:f5:29:13:94:4c:bf:ec:3b:94:e3:4d:73: de:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:8D:59:00:1B:99:EE:94:63:18:0D:6E:52:A9:15:47:BE:30:41:1A X509v3 Authority Key Identifier: keyid:4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:df:81:c2:22:51:88:6b:ce:00:1a:66:a1:bb:de:20:f1:2a: 3b:91:5b:cf:15:6e:76:ff:a5:89:b8:c8:c2:b3:5e:21:e4:87: 8f:46:86:56:84:56:36:07:e2:b2:1f:d4:8a:f6:da:05:83:ab: 8a:41:d6:b6:45:ed:fd:ec:ea:63:f6:e0:ff:99:e3:1a:14:b5: 77:1a:9e:1f:9e:c9:bd:8a:a5:1d:61:00:5b:de:a3:10:81:7c: 79:cf:f0:dc:e3:28:46:88:91:c6:5a:7f:b2:71:ef:8e:69:87: b2:70:c2:00:e1:1e:45:b0:69:59:e1:bb:e5:79:cb:83:b0:b1: e9:74:bb:af:e8:4b:a1:13:86:80:cc:6c:0c:7c:bb:f9:cc:93: 84:10:52:57:dc:8b:82:12:13:53:a2:ea:90:b8:ff:1e:eb:b1: ab:4b:f8:0f:af:7b:34:72:35:98:a0:7b:80:65:a1:27:4d:c7: 2b:b8:f9:c5:d7:10:93:6e:9d:b2:8e:6c:c9:be:ee:81:1f:cc: c0:2a:a5:12:93:bf:3f:14:27:08:05:c3:11:ee:63:a4:32:8f: 0d:7e:64:c7:3a:42:b7:64:8f:82:2c:c8:5d:f9:1f:38:dc:f3: 7d:17:e4:86:83:28:28:bd:07:c5:c3:a6:3e:76:a4:d2:4a:58: e5:0e:29:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHSUvZUVUdf8h57kGL3heMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhOTQ3NzQwNTI5YzhiODQwZjdmODkzMzA5NzlhYzg3MmNh M2ZhYjgwHhcNMjUxMjA2MTAwMjQ0WhcNMjUxMjA3MTAwMjQ0WjAzMTEwLwYDVQQD Eyg2MzhkNTkwMDFiOTllZTk0NjMxODBkNmU1MmE5MTU0N2JlMzA0MTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNwzp9ITAP2N6g4+f10TlXB2TT3j CodaQwQkwyIgAEJpxoAjH8szJxDXACAkLiRcIFZgl35oP8QwXrMHwlZXh/PdNEuj DEw+LMMEo3/IbExCDKWcILLGtOLkDGhegcR0hazADkA/VNUH8zx1TW9ai1mMlSlm gDYpBNQzNHwc3kcyE1cA8jgHSe5PAVnTiNBNb+rQeodf1Lm3V/BPgw6R/aC48Zbl CtwDUGxx267RevPTY9nu6BRv3smUEjhfqz96SCCeo6uu9AIUgnHkEdy/oGhyyJiz H8kg1i5QCCzcRu5W3+CGsz5fvjfF+UThJA8YE9j1KROUTL/sO5TjTXPeFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGONWQAbme6UYxgNblKpFUe+MEEaMB8GA1UdIwQY MBaAFEqUd0BSnIuED3+JMwl5rIcso/q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYt N2RiMjVhZDdjZDRjLzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYtN2RiMjVhZDdjZDRj LzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE9+BwiJR iGvOABpmobveIPEqO5FbzxVudv+libjIwrNeIeSHj0aGVoRWNgfish/UivbaBYOr ikHWtkXt/ezqY/bg/5njGhS1dxqeH57JvYqlHWEAW96jEIF8ec/w3OMoRoiRxlp/ snHvjmmHsnDCAOEeRbBpWeG75XnLg7Cx6XS7r+hLoROGgMxsDHy7+cyThBBSV9yL ghITU6LqkLj/Huuxq0v4D697NHI1mKB7gGWhJ03HK7j5xdcQk26dso5syb7ugR/M wCqlEpO/PxQnCAXDEe5jpDKPDX5kxzpCt2SPgizIXfkfONzzfRfkhoMoKL0HxcOm Pnak0kpY5Q4pSw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:26:31 2025 by rpki-client