This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft File: 3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft (raw, json) Hash identifier: TN8q7bHXjiMZ5dG5bYOMsowhaboLJFWib6S3/zFp3h0= Subject key identifier: DA:64:5D:00:76:7F:55:6B:4A:B4:8D:B4:4F:C5:13:8E:94:0E:42:96 Authority key identifier: DE:0B:59:FB:68:15:1E:21:DC:99:D6:2F:AF:03:58:9B:E4:1F:BE:A2 Certificate issuer: /CN=de0b59fb68151e21dc99d62faf03589be41fbea2 Certificate serial: 019AF12DDD4F23848A16AB66DCAA5B639C4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft Manifest number: 0B66 Signing time: Sat 06 Dec 2025 01:01:45 +0000 Manifest this update: Sat 06 Dec 2025 01:01:45 +0000 Manifest next update: Sun 07 Dec 2025 01:01:45 +0000 Files and hashes: 1: 3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl (hash: knza/qmtZMjQA+DUjwholKTUFyoqBSOqBKuScT9oiI8=) 2: EiOjn6Cn36HWuMJFodH0EVbfYdc.roa (hash: prKCNtfilLl42pcGEF7Kjg7za6QhPHVZeIUhroTyVuU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:dd:4f:23:84:8a:16:ab:66:dc:aa:5b:63:9c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de0b59fb68151e21dc99d62faf03589be41fbea2 Validity Not Before: Dec 6 01:01:45 2025 GMT Not After : Dec 7 01:01:45 2025 GMT Subject: CN=da645d00767f556b4ab48db44fc5138e940e4296 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:31:5c:ee:3f:3d:05:eb:07:74:d5:68:da:a0: 46:91:f6:a4:ca:dd:f3:c2:18:6a:de:12:00:64:40: e0:ee:dc:95:c4:8b:70:65:bc:21:46:0b:bc:ff:30: 0a:9f:ba:33:c4:c4:9f:d3:87:39:ee:a3:27:c0:d5: b6:c4:fa:27:54:d5:59:e3:8b:94:86:d0:18:7b:3e: 20:d8:35:37:04:30:6a:69:6b:bd:7a:ac:11:d6:ce: c3:46:72:0c:56:aa:67:ed:23:fa:a8:fc:2b:d1:77: 1f:a9:c3:59:ff:85:24:3c:04:99:72:e8:7e:f6:27: c8:3b:a5:b8:d9:82:21:bf:8d:33:b0:55:bb:02:d8: 79:3f:a0:22:12:a4:dd:01:eb:00:95:e8:86:be:19: 1e:86:8b:f3:70:78:db:2b:24:cf:43:f3:e7:0f:d8: b8:08:87:66:bf:ba:8b:c3:98:be:40:e1:85:a8:f0: f5:8b:b3:43:df:12:a2:fd:e7:a6:9f:e8:b5:61:16: 3a:20:4f:88:36:2a:6f:79:49:01:4e:4a:8f:0c:93: 9b:49:06:fe:62:ae:28:2c:aa:2b:b6:2b:ec:08:14: b6:e7:ee:72:98:04:7a:b6:5d:59:a4:03:f9:53:28: d9:74:07:30:48:8f:98:0c:9d:29:43:1c:68:d2:2f: 79:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:64:5D:00:76:7F:55:6B:4A:B4:8D:B4:4F:C5:13:8E:94:0E:42:96 X509v3 Authority Key Identifier: keyid:DE:0B:59:FB:68:15:1E:21:DC:99:D6:2F:AF:03:58:9B:E4:1F:BE:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9ad508-bfc1-4b8a-bafc-cd024788ed3c/1/3gtZ-2gVHiHcmdYvrwNYm-QfvqI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:ac:14:f0:cd:09:08:71:63:db:13:83:81:81:b8:90:85:9c: 61:fa:4a:c9:c2:f7:d0:40:b6:0e:98:a2:ed:04:1b:97:58:f4: 74:01:70:23:be:15:ff:0c:bf:f5:4b:cb:ed:d3:b4:16:64:07: 93:a8:00:2a:52:65:9f:cb:90:9d:57:08:b1:57:35:69:f7:6f: 4e:40:8b:8b:b3:5b:60:c4:d5:11:d0:5e:03:da:a2:a8:7b:1a: ac:a4:47:2a:bd:96:cd:4c:b5:77:c6:eb:90:6d:20:a7:b2:ed: 75:99:5a:93:3c:57:fb:d4:ce:6e:ac:8d:40:5b:be:1d:bd:6a: 46:4a:7b:7d:26:09:18:90:66:2d:85:30:1d:6d:bd:99:f3:6e: 47:48:67:af:73:8a:90:46:4e:9f:f6:9b:33:02:c1:2d:dd:81: 67:29:00:42:9f:66:69:2d:fc:19:25:6e:6c:44:6d:05:df:66: 68:17:c1:c3:52:56:24:bd:69:b5:8c:25:4c:50:5a:02:4c:16: d5:b7:14:38:e2:ef:91:94:e5:49:c9:01:01:85:bf:2b:da:7d: 88:dd:2b:30:c7:3e:2a:04:f3:11:98:df:c1:61:54:f1:31:cb: 6c:0e:08:55:a7:f5:aa:b1:bd:b4:12:3e:55:67:e2:32:ba:b2: a1:d1:ed:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLd1PI4SKFqtm3KpbY5xOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMGI1OWZiNjgxNTFlMjFkYzk5ZDYyZmFmMDM1ODliZTQx ZmJlYTIwHhcNMjUxMjA2MDEwMTQ1WhcNMjUxMjA3MDEwMTQ1WjAzMTEwLwYDVQQD EyhkYTY0NWQwMDc2N2Y1NTZiNGFiNDhkYjQ0ZmM1MTM4ZTk0MGU0Mjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTFc7j89BesHdNVo2qBGkfakyt3z whhq3hIAZEDg7tyVxItwZbwhRgu8/zAKn7ozxMSf04c57qMnwNW2xPonVNVZ44uU htAYez4g2DU3BDBqaWu9eqwR1s7DRnIMVqpn7SP6qPwr0XcfqcNZ/4UkPASZcuh+ 9ifIO6W42YIhv40zsFW7Ath5P6AiEqTdAesAleiGvhkehovzcHjbKyTPQ/PnD9i4 CIdmv7qLw5i+QOGFqPD1i7ND3xKi/eemn+i1YRY6IE+INipveUkBTkqPDJObSQb+ Yq4oLKortivsCBS25+5ymAR6tl1ZpAP5UyjZdAcwSI+YDJ0pQxxo0i953wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNpkXQB2f1VrSrSNtE/FE46UDkKWMB8GA1UdIwQY MBaAFN4LWftoFR4h3JnWL68DWJvkH76iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85YWQ1MDgtYmZjMS00YjhhLWJhZmMt Y2QwMjQ3ODhlZDNjLzEvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi85YWQ1MDgtYmZjMS00YjhhLWJhZmMtY2QwMjQ3ODhlZDNj LzEvM2d0Wi0yZ1ZIaUhjbWRZdnJ3TlltLVFmdnFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqwU8M0J CHFj2xODgYG4kIWcYfpKycL30EC2Dpii7QQbl1j0dAFwI74V/wy/9UvL7dO0FmQH k6gAKlJln8uQnVcIsVc1afdvTkCLi7NbYMTVEdBeA9qiqHsarKRHKr2WzUy1d8br kG0gp7LtdZlakzxX+9TObqyNQFu+Hb1qRkp7fSYJGJBmLYUwHW29mfNuR0hnr3OK kEZOn/abMwLBLd2BZykAQp9maS38GSVubERtBd9maBfBw1JWJL1ptYwlTFBaAkwW 1bcUOOLvkZTlSckBAYW/K9p9iN0rMMc+KgTzEZjfwWFU8THLbA4IVaf1qrG9tBI+ VWfiMrqyodHt+w== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:41 2025 by rpki-client