This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft File: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json) Hash identifier: czdnp+AaMGI7HgnOvVEZIWd0Zf3AfW+1oEJ0scXM5vw= Subject key identifier: 20:C8:71:76:1D:E1:72:66:71:CB:3D:B9:97:1F:F5:62:5C:63:70:60 Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 Certificate issuer: /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Certificate serial: 019AF31B8746FEB33D49E87BB24F3FE30A8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft Manifest number: 0888 Signing time: Sat 06 Dec 2025 10:00:58 +0000 Manifest this update: Sat 06 Dec 2025 10:00:58 +0000 Manifest next update: Sun 07 Dec 2025 10:00:58 +0000 Files and hashes: 1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: Afnq+gXoEpvFSUWZ6GirhNgh1xDBPuD8DhjXhJ1BgUA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:87:46:fe:b3:3d:49:e8:7b:b2:4f:3f:e3:0a:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Validity Not Before: Dec 6 10:00:58 2025 GMT Not After : Dec 7 10:00:58 2025 GMT Subject: CN=20c871761de1726671cb3db9971ff5625c637060 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:5c:61:74:14:2f:ae:83:54:42:f8:c7:b2:7d: 06:0c:18:48:ff:e4:a3:39:f2:b5:b9:d4:5b:fd:e3: ba:28:cf:32:82:dc:46:8a:20:e6:39:88:e7:d0:a3: a8:aa:9d:df:ae:3a:a5:86:e8:e6:91:08:cf:c9:5f: 71:b7:34:e4:6e:89:39:ef:ab:a7:8a:40:36:57:39: 38:35:88:7a:b6:9a:89:04:07:7a:f8:90:06:89:b2: 54:74:5f:0b:be:44:07:62:31:8a:29:af:56:ed:d5: 9a:20:90:51:12:35:20:15:0d:32:f6:a2:e0:6e:fc: 1c:30:d8:0a:0e:7e:79:73:57:75:fe:39:3b:b6:1e: a4:bb:d8:ca:da:4d:84:f3:f9:f0:78:75:39:17:a2: 0f:b6:e4:2e:7e:2d:ac:11:18:63:b5:29:ed:cc:57: 63:5c:78:2f:7e:7e:32:87:86:90:b4:32:0f:d6:e1: 01:06:13:a3:ab:21:84:4a:e8:2f:76:3a:df:a8:55: b7:7e:50:2f:08:aa:9a:97:e0:c8:b8:8f:88:eb:b3: e5:06:ad:d0:0c:b4:60:9d:07:23:de:25:1b:dc:a0: 76:2f:6b:36:59:63:45:a8:45:74:a2:fc:cc:9e:fb: 3c:95:d5:ad:3d:d0:98:12:42:af:32:9a:11:52:04: 96:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:C8:71:76:1D:E1:72:66:71:CB:3D:B9:97:1F:F5:62:5C:63:70:60 X509v3 Authority Key Identifier: keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:be:be:fd:8f:74:37:6c:82:38:eb:d3:4a:8a:43:9d:a1:9b: 00:ff:56:6e:f5:ee:e5:98:3d:df:05:77:61:ca:1b:49:ac:a2: 2b:4a:b5:71:eb:7d:e8:60:e8:dd:28:fa:76:ee:44:cb:4b:dd: fa:29:77:0e:16:1f:64:94:ec:3a:9b:d7:d5:05:bf:77:73:51: a0:95:dd:41:c0:dd:86:95:c0:21:35:31:6d:d5:dd:c8:d8:40: cf:54:07:c1:a0:37:c8:8d:b9:46:26:36:2b:d7:46:1b:f0:b3: ff:97:b1:cf:0d:fa:1c:5e:eb:78:2f:c5:c1:64:69:b6:8e:b7: 05:c8:24:3b:aa:67:1d:4f:2b:30:9e:84:1b:a6:21:af:c4:c7: 9f:f7:68:d7:8a:0f:85:c2:11:9e:e6:6e:df:94:d4:ab:d3:b4: 65:80:04:43:44:4b:f1:5b:78:14:13:67:a4:7c:78:3c:cc:bb: be:87:ff:1c:4c:fa:8d:59:b3:28:0b:da:53:27:d0:b8:08:b1: 33:2b:a7:52:83:60:f4:78:21:67:17:ae:60:05:bf:28:6c:5e: a3:c2:6c:47:09:3a:0e:0e:7d:e5:a2:67:5f:d3:6c:a8:f8:e5: af:62:8d:8e:26:25:b5:20:6a:9d:38:22:8e:b3:e9:c7:17:5e: 32:8f:5c:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG4dG/rM9Seh7sk8/4wqLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0 OTA3YjMwHhcNMjUxMjA2MTAwMDU4WhcNMjUxMjA3MTAwMDU4WjAzMTEwLwYDVQQD EygyMGM4NzE3NjFkZTE3MjY2NzFjYjNkYjk5NzFmZjU2MjVjNjM3MDYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VxhdBQvroNUQvjHsn0GDBhI/+Sj OfK1udRb/eO6KM8ygtxGiiDmOYjn0KOoqp3frjqlhujmkQjPyV9xtzTkbok576un ikA2Vzk4NYh6tpqJBAd6+JAGibJUdF8LvkQHYjGKKa9W7dWaIJBREjUgFQ0y9qLg bvwcMNgKDn55c1d1/jk7th6ku9jK2k2E8/nweHU5F6IPtuQufi2sERhjtSntzFdj XHgvfn4yh4aQtDIP1uEBBhOjqyGESugvdjrfqFW3flAvCKqal+DIuI+I67PlBq3Q DLRgnQcj3iUb3KB2L2s2WWNFqEV0ovzMnvs8ldWtPdCYEkKvMpoRUgSWXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCDIcXYd4XJmccs9uZcf9WJcY3BgMB8GA1UdIwQY MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa76+/Y90 N2yCOOvTSopDnaGbAP9WbvXu5Zg93wV3YcobSayiK0q1cet96GDo3Sj6du5Ey0vd +il3DhYfZJTsOpvX1QW/d3NRoJXdQcDdhpXAITUxbdXdyNhAz1QHwaA3yI25RiY2 K9dGG/Cz/5exzw36HF7reC/FwWRpto63BcgkO6pnHU8rMJ6EG6Yhr8THn/do14oP hcIRnuZu35TUq9O0ZYAEQ0RL8Vt4FBNnpHx4PMy7vof/HEz6jVmzKAvaUyfQuAix MyunUoNg9HghZxeuYAW/KGxeo8JsRwk6Dg595aJnX9NsqPjlr2KNjiYltSBqnTgi jrPpxxdeMo9cOg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:08:35 2025 by rpki-client