This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json) Hash identifier: 4ONlaOwtRZoVhZUhc1z0Fps5FGt+Q0Mu29q97tyKtfE= Subject key identifier: 8F:24:1B:B5:F9:91:9A:8F:AC:9B:F1:9E:C8:3C:74:9E:AB:A0:8F:9C Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Certificate serial: 019AF164157F98861AEBB6A71E66EC8A592A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft Manifest number: 0810 Signing time: Sat 06 Dec 2025 02:00:59 +0000 Manifest this update: Sat 06 Dec 2025 02:00:59 +0000 Manifest next update: Sun 07 Dec 2025 02:00:59 +0000 Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: Dbg/vFJYo0XCvxYehgIFOtfxb/k/lG4X9n0481gFX5Y=) 2: ZADDQFMtFH6S9zPMPQBQ4k81zyw.roa (hash: Ha83MqIvOdOtkCK5xewSiOaqIZRDTizbHU6fnUXgFbA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:15:7f:98:86:1a:eb:b6:a7:1e:66:ec:8a:59:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Validity Not Before: Dec 6 02:00:59 2025 GMT Not After : Dec 7 02:00:59 2025 GMT Subject: CN=8f241bb5f9919a8fac9bf19ec83c749eaba08f9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b7:3d:ed:83:74:85:ee:31:d5:95:89:5b:0f: e7:0a:da:34:8f:03:54:27:3a:66:6a:43:d6:34:66: 47:6f:76:d7:09:94:0e:b2:d0:ff:e1:61:52:0e:77: f1:fc:83:22:8f:21:c2:5f:8b:df:be:d5:67:58:b2: f1:5b:09:4b:a1:26:e9:58:b8:2f:a8:75:24:37:8b: 16:53:a8:1e:50:ef:4a:7f:62:cf:9c:b3:d9:62:3e: 70:61:8b:b8:e9:51:c4:d1:f5:63:b2:74:7c:ed:2c: a0:2b:48:70:71:b8:8a:3f:23:32:99:4c:c3:c5:bf: c7:48:cb:f7:78:e1:20:33:d7:52:2c:8d:2d:86:e0: 92:d5:db:62:19:6d:15:6e:a7:bd:9a:e3:09:83:8a: 34:fa:95:5d:02:f4:af:e2:04:8c:09:6d:c2:d7:2e: c7:5b:72:37:56:45:38:53:e3:11:fa:b0:45:16:26: 5d:58:84:65:1f:9b:ae:db:94:6d:3f:e9:21:73:de: 04:75:69:f1:c6:6c:c5:de:09:83:5f:dd:45:b1:56: e0:9c:4d:b8:70:03:cb:a2:b2:d9:3e:a1:7d:92:1b: 08:2d:46:8b:0f:92:bf:45:1b:4f:bb:29:0e:6c:96: d8:d4:97:3e:93:0a:e1:2b:f3:ec:58:1d:6c:5c:ca: 1c:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:24:1B:B5:F9:91:9A:8F:AC:9B:F1:9E:C8:3C:74:9E:AB:A0:8F:9C X509v3 Authority Key Identifier: keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:69:8e:20:45:d4:06:f7:11:09:79:09:78:9b:4c:c3:36:4f: 6b:df:b7:e0:84:d8:00:02:cd:0d:b7:9d:d6:b7:04:7b:65:5b: 9b:1a:82:13:71:45:6e:bb:6d:6d:9d:28:26:e7:ef:ae:1c:8b: 23:bb:15:ea:f0:29:99:80:7e:7e:a9:12:85:67:06:c8:c6:22: bc:c7:a4:06:c1:34:b9:2d:1e:97:fc:f2:bf:34:64:8a:91:50: b5:74:6a:2a:f8:82:a7:5a:95:c1:f8:2a:5e:ef:6d:d9:f0:02: 60:e7:97:96:70:e1:65:9c:d2:90:cc:94:86:bb:b9:c5:b1:03: 71:7d:c6:90:08:65:66:45:e7:32:9f:bb:d0:cc:97:90:ea:41: 9a:dd:66:9d:df:66:b6:fd:a0:e8:9f:ae:24:9d:6c:1a:11:d4: f5:f2:88:7d:b0:3d:79:c1:c9:27:b4:44:ad:00:fb:2d:c6:18: 9f:ca:19:60:f1:27:a7:1e:66:63:d1:36:af:86:46:e0:71:46: c5:2c:38:54:56:9d:22:fa:75:bc:13:d9:f4:bb:bb:ca:9d:32: ea:13:17:6c:95:4b:ce:bd:dd:e3:69:dd:13:54:5a:d5:5e:d7: 71:d3:f1:8a:85:27:7e:63:82:86:25:28:a6:56:89:f1:e8:4c: b8:04:aa:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZBV/mIYa67anHmbsilkqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw NWNkYjIwHhcNMjUxMjA2MDIwMDU5WhcNMjUxMjA3MDIwMDU5WjAzMTEwLwYDVQQD Eyg4ZjI0MWJiNWY5OTE5YThmYWM5YmYxOWVjODNjNzQ5ZWFiYTA4ZjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbc97YN0he4x1ZWJWw/nCto0jwNU JzpmakPWNGZHb3bXCZQOstD/4WFSDnfx/IMijyHCX4vfvtVnWLLxWwlLoSbpWLgv qHUkN4sWU6geUO9Kf2LPnLPZYj5wYYu46VHE0fVjsnR87SygK0hwcbiKPyMymUzD xb/HSMv3eOEgM9dSLI0thuCS1dtiGW0Vbqe9muMJg4o0+pVdAvSv4gSMCW3C1y7H W3I3VkU4U+MR+rBFFiZdWIRlH5uu25RtP+khc94EdWnxxmzF3gmDX91FsVbgnE24 cAPLorLZPqF9khsILUaLD5K/RRtPuykObJbY1Jc+kwrhK/PsWB1sXMoc3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI8kG7X5kZqPrJvxnsg8dJ6roI+cMB8GA1UdIwQY MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2mOIEXU BvcRCXkJeJtMwzZPa9+34ITYAALNDbed1rcEe2VbmxqCE3FFbrttbZ0oJufvrhyL I7sV6vApmYB+fqkShWcGyMYivMekBsE0uS0el/zyvzRkipFQtXRqKviCp1qVwfgq Xu9t2fACYOeXlnDhZZzSkMyUhru5xbEDcX3GkAhlZkXnMp+70MyXkOpBmt1mnd9m tv2g6J+uJJ1sGhHU9fKIfbA9ecHJJ7RErQD7LcYYn8oZYPEnpx5mY9E2r4ZG4HFG xSw4VFadIvp1vBPZ9Lu7yp0y6hMXbJVLzr3d42ndE1Ra1V7XcdPxioUnfmOChiUo plaJ8ehMuASq3w== -----END CERTIFICATE-----Generated at Sat Dec 6 10:15:37 2025 by rpki-client