This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft File: 3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json) Hash identifier: hfnpHDr8o6L9+pjiqDi83muwcRoOAgJv6h+bVMVuZDM= Subject key identifier: 84:18:91:B5:C4:FB:20:C7:96:0D:8B:3D:51:09:3D:22:CA:63:B9:32 Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 Certificate issuer: /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Certificate serial: 019B34FB79054802B541144FD813F8D7ABA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft Manifest number: 0833 Signing time: Fri 19 Dec 2025 05:00:54 +0000 Manifest this update: Fri 19 Dec 2025 05:00:54 +0000 Manifest next update: Sat 20 Dec 2025 05:00:54 +0000 Files and hashes: 1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: rTzfu+/0B3q/64YDQcHIYJX8pZH42/4qUVp4bSMprvw=) 2: ZADDQFMtFH6S9zPMPQBQ4k81zyw.roa (hash: Ha83MqIvOdOtkCK5xewSiOaqIZRDTizbHU6fnUXgFbA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:79:05:48:02:b5:41:14:4f:d8:13:f8:d7:ab:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2 Validity Not Before: Dec 19 05:00:54 2025 GMT Not After : Dec 20 05:00:54 2025 GMT Subject: CN=841891b5c4fb20c7960d8b3d51093d22ca63b932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e4:6b:c2:f3:2c:9d:0f:fa:d5:75:cc:09:b1: bc:b1:d3:fe:8e:ce:1e:19:83:f8:90:1f:c5:7e:7b: 0b:6a:3e:1f:bf:72:25:96:67:24:42:37:9a:83:ab: 5e:c3:38:44:a1:cc:c6:c0:45:f5:52:c0:7b:7b:ef: 74:48:c5:7f:d4:2f:55:31:be:32:61:ca:ef:22:3e: fb:44:c3:2e:09:3e:2b:1b:1c:b0:3a:fd:df:c9:45: f8:c9:5e:b3:fe:56:48:52:0e:25:f8:8b:b1:90:e1: de:81:10:95:96:40:c3:e6:83:15:c3:61:2f:e8:c1: 99:24:b2:ce:c4:84:7c:c5:f5:a7:0e:df:0d:25:db: d2:94:24:95:34:db:83:bc:95:69:a5:95:a1:98:40: a3:b0:d7:ac:25:e0:70:46:1e:c1:9e:55:58:c6:76: 50:c4:6a:f7:f8:56:85:49:72:29:31:c1:15:16:08: 19:94:de:ca:ab:58:38:cb:d5:5c:86:e5:8e:55:88: 6e:65:48:f9:69:e2:5c:0c:7b:b8:a5:a7:a8:9b:57: 3b:3a:76:79:8a:8e:a0:28:aa:b9:29:2e:67:b0:6e: 26:63:d0:f4:63:4e:8b:0e:61:98:04:3e:3e:aa:ba: 78:6e:ff:af:23:ab:4a:a2:42:eb:e9:9d:ef:a2:d1: ab:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:18:91:B5:C4:FB:20:C7:96:0D:8B:3D:51:09:3D:22:CA:63:B9:32 X509v3 Authority Key Identifier: keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:98:b3:db:19:ce:67:41:fa:b8:1f:e8:8a:18:5e:e8:ed:4f: d7:0e:c6:86:93:fa:39:fd:b3:22:00:e7:26:a1:76:0f:02:d3: 5c:19:3d:0f:ef:8e:c8:5a:ee:94:26:f1:cc:bb:d3:fb:02:00: 2b:52:d3:81:d8:e1:df:44:1f:89:65:3d:76:5f:9a:a0:d6:da: 87:2a:e6:92:6e:67:b6:b4:95:71:0d:09:7e:f9:8d:c0:4e:0e: 70:cf:38:1e:28:d7:10:26:8f:ca:dd:8e:b4:e9:d9:aa:bc:5f: 72:c3:77:8b:7b:4a:46:57:a0:f3:23:93:8d:1b:d0:16:2e:0e: cd:3e:fb:77:fa:4c:70:26:93:70:a2:56:23:f2:0f:4d:37:f7: 53:ce:b0:20:db:3b:cb:00:45:e0:83:7b:cf:03:47:98:a2:18: 60:5e:2e:a0:5a:74:c8:df:ed:78:2c:4f:af:c0:6b:5e:c7:ef: 85:d4:ec:50:72:82:e3:07:b2:20:b8:ea:a0:73:eb:8e:c7:ef: b8:e3:a0:67:66:e3:d0:ab:9f:ca:3d:4b:3e:ee:df:c2:5b:06: 60:69:55:e1:03:7e:b2:76:21:3b:a6:12:76:97:b2:c9:7f:b0: c4:3d:fc:6e:6a:08:f9:92:7f:63:2e:f9:e8:b7:1d:5c:e8:f9: dc:48:89:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+3kFSAK1QRRP2BP416umMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw NWNkYjIwHhcNMjUxMjE5MDUwMDU0WhcNMjUxMjIwMDUwMDU0WjAzMTEwLwYDVQQD Eyg4NDE4OTFiNWM0ZmIyMGM3OTYwZDhiM2Q1MTA5M2QyMmNhNjNiOTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseRrwvMsnQ/61XXMCbG8sdP+js4e GYP4kB/FfnsLaj4fv3IllmckQjeag6tewzhEoczGwEX1UsB7e+90SMV/1C9VMb4y YcrvIj77RMMuCT4rGxywOv3fyUX4yV6z/lZIUg4l+IuxkOHegRCVlkDD5oMVw2Ev 6MGZJLLOxIR8xfWnDt8NJdvSlCSVNNuDvJVppZWhmECjsNesJeBwRh7BnlVYxnZQ xGr3+FaFSXIpMcEVFggZlN7Kq1g4y9VchuWOVYhuZUj5aeJcDHu4paeom1c7OnZ5 io6gKKq5KS5nsG4mY9D0Y06LDmGYBD4+qrp4bv+vI6tKokLr6Z3votGrnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIQYkbXE+yDHlg2LPVEJPSLKY7kyMB8GA1UdIwQY MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpiz2xnO Z0H6uB/oihhe6O1P1w7GhpP6Of2zIgDnJqF2DwLTXBk9D++OyFrulCbxzLvT+wIA K1LTgdjh30QfiWU9dl+aoNbahyrmkm5ntrSVcQ0JfvmNwE4OcM84HijXECaPyt2O tOnZqrxfcsN3i3tKRleg8yOTjRvQFi4OzT77d/pMcCaTcKJWI/IPTTf3U86wINs7 ywBF4IN7zwNHmKIYYF4uoFp0yN/teCxPr8BrXsfvhdTsUHKC4weyILjqoHPrjsfv uOOgZ2bj0Kufyj1LPu7fwlsGYGlV4QN+snYhO6YSdpeyyX+wxD38bmoI+ZJ/Yy75 6LcdXOj53EiJYw== -----END CERTIFICATE-----Generated at Fri Dec 19 12:00:14 2025 by rpki-client