This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft File: s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json) Hash identifier: PdmLsXsUhv6jgLfdyTsMuJc16JGOl2wwNqKxHcb4V/I= Subject key identifier: 40:19:A6:3D:41:08:C2:1B:CF:15:61:F2:E3:84:17:26:B3:74:D3:EC Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4 Certificate issuer: /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4 Certificate serial: 019AF1640C91C426F7B8692D7DC18E1E6AEC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft Manifest number: 05F5 Signing time: Sat 06 Dec 2025 02:00:57 +0000 Manifest this update: Sat 06 Dec 2025 02:00:57 +0000 Manifest next update: Sun 07 Dec 2025 02:00:57 +0000 Files and hashes: 1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: cIcnxeSC5/dFCzwpp6tf/6188GsqVl1V20OuPDjQ8Ck=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:0c:91:c4:26:f7:b8:69:2d:7d:c1:8e:1e:6a:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4 Validity Not Before: Dec 6 02:00:57 2025 GMT Not After : Dec 7 02:00:57 2025 GMT Subject: CN=4019a63d4108c21bcf1561f2e3841726b374d3ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:03:93:41:c5:15:b4:cb:1e:86:cf:ec:f6:0d: 8a:a5:63:25:b2:4f:cd:73:3a:56:78:0c:66:92:32: bc:46:07:a2:06:15:4c:6d:c6:4d:87:14:a7:2b:7d: d2:78:1e:3e:a0:f2:4f:95:cd:3e:27:50:46:28:88: 83:d9:2a:0f:75:c8:e5:4a:45:2b:b4:5c:f0:09:b9: 3d:74:6d:48:b0:08:1c:c8:0e:00:d1:3a:20:33:d9: 0b:d8:ac:65:54:9c:e1:c6:1e:24:74:1b:eb:31:19: 19:69:51:e8:06:5b:5d:59:be:37:4c:2f:ae:24:02: 59:d1:df:ae:5a:6e:b5:27:ab:93:3f:b6:5e:d3:34: 63:59:07:b6:38:a5:0d:01:4f:91:d9:80:24:ad:1a: 23:b5:bd:8c:4c:bf:91:13:5b:d9:31:2a:45:68:11: 02:6d:93:93:16:6f:fb:e9:df:99:4e:df:df:6c:8d: b4:f8:93:df:ac:1e:a4:3c:b2:58:b7:60:7b:ac:9f: 78:e1:e4:45:64:a7:c2:e6:11:85:fb:ad:38:02:8b: 63:c2:a5:f7:3a:ae:95:df:d8:e3:8d:d9:d6:14:06: b9:f8:ed:9d:db:84:f5:75:f0:3d:00:9d:3b:3f:77: 9e:20:18:ef:d1:d6:49:0b:9a:ac:bf:a1:b6:25:3f: eb:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:19:A6:3D:41:08:C2:1B:CF:15:61:F2:E3:84:17:26:B3:74:D3:EC X509v3 Authority Key Identifier: keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:b3:fb:1d:3e:9d:6b:0c:aa:e5:51:b9:99:94:ef:0f:f7:ac: f0:d6:99:a2:39:45:af:46:e0:0d:74:24:8c:16:8e:bd:aa:82: 97:65:4d:11:d3:b3:18:df:d8:72:c4:53:7d:77:f3:54:2e:d8: 9d:96:c0:f4:30:be:2b:7e:d3:87:7d:3d:55:83:9f:1d:ab:76: c5:0a:9e:4d:a5:4b:bb:09:04:f5:22:dd:34:85:2b:b7:0b:e3: ac:04:5b:b9:75:23:63:85:2f:f8:7c:a1:6f:66:84:71:3d:aa: 20:3e:5e:05:c3:ec:45:b5:46:14:77:3f:21:d7:7c:75:3f:d6: fd:02:60:63:b2:da:f6:65:fa:02:4f:41:3e:49:de:bf:53:14: bb:e3:b7:cc:f6:19:f1:4b:56:41:f0:dd:f1:6b:2e:c6:f3:3b: 92:8d:f5:77:eb:37:88:ec:97:28:92:ea:14:58:26:e9:87:03: 26:7d:32:a7:64:15:7b:c7:ba:95:f8:3e:7d:43:21:6f:43:67: 71:6b:59:16:4c:53:2a:c2:42:f2:23:59:24:d4:fa:9b:2b:e1: 4d:1d:b4:fa:14:66:c8:0d:6f:c0:2c:59:d2:31:2a:90:ce:48: d1:b1:eb:36:dc:45:d7:56:98:16:ce:96:0d:2c:30:d3:82:9c: a8:52:0e:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZAyRxCb3uGktfcGOHmrsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl ZWQ2ZDQwHhcNMjUxMjA2MDIwMDU3WhcNMjUxMjA3MDIwMDU3WjAzMTEwLwYDVQQD Eyg0MDE5YTYzZDQxMDhjMjFiY2YxNTYxZjJlMzg0MTcyNmIzNzRkM2VjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQOTQcUVtMsehs/s9g2KpWMlsk/N czpWeAxmkjK8RgeiBhVMbcZNhxSnK33SeB4+oPJPlc0+J1BGKIiD2SoPdcjlSkUr tFzwCbk9dG1IsAgcyA4A0TogM9kL2KxlVJzhxh4kdBvrMRkZaVHoBltdWb43TC+u JAJZ0d+uWm61J6uTP7Ze0zRjWQe2OKUNAU+R2YAkrRojtb2MTL+RE1vZMSpFaBEC bZOTFm/76d+ZTt/fbI20+JPfrB6kPLJYt2B7rJ944eRFZKfC5hGF+604AotjwqX3 Oq6V39jjjdnWFAa5+O2d24T1dfA9AJ07P3eeIBjv0dZJC5qsv6G2JT/rVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEAZpj1BCMIbzxVh8uOEFyazdNPsMB8GA1UdIwQY MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0 LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMbP7HT6d awyq5VG5mZTvD/es8NaZojlFr0bgDXQkjBaOvaqCl2VNEdOzGN/YcsRTfXfzVC7Y nZbA9DC+K37Th309VYOfHat2xQqeTaVLuwkE9SLdNIUrtwvjrARbuXUjY4Uv+Hyh b2aEcT2qID5eBcPsRbVGFHc/Idd8dT/W/QJgY7La9mX6Ak9BPknev1MUu+O3zPYZ 8UtWQfDd8WsuxvM7ko31d+s3iOyXKJLqFFgm6YcDJn0yp2QVe8e6lfg+fUMhb0Nn cWtZFkxTKsJC8iNZJNT6myvhTR20+hRmyA1vwCxZ0jEqkM5I0bHrNtxF11aYFs6W DSww04KcqFIOdA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:37:52 2025 by rpki-client