This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft File: x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json) Hash identifier: Zp3NXt96vzBt/m6QHHYuSxxH1FwCTTAzTV9ttZW3sok= Subject key identifier: 9F:7F:18:9C:2B:C6:1D:07:88:68:D4:98:22:35:82:4B:A9:F5:E9:BA Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9 Certificate issuer: /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9 Certificate serial: 019AF12E3F3D06AC8DB00FA8900F609E4BD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft Manifest number: 0215 Signing time: Sat 06 Dec 2025 01:02:11 +0000 Manifest this update: Sat 06 Dec 2025 01:02:11 +0000 Manifest next update: Sun 07 Dec 2025 01:02:11 +0000 Files and hashes: 1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: XqiUV9otQk7vwnCK2ec7/Qtk42LnMbhIi75Ga2lpa5o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:3f:3d:06:ac:8d:b0:0f:a8:90:0f:60:9e:4b:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9 Validity Not Before: Dec 6 01:02:11 2025 GMT Not After : Dec 7 01:02:11 2025 GMT Subject: CN=9f7f189c2bc61d078868d4982235824ba9f5e9ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4f:83:37:70:e9:40:6b:15:08:96:28:3a:9c: 99:97:81:1b:2f:5e:f8:8e:c9:5d:21:b6:6a:94:06: 74:76:2b:e1:8c:01:a9:83:5e:2b:8a:5c:52:3d:d8: d2:f2:d8:87:bf:fc:65:9d:64:61:d5:46:12:82:81: 82:3a:29:22:2b:c6:63:69:c2:59:4b:19:02:63:be: c6:b9:df:ac:a3:92:7f:50:3d:a3:dc:2a:8f:a8:d5: dd:08:2d:4a:db:a4:06:b1:ac:2f:7b:b9:2f:1d:65: 2c:2b:5e:1d:7e:28:3a:77:b7:c9:b3:05:dd:99:1f: 7e:20:75:01:26:a7:d7:5c:fd:33:c9:d6:79:4b:57: af:ce:36:fc:e9:3b:71:b7:24:ac:3a:a2:75:c9:b7: c0:dd:19:66:0a:8f:6e:60:7c:01:0d:16:fb:55:f1: 32:ff:38:1f:29:4e:02:3d:ab:7e:b0:03:7e:0d:6b: ce:2f:55:4b:4e:56:09:7e:41:3a:f6:74:02:88:00: fb:f0:c6:7b:5e:cd:0f:91:14:22:3f:d7:15:d3:36: a5:19:e9:bb:58:37:ae:47:45:40:84:5a:9c:b1:de: 59:5b:51:3f:06:56:a5:c6:33:bb:06:34:52:83:58: c0:d9:cc:32:85:87:ba:c9:29:d6:a0:df:e8:4d:7b: fd:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:7F:18:9C:2B:C6:1D:07:88:68:D4:98:22:35:82:4B:A9:F5:E9:BA X509v3 Authority Key Identifier: keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:95:78:7c:0b:dd:cc:da:34:54:d2:bb:cc:e0:c2:6f:a3:93: 25:47:ff:97:d3:52:5d:31:45:83:52:e8:8c:ac:2f:d2:17:a9: 50:15:3c:97:7e:69:f6:e8:70:c8:00:55:7e:0c:81:5d:53:fa: cc:c7:c5:54:29:97:01:5e:86:e2:6b:7d:d5:76:d8:cb:65:fa: 4e:af:02:62:16:94:4f:37:2d:ef:a6:bf:c6:a9:3c:df:59:6b: 2e:5a:b5:0a:9b:56:ac:e8:55:09:bc:f5:41:0b:67:da:5f:51: 6b:5a:2c:99:62:de:c4:e6:51:05:c5:4a:36:05:c4:57:fc:5e: 0a:f9:59:86:93:31:fd:34:f8:86:2e:61:5d:1a:6e:81:6d:66: 7b:ec:3f:6f:a5:8c:3d:89:20:f6:ba:9c:2e:a1:4c:53:90:f1: 31:7d:52:83:1c:19:ba:4e:4a:10:71:dd:96:56:5c:0a:07:e7: 1e:8e:a3:bd:c6:8d:02:8f:2f:c9:e9:1d:eb:a5:e5:84:4e:be: a3:e9:90:7d:b6:1f:7c:81:ff:51:d7:02:5e:76:8f:70:3e:f5: 9e:cc:b7:72:a4:32:af:58:8b:95:fc:82:ee:a3:3c:b0:96:f1: 65:03:08:8e:a4:97:1e:75:ab:6a:91:8c:81:43:4f:f9:78:f7: ab:8f:9c:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLj89BqyNsA+okA9gnkvXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5 MjA0YTkwHhcNMjUxMjA2MDEwMjExWhcNMjUxMjA3MDEwMjExWjAzMTEwLwYDVQQD Eyg5ZjdmMTg5YzJiYzYxZDA3ODg2OGQ0OTgyMjM1ODI0YmE5ZjVlOWJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk+DN3DpQGsVCJYoOpyZl4EbL174 jsldIbZqlAZ0divhjAGpg14rilxSPdjS8tiHv/xlnWRh1UYSgoGCOikiK8ZjacJZ SxkCY77Gud+so5J/UD2j3CqPqNXdCC1K26QGsawve7kvHWUsK14dfig6d7fJswXd mR9+IHUBJqfXXP0zydZ5S1evzjb86TtxtySsOqJ1ybfA3RlmCo9uYHwBDRb7VfEy /zgfKU4CPat+sAN+DWvOL1VLTlYJfkE69nQCiAD78MZ7Xs0PkRQiP9cV0zalGem7 WDeuR0VAhFqcsd5ZW1E/BlalxjO7BjRSg1jA2cwyhYe6ySnWoN/oTXv9zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ9/GJwrxh0HiGjUmCI1gkup9em6MB8GA1UdIwQY MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZV4fAvd zNo0VNK7zODCb6OTJUf/l9NSXTFFg1LojKwv0hepUBU8l35p9uhwyABVfgyBXVP6 zMfFVCmXAV6G4mt91XbYy2X6Tq8CYhaUTzct76a/xqk831lrLlq1CptWrOhVCbz1 QQtn2l9Ra1osmWLexOZRBcVKNgXEV/xeCvlZhpMx/TT4hi5hXRpugW1me+w/b6WM PYkg9rqcLqFMU5DxMX1SgxwZuk5KEHHdllZcCgfnHo6jvcaNAo8vyekd66XlhE6+ o+mQfbYffIH/UdcCXnaPcD71nsy3cqQyr1iLlfyC7qM8sJbxZQMIjqSXHnWrapGM gUNP+Xj3q4+c6A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:10:07 2025 by rpki-client