This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft File: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft (raw, json) Hash identifier: TVfC7Uyq6prfOxaBO8WdclydR121abhwPsQsf9Bisj0= Subject key identifier: F2:0D:00:D8:66:CF:44:38:90:E7:1A:CD:F6:3B:15:CD:73:B3:6B:29 Authority key identifier: DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D Certificate issuer: /CN=dd70c5f09b62683292fd9109e694713590281f8d Certificate serial: 019AF1D261630F7FEC6026D37ACFAADA6D27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 04:01:27 +0000 Manifest this update: Sat 06 Dec 2025 04:01:27 +0000 Manifest next update: Sun 07 Dec 2025 04:01:27 +0000 Files and hashes: 1: 3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl (hash: 5GoQTJRWCqpOZfKSHs2CXwusstnY0e9mTtHDkufkdzk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:61:63:0f:7f:ec:60:26:d3:7a:cf:aa:da:6d:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd70c5f09b62683292fd9109e694713590281f8d Validity Not Before: Dec 6 04:01:27 2025 GMT Not After : Dec 7 04:01:27 2025 GMT Subject: CN=f20d00d866cf443890e71acdf63b15cd73b36b29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c0:4b:16:f5:6b:85:cc:2a:47:7e:43:7a:b0: f5:a6:35:fa:06:62:31:4e:18:d2:13:90:07:a3:8b: bb:b2:09:b7:4c:71:69:df:b2:78:ed:6f:8e:d7:94: 5c:46:4b:a4:0c:fc:31:27:df:d8:29:b2:0d:fe:a6: 18:b2:39:67:6a:0d:0c:c3:96:ca:ee:6a:0b:65:3b: e8:0f:c4:af:cc:a6:7a:f2:26:91:9c:ef:9a:9d:77: 8c:7b:80:5f:ea:4d:78:e5:7a:c6:85:c1:f2:0b:54: 02:12:56:b8:be:6f:2c:2e:ee:67:13:d6:1b:86:7e: c2:6a:dd:9e:41:00:c7:32:8c:fe:69:79:d8:92:3d: bb:ea:42:69:4d:ca:99:a4:25:d6:11:e4:d0:ee:3b: 97:5b:30:a0:57:47:16:d7:40:d9:9d:b4:4d:78:69: 6b:2d:ad:7d:66:a2:5e:20:d7:85:53:8d:58:39:48: cf:c4:41:f1:f1:c2:36:34:0e:a0:e6:4c:a4:4e:da: bb:9e:b3:02:59:81:07:f0:33:4d:4f:b8:fa:1d:a0: a6:92:5e:a4:58:d5:b5:31:0a:fd:f5:df:89:6b:0a: fd:ab:24:e2:69:e7:e7:04:1c:30:1b:de:57:a5:20: 3f:cf:62:f9:16:23:e3:76:40:b2:e3:c4:28:f0:4b: e3:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:0D:00:D8:66:CF:44:38:90:E7:1A:CD:F6:3B:15:CD:73:B3:6B:29 X509v3 Authority Key Identifier: keyid:DD:70:C5:F0:9B:62:68:32:92:FD:91:09:E6:94:71:35:90:28:1F:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/a67557-d89a-4ef1-bd63-a7fcab9aa7aa/1/3XDF8JtiaDKS_ZEJ5pRxNZAoH40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:01:86:43:71:74:23:75:db:c8:59:c8:2c:19:a4:8d:e3:db: a2:61:36:7e:52:07:39:90:be:7f:0e:70:02:e2:b7:58:b3:bf: e8:d8:ea:ac:90:37:49:35:e5:e2:90:5f:6c:ac:35:8a:ef:87: 46:c1:c6:3a:3b:bf:dc:d3:d3:95:44:a4:02:5b:58:18:b2:af: 7b:fc:29:d4:d4:8a:f3:8a:b4:72:41:7b:41:02:58:45:01:a9: 25:c4:f1:fa:64:e7:31:8f:cc:a6:7d:99:f8:a4:45:6d:2b:b8: 12:ff:8c:51:46:d6:70:be:12:29:c9:87:75:59:e8:8e:42:b8: 1b:4b:6e:a2:a9:59:0e:ba:5e:2d:73:1b:05:62:40:4a:15:f5: 5f:ab:2c:15:f8:b4:6e:3f:54:33:16:c6:2e:9d:71:29:67:44: 84:9f:ea:2a:71:c0:9b:0e:c5:90:ed:8f:71:71:1d:7c:0f:49: 89:2d:bb:23:8d:71:96:21:ba:74:c7:2b:2d:a2:c9:a2:b1:19: 51:6e:0f:75:fa:e5:2d:06:ca:84:bf:12:30:f8:d5:2b:fd:a6: 5d:9a:fe:63:fd:e8:3e:8a:18:79:21:18:be:52:88:66:db:86: 64:db:89:b8:d3:da:79:fc:d3:4d:65:e3:f1:4c:3f:21:0a:54: 3e:97:ad:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0mFjD3/sYCbTes+q2m0nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNzBjNWYwOWI2MjY4MzI5MmZkOTEwOWU2OTQ3MTM1OTAy ODFmOGQwHhcNMjUxMjA2MDQwMTI3WhcNMjUxMjA3MDQwMTI3WjAzMTEwLwYDVQQD EyhmMjBkMDBkODY2Y2Y0NDM4OTBlNzFhY2RmNjNiMTVjZDczYjM2YjI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18BLFvVrhcwqR35DerD1pjX6BmIx ThjSE5AHo4u7sgm3THFp37J47W+O15RcRkukDPwxJ9/YKbIN/qYYsjlnag0Mw5bK 7moLZTvoD8SvzKZ68iaRnO+anXeMe4Bf6k145XrGhcHyC1QCEla4vm8sLu5nE9Yb hn7Cat2eQQDHMoz+aXnYkj276kJpTcqZpCXWEeTQ7juXWzCgV0cW10DZnbRNeGlr La19ZqJeINeFU41YOUjPxEHx8cI2NA6g5kykTtq7nrMCWYEH8DNNT7j6HaCmkl6k WNW1MQr99d+Jawr9qyTiaefnBBwwG95XpSA/z2L5FiPjdkCy48Qo8EvjoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPINANhmz0Q4kOcazfY7Fc1zs2spMB8GA1UdIwQY MBaAFN1wxfCbYmgykv2RCeaUcTWQKB+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMt YTdmY2FiOWFhN2FhLzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC9hNjc1NTctZDg5YS00ZWYxLWJkNjMtYTdmY2FiOWFhN2Fh LzEvM1hERjhKdGlhREtTX1pFSjVwUnhOWkFvSDQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwGGQ3F0 I3XbyFnILBmkjePbomE2flIHOZC+fw5wAuK3WLO/6NjqrJA3STXl4pBfbKw1iu+H RsHGOju/3NPTlUSkAltYGLKve/wp1NSK84q0ckF7QQJYRQGpJcTx+mTnMY/Mpn2Z +KRFbSu4Ev+MUUbWcL4SKcmHdVnojkK4G0tuoqlZDrpeLXMbBWJAShX1X6ssFfi0 bj9UMxbGLp1xKWdEhJ/qKnHAmw7FkO2PcXEdfA9JiS27I41xliG6dMcrLaLJorEZ UW4PdfrlLQbKhL8SMPjVK/2mXZr+Y/3oPooYeSEYvlKIZtuGZNuJuNPaefzTTWXj 8Uw/IQpUPpet1g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:35:05 2025 by rpki-client