This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft File: 3XF0IQf16FBis-CuZa-kuuZw4Es.mft (raw, json) Hash identifier: VNMYIlimDawybRLf/W2GCKupKrNbg1bFLPpwDsUXvWA= Subject key identifier: 72:D0:41:81:8A:39:5E:73:FB:44:E8:64:EE:D6:96:1A:56:CB:18:69 Authority key identifier: DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B Certificate issuer: /CN=dd71742107f5e85062b3e0ae65afa4bae670e04b Certificate serial: 019B360DF37F773853BA8F4ED273486E6056 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft Manifest number: 0605 Signing time: Fri 19 Dec 2025 10:00:42 +0000 Manifest this update: Fri 19 Dec 2025 10:00:42 +0000 Manifest next update: Sat 20 Dec 2025 10:00:42 +0000 Files and hashes: 1: 3XF0IQf16FBis-CuZa-kuuZw4Es.crl (hash: ikikSQ11tdvEuA/u5gpjqZdat5tvM/tUoexWQQVMHNc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:0d:f3:7f:77:38:53:ba:8f:4e:d2:73:48:6e:60:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd71742107f5e85062b3e0ae65afa4bae670e04b Validity Not Before: Dec 19 10:00:42 2025 GMT Not After : Dec 20 10:00:42 2025 GMT Subject: CN=72d041818a395e73fb44e864eed6961a56cb1869 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:46:64:0f:0a:8b:0f:4d:88:8d:56:26:bf:71: 60:57:f2:d3:55:09:3d:fa:62:e6:c9:45:b7:af:b2: e3:f1:26:82:e1:c0:7b:f5:27:f1:8d:25:af:b1:aa: 49:90:c0:c1:4f:95:b0:05:ad:ce:90:69:64:ce:e5: 6e:c6:62:f4:0b:40:8b:84:02:f3:14:03:73:91:1e: d3:d6:fe:76:1e:c6:9e:d7:60:dd:ae:04:2d:44:cf: c6:2d:94:5f:08:3e:36:2d:15:24:39:7d:08:a5:9b: d1:f5:df:a7:63:41:5a:f2:9f:31:ac:10:e0:b7:96: 87:42:36:52:ab:f1:82:b4:d8:3c:84:16:b5:89:ef: 79:31:16:bd:59:f3:2a:88:0b:32:eb:24:3a:51:c9: bc:15:e8:60:31:8c:e4:ad:97:14:a3:02:b6:28:89: 9f:59:f3:96:18:b9:3b:f0:fd:45:8e:5e:4b:cb:3d: c4:df:7e:07:29:47:fb:22:fa:92:7e:32:51:ad:15: 63:61:af:0c:67:92:9a:2a:14:73:ae:2e:d2:01:9c: f8:b8:77:3c:b8:9d:78:34:e4:8a:87:e6:93:20:d9: 5f:ec:e2:83:a4:27:89:41:bc:79:53:27:01:a8:ca: ec:18:5a:02:05:67:e7:4b:fe:d4:d3:2a:b5:96:7c: 32:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:D0:41:81:8A:39:5E:73:FB:44:E8:64:EE:D6:96:1A:56:CB:18:69 X509v3 Authority Key Identifier: keyid:DD:71:74:21:07:F5:E8:50:62:B3:E0:AE:65:AF:A4:BA:E6:70:E0:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XF0IQf16FBis-CuZa-kuuZw4Es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2de4a9-658c-406b-8ee7-a7706ba30889/1/3XF0IQf16FBis-CuZa-kuuZw4Es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:19:69:d2:54:0e:1a:25:52:43:ba:87:89:de:76:5a:b0:de: 57:d3:72:be:24:e4:83:1b:75:9c:1e:4f:d7:b6:61:f3:c0:47: f6:74:1e:d6:00:2a:9a:3d:79:e7:f2:a9:80:e7:e6:ee:bd:d4: 27:77:23:ad:8f:73:e4:5f:40:70:da:6e:14:d9:2e:40:24:9c: 88:d4:70:db:32:3a:df:68:47:ae:9e:e3:2b:85:a7:25:32:1d: 0e:b3:24:e2:55:ff:a1:d7:ed:8d:be:58:be:08:d6:03:a5:33: 33:dc:22:76:3e:2b:f4:67:af:d4:7d:08:f0:ce:8a:62:4f:e3: 7c:8d:52:3d:29:b6:ab:d4:45:c7:9b:9a:91:36:4f:95:13:23: b5:c1:33:76:6e:5e:4d:41:b0:8c:af:54:d9:3e:ef:c4:a3:13: 73:88:74:f9:dc:de:08:2b:7b:84:ae:b4:e2:15:2a:3a:45:3b: 98:0c:2b:a5:42:88:6a:de:cb:4b:af:ff:77:5e:e4:a2:bc:f0: c7:d8:f7:65:a0:ba:4d:9d:1a:da:3f:6f:69:36:36:47:e1:d3: 53:ae:ed:50:6d:4b:b6:b0:a8:9e:59:c1:17:e7:0b:f5:a6:c7: e4:d4:99:6e:c5:85:f8:33:d3:5e:fe:26:fb:d9:c3:5b:46:d5: c8:df:cf:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2DfN/dzhTuo9O0nNIbmBWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNzE3NDIxMDdmNWU4NTA2MmIzZTBhZTY1YWZhNGJhZTY3 MGUwNGIwHhcNMjUxMjE5MTAwMDQyWhcNMjUxMjIwMTAwMDQyWjAzMTEwLwYDVQQD Eyg3MmQwNDE4MThhMzk1ZTczZmI0NGU4NjRlZWQ2OTYxYTU2Y2IxODY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUZkDwqLD02IjVYmv3FgV/LTVQk9 +mLmyUW3r7Lj8SaC4cB79SfxjSWvsapJkMDBT5WwBa3OkGlkzuVuxmL0C0CLhALz FANzkR7T1v52Hsae12DdrgQtRM/GLZRfCD42LRUkOX0IpZvR9d+nY0Fa8p8xrBDg t5aHQjZSq/GCtNg8hBa1ie95MRa9WfMqiAsy6yQ6Ucm8FehgMYzkrZcUowK2KImf WfOWGLk78P1Fjl5Lyz3E334HKUf7IvqSfjJRrRVjYa8MZ5KaKhRzri7SAZz4uHc8 uJ14NOSKh+aTINlf7OKDpCeJQbx5UycBqMrsGFoCBWfnS/7U0yq1lnwy1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHLQQYGKOV5z+0ToZO7WlhpWyxhpMB8GA1UdIwQY MBaAFN1xdCEH9ehQYrPgrmWvpLrmcOBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTct YTc3MDZiYTMwODg5LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy8yZGU0YTktNjU4Yy00MDZiLThlZTctYTc3MDZiYTMwODg5 LzEvM1hGMElRZjE2RkJpcy1DdVphLWt1dVp3NEVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJhlp0lQO GiVSQ7qHid52WrDeV9NyviTkgxt1nB5P17Zh88BH9nQe1gAqmj155/KpgOfm7r3U J3cjrY9z5F9AcNpuFNkuQCSciNRw2zI632hHrp7jK4WnJTIdDrMk4lX/odftjb5Y vgjWA6UzM9widj4r9Gev1H0I8M6KYk/jfI1SPSm2q9RFx5uakTZPlRMjtcEzdm5e TUGwjK9U2T7vxKMTc4h0+dzeCCt7hK604hUqOkU7mAwrpUKIat7LS6//d17korzw x9j3ZaC6TZ0a2j9vaTY2R+HTU67tUG1LtrConlnBF+cL9abH5NSZbsWF+DPTXv4m +9nDW0bVyN/Pvw== -----END CERTIFICATE-----Generated at Fri Dec 19 14:19:57 2025 by rpki-client