This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft File: 3q91C1wrlTnZblZJdyr34Q7-D-o.mft (raw, json) Hash identifier: bhh7EpZGkfaO9nn2F/7CulY7CSLlweW0qgnRvNnw10w= Subject key identifier: B1:00:CE:66:38:88:D7:B1:CB:68:ED:97:14:3F:BC:34:D6:5E:DC:3D Authority key identifier: DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA Certificate issuer: /CN=deaf750b5c2b9539d96e5649772af7e10efe0fea Certificate serial: 019AF19AB80929FFAE40B2F120E3BE914292 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft Manifest number: 0DF2 Signing time: Sat 06 Dec 2025 03:00:39 +0000 Manifest this update: Sat 06 Dec 2025 03:00:39 +0000 Manifest next update: Sun 07 Dec 2025 03:00:39 +0000 Files and hashes: 1: 3q91C1wrlTnZblZJdyr34Q7-D-o.crl (hash: G911kmKtaGOuNdp0NGJYLQ44H8w33zvjubDp5/N6gqI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:b8:09:29:ff:ae:40:b2:f1:20:e3:be:91:42:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=deaf750b5c2b9539d96e5649772af7e10efe0fea Validity Not Before: Dec 6 03:00:39 2025 GMT Not After : Dec 7 03:00:39 2025 GMT Subject: CN=b100ce663888d7b1cb68ed97143fbc34d65edc3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b9:aa:fe:f9:e9:54:a1:71:64:19:95:b0:4e: 0c:bf:d5:4e:90:c1:1d:2b:91:4f:22:02:93:46:39: 2d:0c:69:83:ec:b8:dd:20:14:3b:05:07:11:5c:8d: b9:61:0c:fd:0d:9c:a6:4a:82:4c:7d:94:ff:8e:db: b5:b6:0b:22:f6:35:62:e2:99:0a:8a:4b:53:a5:5a: bf:fc:2b:14:31:df:e7:da:07:c6:86:da:fb:79:79: 50:f8:15:89:42:4b:22:48:36:a5:f3:c0:c8:5d:c6: cf:56:b9:92:61:c8:6d:96:bb:20:99:52:a4:66:34: 8b:b7:32:a3:9f:c7:58:b0:cc:90:69:38:c5:8c:68: 04:7d:6d:63:72:d7:90:18:9c:90:8b:6d:81:2b:60: 91:40:e9:bb:b0:fb:f4:18:76:a6:7b:1e:8b:86:4f: 84:a6:ea:09:74:fa:96:49:15:95:e4:8b:da:e9:74: 39:be:ea:cc:a9:05:02:ed:b7:15:e6:79:e9:ab:f6: b0:48:b3:d7:80:b1:fd:30:20:0a:68:d6:4f:e9:97: 3a:c6:6f:34:6a:12:7d:3c:94:05:37:70:fd:08:27: 2d:38:a0:bf:eb:8b:ac:18:94:58:08:3c:be:2b:4d: 26:79:d8:eb:4e:c5:91:fc:6b:05:2c:4c:04:36:d0: 52:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:00:CE:66:38:88:D7:B1:CB:68:ED:97:14:3F:BC:34:D6:5E:DC:3D X509v3 Authority Key Identifier: keyid:DE:AF:75:0B:5C:2B:95:39:D9:6E:56:49:77:2A:F7:E1:0E:FE:0F:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3q91C1wrlTnZblZJdyr34Q7-D-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0309fb-6f84-47bc-a7c9-5d31d1fe428f/1/3q91C1wrlTnZblZJdyr34Q7-D-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:e9:be:63:cc:1a:a8:8c:91:34:47:9a:df:9f:98:71:bd:54: 6a:d2:25:7f:6a:ff:9e:35:e9:7e:c4:26:41:46:05:ec:05:e7: 7d:63:bd:84:d8:9b:a0:d5:42:c8:df:83:9b:d8:65:cf:36:f1: 93:eb:10:67:43:6c:5e:37:70:06:b1:ae:c5:ad:de:95:83:f8: b5:5b:b8:ce:04:ba:a1:69:b7:5f:20:27:9d:bb:48:e7:b5:68: b7:92:92:99:4b:0d:25:12:48:17:df:b2:f3:9b:80:73:c6:59: 66:71:f2:62:1f:db:c8:81:4e:29:91:a8:69:c2:36:b3:ab:01: 6b:9b:f6:49:86:87:c3:a2:d0:c4:17:30:10:d4:e5:6a:c7:e7: a6:f4:51:ec:15:f9:70:57:48:ad:8b:9f:89:54:cc:0f:e4:cb: 32:45:b9:66:32:d1:02:aa:23:86:05:3b:8a:c1:8f:89:28:52: c5:c7:98:c3:b7:1d:4d:59:be:fc:db:ed:bd:3b:42:b2:69:b3: a6:b3:97:12:1e:9c:6a:a3:cd:1b:a3:e7:ff:83:46:4f:12:e9: ad:3e:a9:0b:0a:1c:89:8c:0c:84:c3:67:ad:06:24:9e:78:25: 67:86:10:98:4f:50:e8:38:87:e7:ba:bb:f3:64:72:5c:ab:dd: c3:e1:32:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmrgJKf+uQLLxIOO+kUKSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlYWY3NTBiNWMyYjk1MzlkOTZlNTY0OTc3MmFmN2UxMGVm ZTBmZWEwHhcNMjUxMjA2MDMwMDM5WhcNMjUxMjA3MDMwMDM5WjAzMTEwLwYDVQQD EyhiMTAwY2U2NjM4ODhkN2IxY2I2OGVkOTcxNDNmYmMzNGQ2NWVkYzNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7mq/vnpVKFxZBmVsE4Mv9VOkMEd K5FPIgKTRjktDGmD7LjdIBQ7BQcRXI25YQz9DZymSoJMfZT/jtu1tgsi9jVi4pkK iktTpVq//CsUMd/n2gfGhtr7eXlQ+BWJQksiSDal88DIXcbPVrmSYchtlrsgmVKk ZjSLtzKjn8dYsMyQaTjFjGgEfW1jcteQGJyQi22BK2CRQOm7sPv0GHamex6Lhk+E puoJdPqWSRWV5Iva6XQ5vurMqQUC7bcV5nnpq/awSLPXgLH9MCAKaNZP6Zc6xm80 ahJ9PJQFN3D9CCctOKC/64usGJRYCDy+K00medjrTsWR/GsFLEwENtBSgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLEAzmY4iNexy2jtlxQ/vDTWXtw9MB8GA1UdIwQY MBaAFN6vdQtcK5U52W5WSXcq9+EO/g/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3Yzkt NWQzMWQxZmU0MjhmLzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZS8wMzA5ZmItNmY4NC00N2JjLWE3YzktNWQzMWQxZmU0Mjhm LzEvM3E5MUMxd3JsVG5aYmxaSmR5cjM0UTctRC1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoum+Y8wa qIyRNEea35+Ycb1UatIlf2r/njXpfsQmQUYF7AXnfWO9hNiboNVCyN+Dm9hlzzbx k+sQZ0NsXjdwBrGuxa3elYP4tVu4zgS6oWm3XyAnnbtI57Vot5KSmUsNJRJIF9+y 85uAc8ZZZnHyYh/byIFOKZGoacI2s6sBa5v2SYaHw6LQxBcwENTlasfnpvRR7BX5 cFdIrYufiVTMD+TLMkW5ZjLRAqojhgU7isGPiShSxceYw7cdTVm+/NvtvTtCsmmz prOXEh6caqPNG6Pn/4NGTxLprT6pCwociYwMhMNnrQYknnglZ4YQmE9Q6DiH57q7 82RyXKvdw+EyYQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:37:20 2025 by rpki-client