This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft File: 3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json) Hash identifier: cvJBUoGNQyPnHiprgOP0srPfkRFmHkLp3NVGTm9kpzk= Subject key identifier: AD:FC:8B:EC:D7:1A:69:2D:05:0B:37:53:5F:C6:14:CD:76:47:66:25 Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02 Certificate issuer: /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802 Certificate serial: 019B36458E94D1E69CD1DDEF394B25B6ADA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft Manifest number: 035E Signing time: Fri 19 Dec 2025 11:01:26 +0000 Manifest this update: Fri 19 Dec 2025 11:01:26 +0000 Manifest next update: Sat 20 Dec 2025 11:01:26 +0000 Files and hashes: 1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: mUp61OwxgzaMPOA+dM99Zc8pg5Gw6tEvvcXXl6dmh7o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:45:8e:94:d1:e6:9c:d1:dd:ef:39:4b:25:b6:ad:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802 Validity Not Before: Dec 19 11:01:26 2025 GMT Not After : Dec 20 11:01:26 2025 GMT Subject: CN=adfc8becd71a692d050b37535fc614cd76476625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:17:40:1b:b2:30:23:1c:e2:e3:7b:01:72:f1: 51:ee:64:3c:10:11:96:88:28:fb:2a:6a:ce:69:84: 72:45:fc:29:6b:c5:1a:d1:d4:de:09:63:23:2e:34: c7:91:de:aa:33:bf:c8:54:92:57:a8:b1:bf:8d:33: 47:80:1c:66:71:3a:7c:1d:29:25:55:15:3a:67:e0: 1a:b9:e5:bd:92:97:c3:b9:d9:51:11:2c:1e:21:2d: 76:bf:95:39:ad:21:32:72:b6:1f:15:2b:d3:2a:ed: 0c:f3:1a:81:9b:a3:e9:df:a7:0e:ff:e0:e3:44:a5: 1e:a0:d5:cb:2d:b7:f9:25:28:f6:b0:0f:6e:4f:17: 60:57:23:32:fd:d3:2d:b2:87:f6:4d:00:f9:21:3d: 0f:da:49:a9:9d:6d:5a:0f:90:b3:66:a8:d5:c9:d6: db:ff:b1:6a:18:67:f8:dc:1d:93:55:f0:38:b5:a3: a9:1b:6d:f0:3f:d7:0c:04:00:e1:c2:3a:f8:74:9f: 5f:de:d7:38:db:5d:63:6e:a2:67:0a:93:d8:0b:23: 31:bd:f1:0b:55:c2:86:6d:e9:f1:18:05:05:ab:ad: 10:c6:eb:ca:5b:a2:37:c3:b0:22:59:91:cb:89:06: 5f:34:9b:00:90:84:5b:65:7a:d9:fb:6c:e5:c0:9a: b7:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:FC:8B:EC:D7:1A:69:2D:05:0B:37:53:5F:C6:14:CD:76:47:66:25 X509v3 Authority Key Identifier: keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:3f:86:3a:af:8d:72:ab:5d:48:cb:84:1b:16:67:22:d6:ab: cc:fd:1f:af:da:87:97:81:57:1f:9d:58:37:fd:db:a6:b1:b2: 79:fb:a7:71:ae:1a:f7:14:90:c2:3a:4e:a5:08:79:3d:af:8e: 5d:f2:7e:13:44:3b:c9:7e:b2:96:b3:2a:f2:07:69:7c:0a:30: f2:12:4b:fb:c4:01:6a:2c:7c:e4:22:30:f5:83:78:91:32:8f: a5:22:60:16:54:10:51:44:2b:8e:ac:e9:f2:dd:c1:7c:ca:73: 35:0c:b7:3c:c5:c3:5c:34:bd:3d:ed:8a:49:26:36:d9:56:e2: 54:72:99:5f:86:18:28:28:84:a6:98:ea:6f:a7:12:6d:0d:ec: e1:e6:3f:59:69:5b:f6:65:1e:f9:d2:2c:de:de:36:d6:13:6b: be:4a:6e:72:30:81:f0:79:51:75:1c:66:80:43:94:da:72:e8: 73:97:5c:57:c1:06:5e:17:cb:4f:27:7b:5a:6a:16:bc:05:6f: 82:9b:02:0c:35:1f:aa:fa:c3:7f:b0:95:ac:5a:e2:80:0e:b9: f8:26:6e:c8:20:3a:54:06:68:9a:ad:70:a6:04:a8:f8:17:b2: b6:bd:12:97:b7:5e:97:ea:06:48:9c:f4:26:4c:07:5a:7f:df: 71:40:99:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2RY6U0eac0d3vOUsltq2oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh NjM4MDIwHhcNMjUxMjE5MTEwMTI2WhcNMjUxMjIwMTEwMTI2WjAzMTEwLwYDVQQD EyhhZGZjOGJlY2Q3MWE2OTJkMDUwYjM3NTM1ZmM2MTRjZDc2NDc2NjI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohdAG7IwIxzi43sBcvFR7mQ8EBGW iCj7KmrOaYRyRfwpa8Ua0dTeCWMjLjTHkd6qM7/IVJJXqLG/jTNHgBxmcTp8HSkl VRU6Z+AaueW9kpfDudlRESweIS12v5U5rSEycrYfFSvTKu0M8xqBm6Pp36cO/+Dj RKUeoNXLLbf5JSj2sA9uTxdgVyMy/dMtsof2TQD5IT0P2kmpnW1aD5CzZqjVydbb /7FqGGf43B2TVfA4taOpG23wP9cMBADhwjr4dJ9f3tc4211jbqJnCpPYCyMxvfEL VcKGbenxGAUFq60QxuvKW6I3w7AiWZHLiQZfNJsAkIRbZXrZ+2zlwJq3vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK38i+zXGmktBQs3U1/GFM12R2YlMB8GA1UdIwQY MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALj+GOq+N cqtdSMuEGxZnItarzP0fr9qHl4FXH51YN/3bprGyefunca4a9xSQwjpOpQh5Pa+O XfJ+E0Q7yX6ylrMq8gdpfAow8hJL+8QBaix85CIw9YN4kTKPpSJgFlQQUUQrjqzp 8t3BfMpzNQy3PMXDXDS9Pe2KSSY22VbiVHKZX4YYKCiEppjqb6cSbQ3s4eY/WWlb 9mUe+dIs3t421hNrvkpucjCB8HlRdRxmgEOU2nLoc5dcV8EGXhfLTyd7WmoWvAVv gpsCDDUfqvrDf7CVrFrigA65+CZuyCA6VAZomq1wpgSo+Beytr0Sl7del+oGSJz0 JkwHWn/fcUCZ1Q== -----END CERTIFICATE-----Generated at Fri Dec 19 12:52:13 2025 by rpki-client