This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft File: 3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json) Hash identifier: bsTqEHZhgPUVJ9k/lSjtcGR70WLfk/LQIan+M8N5b60= Subject key identifier: F6:CD:01:47:67:44:5E:D8:42:E4:E1:DB:99:07:8F:EB:6F:44:51:7A Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02 Certificate issuer: /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802 Certificate serial: 019AF2ADB9109F9B46F27C0D2EC6FD075C51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft Manifest number: 033B Signing time: Sat 06 Dec 2025 08:01:02 +0000 Manifest this update: Sat 06 Dec 2025 08:01:02 +0000 Manifest next update: Sun 07 Dec 2025 08:01:02 +0000 Files and hashes: 1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: XCy97zniO+Q5KSfKBciYxz4p8KHPz/GgkEkQlie9ecM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:b9:10:9f:9b:46:f2:7c:0d:2e:c6:fd:07:5c:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802 Validity Not Before: Dec 6 08:01:02 2025 GMT Not After : Dec 7 08:01:02 2025 GMT Subject: CN=f6cd014767445ed842e4e1db99078feb6f44517a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0e:84:10:62:46:a9:b7:be:24:e4:08:82:b0: 50:65:17:1d:b0:93:a3:25:fc:c6:89:eb:8e:d4:12: ba:e3:d2:13:46:89:33:79:90:20:8c:2e:e3:55:dd: 01:38:28:e2:c6:cd:3b:14:70:23:f6:10:14:87:6e: 7c:e4:7f:fb:2f:75:65:7f:15:af:4c:bf:79:17:45: 72:88:12:1a:0f:b8:1c:ba:77:70:f3:59:75:3e:6d: 78:7d:e6:f8:0a:a3:a3:7b:8f:6a:fc:a8:8a:4a:7b: b9:d1:6b:40:09:85:8c:4c:12:d8:88:38:11:9b:e0: db:a5:94:88:84:f3:b5:7e:bf:83:bb:5e:18:ec:87: 24:56:c9:57:58:b5:8b:37:9b:1e:03:50:a8:06:f3: 3f:3b:0a:06:78:3a:54:88:b4:95:f2:97:37:fe:b7: 9b:53:38:8c:dc:87:a6:49:1f:be:67:60:84:2b:c1: 0b:1e:11:44:f9:5c:f3:0d:f6:b1:87:60:b2:cb:3b: 2f:2f:0f:8e:76:5f:02:0c:09:7f:c0:9a:69:d1:7f: 73:bd:8f:b4:a9:a1:35:53:f7:1c:df:b3:74:d7:bc: 17:29:70:6d:61:d7:29:89:4f:a1:25:a1:55:61:a2: e0:59:6d:5c:3c:c7:99:b9:fd:20:56:72:de:ac:10: 56:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:CD:01:47:67:44:5E:D8:42:E4:E1:DB:99:07:8F:EB:6F:44:51:7A X509v3 Authority Key Identifier: keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:ea:54:11:aa:25:9d:87:08:6d:06:cd:27:d9:71:fd:4c:1f: af:8f:cf:97:ca:83:7d:ea:92:a5:39:77:4d:3a:9d:69:cd:8e: 94:0a:11:aa:8d:93:90:4a:40:84:57:d4:ee:c2:93:48:7f:de: 0a:13:1c:4f:e5:ae:9a:ed:0b:80:1d:d4:23:3e:da:58:0d:81: 39:2a:83:19:74:d5:46:e2:cd:d0:8e:d9:5b:03:b0:36:7b:a2: aa:71:96:5b:3e:61:67:9a:98:02:be:fc:74:54:3a:9a:cc:d4: 66:02:8d:35:09:a0:1a:0c:48:a0:9e:4d:5f:a3:d4:9e:14:62: 9a:fb:c4:28:de:b1:01:22:e5:d7:e8:af:da:0b:fc:a5:5e:7f: 9e:fb:0f:55:9f:29:8d:56:f1:45:58:a4:48:ab:7e:eb:8a:67: cb:dc:0a:00:db:19:3a:2f:73:70:73:67:46:f7:44:bd:bb:ad: 2f:40:5a:73:9d:5b:be:73:ed:cb:de:02:75:63:fe:27:5c:0f: 7e:f2:a3:06:9b:e5:7e:c5:cc:24:0a:ab:df:fc:6c:d2:80:55: a5:be:9f:da:e4:d9:d1:39:15:23:84:7a:14:91:54:1a:fa:92: 51:52:a9:b9:c4:7f:6a:93:ea:73:99:64:3a:25:f1:48:87:2a: 0b:a4:ef:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrbkQn5tG8nwNLsb9B1xRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh NjM4MDIwHhcNMjUxMjA2MDgwMTAyWhcNMjUxMjA3MDgwMTAyWjAzMTEwLwYDVQQD EyhmNmNkMDE0NzY3NDQ1ZWQ4NDJlNGUxZGI5OTA3OGZlYjZmNDQ1MTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ6EEGJGqbe+JOQIgrBQZRcdsJOj JfzGieuO1BK649ITRokzeZAgjC7jVd0BOCjixs07FHAj9hAUh2585H/7L3VlfxWv TL95F0VyiBIaD7gcundw81l1Pm14feb4CqOje49q/KiKSnu50WtACYWMTBLYiDgR m+DbpZSIhPO1fr+Du14Y7IckVslXWLWLN5seA1CoBvM/OwoGeDpUiLSV8pc3/reb UziM3IemSR++Z2CEK8ELHhFE+VzzDfaxh2CyyzsvLw+Odl8CDAl/wJpp0X9zvY+0 qaE1U/cc37N017wXKXBtYdcpiU+hJaFVYaLgWW1cPMeZuf0gVnLerBBWawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPbNAUdnRF7YQuTh25kHj+tvRFF6MB8GA1UdIwQY MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwOpUEaol nYcIbQbNJ9lx/Uwfr4/Pl8qDfeqSpTl3TTqdac2OlAoRqo2TkEpAhFfU7sKTSH/e ChMcT+Wumu0LgB3UIz7aWA2BOSqDGXTVRuLN0I7ZWwOwNnuiqnGWWz5hZ5qYAr78 dFQ6mszUZgKNNQmgGgxIoJ5NX6PUnhRimvvEKN6xASLl1+iv2gv8pV5/nvsPVZ8p jVbxRVikSKt+64pny9wKANsZOi9zcHNnRvdEvbutL0Bac51bvnPty94CdWP+J1wP fvKjBpvlfsXMJAqr3/xs0oBVpb6f2uTZ0TkVI4R6FJFUGvqSUVKpucR/apPqc5lk OiXxSIcqC6Tv3Q== -----END CERTIFICATE-----Generated at Sat Dec 6 12:12:45 2025 by rpki-client