This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft File: 3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json) Hash identifier: QmvwXzA8ZXhb/bB+R8O8bA3fDoM0VF9WLV0fndZLpEc= Subject key identifier: 1C:CF:63:1F:1C:75:0E:56:93:A6:80:D8:F5:CC:BE:1B:6C:C3:E9:C9 Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05 Certificate issuer: /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05 Certificate serial: 019AF08877837E1C70DD61479920BB1E27E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft Manifest number: 06E5 Signing time: Fri 05 Dec 2025 22:01:06 +0000 Manifest this update: Fri 05 Dec 2025 22:01:06 +0000 Manifest next update: Sat 06 Dec 2025 22:01:06 +0000 Files and hashes: 1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: MVkw9p01B8/zntobZubOf1nNmPyl6bN3yit/V+4nbLM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:77:83:7e:1c:70:dd:61:47:99:20:bb:1e:27:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05 Validity Not Before: Dec 5 22:01:06 2025 GMT Not After : Dec 6 22:01:06 2025 GMT Subject: CN=1ccf631f1c750e5693a680d8f5ccbe1b6cc3e9c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:9e:2f:ff:9b:f1:e3:f2:a1:17:64:49:63:70: 90:98:c0:7b:3b:e6:32:90:ad:86:d7:73:da:3f:fa: 9b:a6:d6:e9:de:37:8b:1d:2f:e1:01:dd:38:d1:8e: 91:6d:b6:01:93:2b:d2:01:38:62:cc:52:e1:56:cf: f9:2c:d9:32:28:1d:cc:b6:ba:a0:c2:ab:67:f3:7d: 07:c4:ca:03:e3:88:96:1a:d8:60:19:3d:76:61:bf: 6e:74:47:49:2b:7b:60:ee:d1:46:b7:7d:80:db:ad: 89:04:48:76:0d:7b:12:18:7b:38:85:4a:d0:35:29: cf:3a:16:e4:32:ec:3d:6d:41:44:76:e3:6a:c6:03: d2:de:8d:52:3a:3d:12:6b:2d:24:4e:b6:c6:20:db: f4:a4:26:e5:73:8a:86:cf:d1:0a:03:78:85:06:d3: 91:80:31:ba:82:34:a4:b5:04:a1:01:bb:69:76:a2: 94:db:af:bf:49:41:64:c3:51:3e:d8:bd:5a:3b:0f: dc:cd:e6:03:81:3e:bc:4e:e2:9b:9e:34:62:f8:a2: 25:38:b8:3b:7d:eb:ca:28:bd:a2:50:64:09:87:d1: 0c:14:13:0d:38:d9:dc:ec:1d:74:93:61:ae:b2:c0: 28:36:90:67:b3:3b:79:09:d9:9e:fe:92:2d:57:9f: e3:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:CF:63:1F:1C:75:0E:56:93:A6:80:D8:F5:CC:BE:1B:6C:C3:E9:C9 X509v3 Authority Key Identifier: keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:41:87:70:67:1d:1f:95:c6:1b:6e:4b:ae:47:7a:c1:47:fe: 19:29:dc:53:3a:05:0c:96:9f:6e:ee:67:f7:71:be:04:f1:21: e2:4a:1d:10:1f:7f:cb:d5:7c:42:aa:c2:c6:a8:f3:5c:64:c8: 13:9b:f2:71:e5:45:53:5b:c1:1c:26:bf:b4:55:3b:7e:96:28: 6c:a8:02:5f:f9:e0:5d:4c:35:6c:e2:2a:d6:13:48:44:7e:47: bd:07:09:c2:97:2c:b9:95:85:b0:d4:34:6b:96:c7:14:01:54: 7e:7d:d1:75:d1:0d:c5:d0:2e:30:80:d3:99:ca:70:c1:a5:1a: f9:97:67:54:17:53:63:1d:ca:1e:a7:e0:3b:93:07:87:46:92: be:6c:e1:af:8c:0b:04:81:2d:d9:81:65:cf:be:24:5a:b9:c6: ab:39:21:db:e3:f5:8d:52:ab:28:2e:ca:7f:41:df:98:6c:30: f2:22:72:f9:c6:63:66:01:72:04:84:ab:fd:c5:02:87:ed:21: fb:c5:ab:6d:12:9e:d5:7a:6d:4b:fe:bf:b0:4c:8f:99:c3:1a: 4d:5e:92:26:9a:4e:58:6c:90:34:10:1f:44:65:65:8c:17:ee: 46:39:4e:54:81:bc:ea:f1:39:6f:57:4d:85:e4:c4:c4:11:33: 65:9c:e0:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiHeDfhxw3WFHmSC7HifnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5 N2RhMDUwHhcNMjUxMjA1MjIwMTA2WhcNMjUxMjA2MjIwMTA2WjAzMTEwLwYDVQQD EygxY2NmNjMxZjFjNzUwZTU2OTNhNjgwZDhmNWNjYmUxYjZjYzNlOWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z4v/5vx4/KhF2RJY3CQmMB7O+Yy kK2G13PaP/qbptbp3jeLHS/hAd040Y6RbbYBkyvSAThizFLhVs/5LNkyKB3Mtrqg wqtn830HxMoD44iWGthgGT12Yb9udEdJK3tg7tFGt32A262JBEh2DXsSGHs4hUrQ NSnPOhbkMuw9bUFEduNqxgPS3o1SOj0Say0kTrbGINv0pCblc4qGz9EKA3iFBtOR gDG6gjSktQShAbtpdqKU26+/SUFkw1E+2L1aOw/czeYDgT68TuKbnjRi+KIlOLg7 fevKKL2iUGQJh9EMFBMNONnc7B10k2GussAoNpBnszt5Cdme/pItV5/jdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBzPYx8cdQ5Wk6aA2PXMvhtsw+nJMB8GA1UdIwQY MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4 LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfkGHcGcd H5XGG25Lrkd6wUf+GSncUzoFDJafbu5n93G+BPEh4kodEB9/y9V8QqrCxqjzXGTI E5vyceVFU1vBHCa/tFU7fpYobKgCX/ngXUw1bOIq1hNIRH5HvQcJwpcsuZWFsNQ0 a5bHFAFUfn3RddENxdAuMIDTmcpwwaUa+ZdnVBdTYx3KHqfgO5MHh0aSvmzhr4wL BIEt2YFlz74kWrnGqzkh2+P1jVKrKC7Kf0HfmGww8iJy+cZjZgFyBISr/cUCh+0h +8WrbRKe1XptS/6/sEyPmcMaTV6SJppOWGyQNBAfRGVljBfuRjlOVIG86vE5b1dN heTExBEzZZzg7w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:09 2025 by rpki-client