This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft File: 3XGhKciwiZWUIZnqbRsigmU1DQs.mft (raw, json) Hash identifier: 3Y4YVcVFtT5NOZz433kmFCWWeMBWECxt4OHCeGVgiBg= Subject key identifier: B7:A8:4D:77:5E:F1:A9:B4:F3:6B:87:67:E1:B3:E4:3B:B9:84:B7:EA Authority key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B Certificate issuer: /CN=dd71a129c8b08995942199ea6d1b228265350d0b Certificate serial: 019AF1D1B12920386C267BAFF425FEA2DB62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 04:00:42 +0000 Manifest this update: Sat 06 Dec 2025 04:00:42 +0000 Manifest next update: Sun 07 Dec 2025 04:00:42 +0000 Files and hashes: 1: 3XGhKciwiZWUIZnqbRsigmU1DQs.crl (hash: 4Zgz+6mZ8Hdxei9WWCTiGKLgrxn7eNlE6yxhsCwfhSg=) 2: OwG4_h94ip7CzANECDf39dfwNGk.roa (hash: XIXqYD1CZdADAiBPHja+pimegzmDxikS2efUTrBV4t8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:b1:29:20:38:6c:26:7b:af:f4:25:fe:a2:db:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd71a129c8b08995942199ea6d1b228265350d0b Validity Not Before: Dec 6 04:00:42 2025 GMT Not After : Dec 7 04:00:42 2025 GMT Subject: CN=b7a84d775ef1a9b4f36b8767e1b3e43bb984b7ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:d6:6f:a7:31:d6:20:e5:50:dd:60:de:6e:7e: 3e:26:61:c6:25:76:77:a4:0f:1e:b3:5e:43:81:04: 79:fb:8e:11:40:3d:4d:09:6a:86:9c:03:98:67:54: 73:fc:46:70:b5:f1:ba:de:b0:4e:cb:22:5c:36:f1: 48:1e:9d:4b:db:99:d5:a7:35:37:20:0c:86:74:58: c3:60:1d:84:44:5d:c9:e8:6d:da:49:b6:23:b7:3b: 36:9a:fb:c5:b1:2f:b8:15:9c:c1:4c:d7:2c:d6:ea: f4:94:da:ee:c5:fa:f9:72:71:9b:c8:69:f6:15:63: 63:6f:d5:2f:5a:13:6e:e6:19:c2:58:42:1d:4b:46: ed:3b:85:37:c4:d4:52:b6:7f:8b:fc:c5:4a:b1:4d: 5f:c8:df:70:d9:83:ea:15:7d:9e:7a:40:dd:07:0c: 67:51:ff:f0:b0:08:ea:1a:69:92:40:4c:c1:09:84: 62:1e:02:e5:92:b6:78:e2:e5:b4:8e:23:34:63:59: c7:3e:c0:fc:2c:d2:ff:d4:5d:44:74:4d:92:90:b7: 85:a8:79:62:30:2b:de:b8:75:36:5c:7a:5b:fc:82: 74:9a:2c:b0:6b:27:6c:e7:e8:34:62:99:c4:9e:fc: 19:2c:5c:96:3e:10:92:9a:de:fc:19:c8:11:9c:cb: c0:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:A8:4D:77:5E:F1:A9:B4:F3:6B:87:67:E1:B3:E4:3B:B9:84:B7:EA X509v3 Authority Key Identifier: keyid:DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:77:82:c3:3f:a6:86:b1:2b:86:2c:25:82:f0:dc:6e:db:75: 45:b1:df:e4:71:bb:06:2e:0c:f1:4d:12:e1:1f:fb:10:51:46: 9c:b9:af:0f:47:c9:db:1d:df:5b:58:09:e3:9e:49:9f:4d:a6: 7f:f2:11:15:83:55:2b:85:3f:d8:f4:e8:71:bf:97:67:23:46: 4b:91:ab:d7:8b:e5:83:7e:e5:cb:91:bd:ca:03:c9:76:7f:5b: fa:19:9c:d5:79:81:98:6f:3e:ca:75:c7:ae:36:16:cc:2e:d3: f8:60:9e:29:01:ad:d6:e4:e4:43:89:51:06:ff:5c:01:92:51: fd:24:a5:d5:3c:37:e4:d4:4f:9b:d5:c6:e8:a1:9c:e5:7b:3a: c0:12:6f:d7:78:0d:cd:a2:e9:f0:d3:7d:7e:8c:16:92:6d:d5: 7d:92:f9:1d:e7:f7:e9:e4:31:76:81:76:b5:65:64:10:5c:fa: 7b:d3:cd:44:fc:79:33:a0:e9:a4:ea:dd:04:3e:e3:0e:00:23: db:71:b8:34:40:b1:95:1f:a1:27:e9:69:48:2b:27:30:8b:43: b0:4d:3a:8b:64:94:4a:c5:2e:62:b4:41:36:15:85:18:6e:6d: 3d:28:6a:0d:da:36:2b:e8:8a:5d:1e:ee:1b:5b:6c:73:a7:b0: 5f:aa:75:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0bEpIDhsJnuv9CX+ottiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNzFhMTI5YzhiMDg5OTU5NDIxOTllYTZkMWIyMjgyNjUz NTBkMGIwHhcNMjUxMjA2MDQwMDQyWhcNMjUxMjA3MDQwMDQyWjAzMTEwLwYDVQQD EyhiN2E4NGQ3NzVlZjFhOWI0ZjM2Yjg3NjdlMWIzZTQzYmI5ODRiN2VhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdZvpzHWIOVQ3WDebn4+JmHGJXZ3 pA8es15DgQR5+44RQD1NCWqGnAOYZ1Rz/EZwtfG63rBOyyJcNvFIHp1L25nVpzU3 IAyGdFjDYB2ERF3J6G3aSbYjtzs2mvvFsS+4FZzBTNcs1ur0lNruxfr5cnGbyGn2 FWNjb9UvWhNu5hnCWEIdS0btO4U3xNRStn+L/MVKsU1fyN9w2YPqFX2eekDdBwxn Uf/wsAjqGmmSQEzBCYRiHgLlkrZ44uW0jiM0Y1nHPsD8LNL/1F1EdE2SkLeFqHli MCveuHU2XHpb/IJ0miywayds5+g0YpnEnvwZLFyWPhCSmt78GcgRnMvAowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLeoTXde8am082uHZ+Gz5Du5hLfqMB8GA1UdIwQY MBaAFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYt YzBkOGM4NjY4OTNmLzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9iNDk5YjYtMDFmNC00NDJjLWJlNzYtYzBkOGM4NjY4OTNm LzEvM1hHaEtjaXdpWldVSVpucWJSc2lnbVUxRFFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXeCwz+m hrErhiwlgvDcbtt1RbHf5HG7Bi4M8U0S4R/7EFFGnLmvD0fJ2x3fW1gJ455Jn02m f/IRFYNVK4U/2PTocb+XZyNGS5Gr14vlg37ly5G9ygPJdn9b+hmc1XmBmG8+ynXH rjYWzC7T+GCeKQGt1uTkQ4lRBv9cAZJR/SSl1Tw35NRPm9XG6KGc5Xs6wBJv13gN zaLp8NN9fowWkm3VfZL5Hef36eQxdoF2tWVkEFz6e9PNRPx5M6DppOrdBD7jDgAj 23G4NECxlR+hJ+lpSCsnMItDsE06i2SUSsUuYrRBNhWFGG5tPShqDdo2K+iKXR7u G1tsc6ewX6p1Pg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:44:51 2025 by rpki-client