This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft File: 3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json) Hash identifier: GQrvR/rIY0O2AWcy8pw7vltqKhITgWM5VWqFFh6FNDk= Subject key identifier: A2:E8:E2:4D:9B:F5:E2:7C:FF:93:5B:0E:38:BF:17:4C:65:A1:3D:1E Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27 Certificate issuer: /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627 Certificate serial: 019AF465B54F2C371587CC8012E0477893FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft Manifest number: 0EFB Signing time: Sat 06 Dec 2025 16:01:37 +0000 Manifest this update: Sat 06 Dec 2025 16:01:37 +0000 Manifest next update: Sun 07 Dec 2025 16:01:37 +0000 Files and hashes: 1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: kqqP6ZTtgQoMe+O/SdxMPPrzr/7aYWR36O1aiLwQB88=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:b5:4f:2c:37:15:87:cc:80:12:e0:47:78:93:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627 Validity Not Before: Dec 6 16:01:37 2025 GMT Not After : Dec 7 16:01:37 2025 GMT Subject: CN=a2e8e24d9bf5e27cff935b0e38bf174c65a13d1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5b:32:cb:04:9b:7f:1c:34:4b:b6:1a:84:6c: a2:d0:2e:32:79:9b:56:6e:67:07:85:57:60:01:ef: 6d:fa:10:7b:17:d4:f0:f6:3d:a5:4d:7a:a7:0e:a3: 3b:42:55:c0:c0:a7:00:9b:db:08:ff:32:fd:db:1f: cb:c8:20:f0:c1:66:c4:06:3e:3d:d9:f1:1b:09:39: e2:5a:c2:81:69:53:14:48:d8:eb:df:24:58:d9:8b: f8:73:a0:e3:58:e2:4c:d2:42:e1:f9:b1:97:35:93: 58:7e:17:95:82:ba:a2:d7:53:ac:eb:58:69:1e:13: c0:78:3d:a9:68:49:e0:a5:e9:ab:65:a4:ac:bc:30: c2:2e:3a:13:43:19:1a:bf:ee:d2:41:e5:02:35:ed: 77:af:f3:58:bb:d4:ab:40:7c:ad:54:ad:71:8c:46: 26:29:0d:e0:a2:7b:15:f1:67:77:e5:39:30:db:ba: 14:1b:f1:a1:ee:b6:07:63:55:35:e1:aa:65:ed:b2: 5f:e3:69:39:8c:3d:bf:32:f9:6d:9a:0a:65:a8:24: 22:54:03:9d:5c:35:66:cf:5d:25:de:33:b8:1a:2f: 57:a7:90:e0:c2:3a:91:ed:e8:1a:78:da:ab:f9:26: 3f:fb:a9:c9:ca:83:64:d4:9c:97:ca:fd:a3:0f:d7: 87:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:E8:E2:4D:9B:F5:E2:7C:FF:93:5B:0E:38:BF:17:4C:65:A1:3D:1E X509v3 Authority Key Identifier: keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:a0:b2:91:00:27:8d:28:b1:69:42:6a:2d:94:1e:8c:e6:cd: 7b:01:9a:77:fb:29:ec:24:1f:72:df:44:4c:11:45:08:84:5c: 48:97:88:17:bc:ff:cc:07:2d:e3:3e:65:47:e8:da:fd:a3:da: 5e:00:ce:f0:d1:64:6d:70:55:24:b1:c8:cc:7f:3d:b7:19:3b: b8:93:13:e8:6d:5f:be:f6:96:10:d8:57:97:9e:ea:d0:41:0c: d7:69:a4:92:1a:68:02:15:90:20:fd:5a:25:62:36:c7:38:fe: 1d:44:17:2c:cc:dc:9b:a4:dd:f4:4c:ee:7e:2d:04:ac:c5:67: f5:ba:2a:c5:eb:31:21:01:56:d7:b7:64:cb:a5:bd:fd:86:6e: e8:ce:66:4e:b9:bf:8f:c7:d8:49:99:e0:bf:4f:72:03:07:19: c9:ef:8f:1c:2a:15:75:fd:47:26:83:db:34:eb:ad:5f:88:25: 26:5b:cc:2a:3d:fb:6d:47:37:6f:52:52:e6:e0:76:c4:7f:17: f9:9d:5a:c8:8c:fc:86:35:7f:ba:8e:53:14:41:23:ad:23:25: cb:7a:ca:e0:1a:7b:0b:58:46:dc:47:fe:d9:63:0d:a6:0b:dd: bb:1c:8e:e9:7c:93:ca:bb:fd:94:a3:c5:29:13:28:77:e9:1e: 75:75:e6:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZbVPLDcVh8yAEuBHeJP8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3 MzE2MjcwHhcNMjUxMjA2MTYwMTM3WhcNMjUxMjA3MTYwMTM3WjAzMTEwLwYDVQQD EyhhMmU4ZTI0ZDliZjVlMjdjZmY5MzViMGUzOGJmMTc0YzY1YTEzZDFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1syywSbfxw0S7YahGyi0C4yeZtW bmcHhVdgAe9t+hB7F9Tw9j2lTXqnDqM7QlXAwKcAm9sI/zL92x/LyCDwwWbEBj49 2fEbCTniWsKBaVMUSNjr3yRY2Yv4c6DjWOJM0kLh+bGXNZNYfheVgrqi11Os61hp HhPAeD2paEngpemrZaSsvDDCLjoTQxkav+7SQeUCNe13r/NYu9SrQHytVK1xjEYm KQ3gonsV8Wd35Tkw27oUG/Gh7rYHY1U14apl7bJf42k5jD2/MvltmgplqCQiVAOd XDVmz10l3jO4Gi9Xp5DgwjqR7egaeNqr+SY/+6nJyoNk1JyXyv2jD9eHnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKLo4k2b9eJ8/5NbDji/F0xloT0eMB8GA1UdIwQY MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArqCykQAn jSixaUJqLZQejObNewGad/sp7CQfct9ETBFFCIRcSJeIF7z/zAct4z5lR+ja/aPa XgDO8NFkbXBVJLHIzH89txk7uJMT6G1fvvaWENhXl57q0EEM12mkkhpoAhWQIP1a JWI2xzj+HUQXLMzcm6Td9Ezufi0ErMVn9boqxesxIQFW17dky6W9/YZu6M5mTrm/ j8fYSZngv09yAwcZye+PHCoVdf1HJoPbNOutX4glJlvMKj37bUc3b1JS5uB2xH8X +Z1ayIz8hjV/uo5TFEEjrSMly3rK4Bp7C1hG3Ef+2WMNpgvduxyO6XyTyrv9lKPF KRMod+kedXXmaQ== -----END CERTIFICATE-----Generated at Sat Dec 6 20:42:07 2025 by rpki-client