This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f419eb-2331-4bc7-8f1b-2689c85878ad/1/3_XMSEiUO0_onSznH9weT_fX8-M.mft File: 3_XMSEiUO0_onSznH9weT_fX8-M.mft (raw, json) Hash identifier: CNr0xiQ5/tgc6DqUvnakTJZg//d6p2pleRrPeT98WMQ= Subject key identifier: 68:E8:9B:5C:3D:1F:FB:04:3F:FA:8C:E2:93:E4:B6:4A:CE:DC:D6:E9 Authority key identifier: DF:F5:CC:48:48:94:3B:4F:E8:9D:2C:E7:1F:DC:1E:4F:F7:D7:F3:E3 Certificate issuer: /CN=dff5cc4848943b4fe89d2ce71fdc1e4ff7d7f3e3 Certificate serial: 019AF352415FD35F91DB97C9572D9B7DC903 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_XMSEiUO0_onSznH9weT_fX8-M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f419eb-2331-4bc7-8f1b-2689c85878ad/1/3_XMSEiUO0_onSznH9weT_fX8-M.mft Manifest number: 173E Signing time: Sat 06 Dec 2025 11:00:45 +0000 Manifest this update: Sat 06 Dec 2025 11:00:45 +0000 Manifest next update: Sun 07 Dec 2025 11:00:45 +0000 Files and hashes: 1: 3_XMSEiUO0_onSznH9weT_fX8-M.crl (hash: TEkiW6dbEW+FesZpi8x9hPJKChTr0SbeJow2Lqp2+u0=) 2: EsL5vRvD6Hsz2Ac1BO5dG0iZtiE.roa (hash: 6YJicTgp9qVMpWAlIAbPHHma7brtZhgeBhN6tMg/gfQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f419eb-2331-4bc7-8f1b-2689c85878ad/1/3_XMSEiUO0_onSznH9weT_fX8-M.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/f419eb-2331-4bc7-8f1b-2689c85878ad/1/3_XMSEiUO0_onSznH9weT_fX8-M.mft rsync://rpki.ripe.net/repository/DEFAULT/3_XMSEiUO0_onSznH9weT_fX8-M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:41:5f:d3:5f:91:db:97:c9:57:2d:9b:7d:c9:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dff5cc4848943b4fe89d2ce71fdc1e4ff7d7f3e3 Validity Not Before: Dec 6 11:00:45 2025 GMT Not After : Dec 7 11:00:45 2025 GMT Subject: CN=68e89b5c3d1ffb043ffa8ce293e4b64acedcd6e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ab:3e:a3:ac:03:c7:9f:de:f3:b6:86:b2:d3: 80:89:9a:f3:ef:cc:5e:06:88:37:02:97:4f:7f:6f: 2b:52:0c:80:f5:4e:31:63:d1:07:31:2f:ac:4e:25: a3:c6:e1:6c:e4:80:a4:89:bf:77:56:65:d5:7c:34: 13:20:31:14:11:ed:3b:13:b2:b6:e3:5e:a9:25:31: c0:5f:65:7e:1e:53:0c:57:09:98:64:94:ff:5d:9b: 2a:bf:7d:82:4a:10:f1:1e:ed:23:87:ed:bc:69:90: cf:44:3e:02:31:df:f9:ec:9a:21:26:73:fc:1b:ed: 78:68:f8:6c:fe:3d:df:e9:cb:e2:f9:d5:53:fd:a4: ed:b2:42:79:16:c6:82:43:16:f2:42:1e:79:7f:68: 39:44:08:f6:8d:cf:f7:3e:ca:24:71:f9:82:e8:3f: c5:11:72:62:ea:52:fb:b0:66:fe:3b:a9:65:e2:6d: 9e:4d:13:0c:4f:4a:63:c8:af:c2:e1:2b:fa:b8:8c: b3:6b:f6:fe:ce:27:8e:78:72:47:07:ff:99:2a:cb: f6:41:69:62:d9:f4:cd:37:59:59:6a:be:ab:e7:c3: 06:89:8c:42:50:f0:02:da:6d:e4:fb:21:42:62:92: 51:bd:65:de:38:69:75:8b:48:9b:34:2d:b9:12:eb: fa:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:E8:9B:5C:3D:1F:FB:04:3F:FA:8C:E2:93:E4:B6:4A:CE:DC:D6:E9 X509v3 Authority Key Identifier: keyid:DF:F5:CC:48:48:94:3B:4F:E8:9D:2C:E7:1F:DC:1E:4F:F7:D7:F3:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_XMSEiUO0_onSznH9weT_fX8-M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f419eb-2331-4bc7-8f1b-2689c85878ad/1/3_XMSEiUO0_onSznH9weT_fX8-M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f419eb-2331-4bc7-8f1b-2689c85878ad/1/3_XMSEiUO0_onSznH9weT_fX8-M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:26:d9:66:e1:a4:8f:d7:3a:b6:18:00:db:c4:73:b5:37:b3: 09:04:9e:dd:f9:58:d7:50:db:d3:cd:c0:a1:72:16:fe:41:43: 9d:05:2c:6d:c2:62:5a:66:df:13:be:43:a8:62:8d:05:60:85: 31:7c:62:ae:6e:43:f7:17:1d:bc:44:a1:d1:9f:0c:00:73:0c: 3f:cc:0a:3c:fe:e3:58:14:3f:dc:23:48:ff:a2:be:24:da:7f: aa:a5:a9:7e:46:da:16:87:5a:4f:58:09:63:0b:9e:43:19:9b: 3a:9a:56:8d:76:e7:67:8a:55:4d:35:b1:48:b4:e8:5d:b1:e3: da:d9:44:89:de:9e:c5:9b:e9:ea:a3:aa:25:ec:01:d3:f2:68: 87:56:9c:47:5f:99:26:c8:30:6a:7f:fa:18:0d:40:5e:77:19: 9c:a8:20:2e:f0:1d:86:c8:8a:a7:ac:94:5b:a8:f4:80:53:7a: 1e:a0:cf:9f:63:e1:53:ec:6f:7d:e3:f4:0f:a4:6f:9a:c8:1a: 3c:b2:59:d3:9d:03:6c:28:5f:e4:9b:2e:36:4c:9f:31:61:24: f6:de:f3:57:b7:cc:85:93:e8:d2:ed:d6:ec:87:3f:ad:1e:d6: 8d:b8:fc:d4:b1:d8:d4:93:36:85:f0:72:97:0c:20:2c:e3:72: 01:d4:1d:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUkFf01+R25fJVy2bfckDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZjVjYzQ4NDg5NDNiNGZlODlkMmNlNzFmZGMxZTRmZjdk N2YzZTMwHhcNMjUxMjA2MTEwMDQ1WhcNMjUxMjA3MTEwMDQ1WjAzMTEwLwYDVQQD Eyg2OGU4OWI1YzNkMWZmYjA0M2ZmYThjZTI5M2U0YjY0YWNlZGNkNmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qs+o6wDx5/e87aGstOAiZrz78xe Bog3ApdPf28rUgyA9U4xY9EHMS+sTiWjxuFs5ICkib93VmXVfDQTIDEUEe07E7K2 416pJTHAX2V+HlMMVwmYZJT/XZsqv32CShDxHu0jh+28aZDPRD4CMd/57JohJnP8 G+14aPhs/j3f6cvi+dVT/aTtskJ5FsaCQxbyQh55f2g5RAj2jc/3PsokcfmC6D/F EXJi6lL7sGb+O6ll4m2eTRMMT0pjyK/C4Sv6uIyza/b+zieOeHJHB/+ZKsv2QWli 2fTNN1lZar6r58MGiYxCUPAC2m3k+yFCYpJRvWXeOGl1i0ibNC25Euv6xQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGjom1w9H/sEP/qM4pPktkrO3NbpMB8GA1UdIwQY MBaAFN/1zEhIlDtP6J0s5x/cHk/31/PjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM19YTVNFaVVPMF9vblN6bkg5d2VUX2ZYOC1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNDE5ZWItMjMzMS00YmM3LThmMWIt MjY4OWM4NTg3OGFkLzEvM19YTVNFaVVPMF9vblN6bkg5d2VUX2ZYOC1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC9mNDE5ZWItMjMzMS00YmM3LThmMWItMjY4OWM4NTg3OGFk LzEvM19YTVNFaVVPMF9vblN6bkg5d2VUX2ZYOC1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJybZZuGk j9c6thgA28RztTezCQSe3flY11Db083AoXIW/kFDnQUsbcJiWmbfE75DqGKNBWCF MXxirm5D9xcdvESh0Z8MAHMMP8wKPP7jWBQ/3CNI/6K+JNp/qqWpfkbaFodaT1gJ YwueQxmbOppWjXbnZ4pVTTWxSLToXbHj2tlEid6exZvp6qOqJewB0/Joh1acR1+Z Jsgwan/6GA1AXncZnKggLvAdhsiKp6yUW6j0gFN6HqDPn2PhU+xvfeP0D6Rvmsga PLJZ050DbChf5JsuNkyfMWEk9t7zV7fMhZPo0u3W7Ic/rR7Wjbj81LHY1JM2hfBy lwwgLONyAdQdLA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:27:26 2025 by rpki-client