This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft File: 3jCrARAqrvMOvUyJHAOAm6rQOeA.mft (raw, json) Hash identifier: Us6xoatTpOmXJZ+N3jEnqmmsak+NuX5SdWlB5u4sV18= Subject key identifier: E5:BD:C7:D5:2A:72:32:60:1D:B3:90:63:BC:B9:6A:8E:F2:10:1C:D8 Authority key identifier: DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0 Certificate issuer: /CN=de30ab01102aaef30ebd4c891c03809baad039e0 Certificate serial: 019AF65367E72428144F8E65BB6442FF2250 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft Manifest number: 0128 Signing time: Sun 07 Dec 2025 01:00:52 +0000 Manifest this update: Sun 07 Dec 2025 01:00:52 +0000 Manifest next update: Mon 08 Dec 2025 01:00:52 +0000 Files and hashes: 1: 3jCrARAqrvMOvUyJHAOAm6rQOeA.crl (hash: yunsOTw9ltTSqYYkIqFfIfHJhSQw4wCKPULPFIjp8a4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:53:67:e7:24:28:14:4f:8e:65:bb:64:42:ff:22:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de30ab01102aaef30ebd4c891c03809baad039e0 Validity Not Before: Dec 7 01:00:52 2025 GMT Not After : Dec 8 01:00:52 2025 GMT Subject: CN=e5bdc7d52a7232601db39063bcb96a8ef2101cd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:c7:43:08:44:cf:09:c2:d4:d8:05:b5:f2:60: 2c:4d:0a:39:f9:77:b4:17:f1:ca:d8:c4:a9:df:ed: 61:3c:51:62:2a:80:b7:ed:36:7b:95:71:96:d2:e5: d1:b4:19:f5:91:19:f4:38:94:52:4b:33:43:8b:8f: 1c:13:da:1e:7a:52:f5:3b:41:5c:89:13:b6:cc:6b: ac:8a:ce:9a:4b:28:f2:b6:5d:2d:13:33:a7:dd:09: 46:8e:97:4f:04:7a:4e:1a:6b:e5:09:35:52:91:a2: 9e:7e:20:8b:01:55:4a:1a:ea:37:b3:14:80:8e:3a: 9d:ab:09:fd:d9:05:fe:d3:77:c5:3e:e8:6d:92:41: 7f:8c:80:32:97:83:12:d6:06:fc:52:a7:f3:93:72: f5:d1:1d:84:d0:fd:b3:73:f9:67:f2:62:47:6b:fc: 14:10:9a:9c:44:fc:cd:08:1a:25:53:bd:c7:34:31: 9e:d0:06:cb:ac:6b:79:21:7d:66:98:e9:ef:33:d8: 25:e6:07:6c:d6:31:f5:44:93:94:0c:c8:1e:48:3a: 22:63:79:13:c0:a7:cf:01:a0:f0:d5:ae:74:15:ad: 1d:f0:67:4c:44:11:f6:e8:3d:3c:48:a2:d2:9c:50: 72:60:68:3d:f0:0f:ef:df:b0:4a:43:71:97:8a:31: 79:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:BD:C7:D5:2A:72:32:60:1D:B3:90:63:BC:B9:6A:8E:F2:10:1C:D8 X509v3 Authority Key Identifier: keyid:DE:30:AB:01:10:2A:AE:F3:0E:BD:4C:89:1C:03:80:9B:AA:D0:39:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jCrARAqrvMOvUyJHAOAm6rQOeA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/553de1-0ee5-4b25-a520-d42768c84df7/1/3jCrARAqrvMOvUyJHAOAm6rQOeA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:2f:9c:87:a5:f3:c5:11:58:ff:e9:3b:d3:6b:6c:04:73:63: 4c:0e:39:73:1a:de:36:28:10:be:b3:87:46:6f:c3:5e:59:73: cd:b9:9c:10:ea:63:2d:25:07:e1:7c:37:19:e7:12:a8:f6:eb: c8:2b:a9:5e:c5:48:cb:02:50:f1:a5:43:d7:e4:06:a4:d4:e3: 2e:66:b3:b6:3d:ca:81:a4:ec:3a:30:31:d4:eb:84:3b:ed:62: 38:1e:da:30:80:0d:2f:15:93:bf:9b:8d:82:e0:82:96:11:82: 93:25:e0:54:38:e7:08:eb:bf:6a:63:99:69:74:72:7b:07:d5: f7:1c:f8:a5:3e:c7:f9:c9:db:aa:93:0c:31:0a:b5:69:1f:ef: 23:fa:3a:46:8b:95:7a:25:95:55:7e:6b:df:a8:6a:6b:ae:4f: 6b:a7:2d:75:75:d4:da:15:6e:dc:ad:39:10:aa:52:f3:5a:0b: 84:90:5e:16:9b:bd:28:6b:ce:0d:3f:74:fa:f4:2d:54:5a:71: f3:cc:47:43:c6:30:dd:5d:1c:df:86:36:b2:ff:d6:f3:74:de: f5:28:fb:c0:32:58:80:c2:2a:f5:c2:7e:91:06:fa:36:c7:ad: aa:11:ec:4d:38:f8:02:0f:e5:9b:d0:6e:b7:ac:6c:c1:62:5e: 89:fb:a5:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2U2fnJCgUT45lu2RC/yJQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMzBhYjAxMTAyYWFlZjMwZWJkNGM4OTFjMDM4MDliYWFk MDM5ZTAwHhcNMjUxMjA3MDEwMDUyWhcNMjUxMjA4MDEwMDUyWjAzMTEwLwYDVQQD EyhlNWJkYzdkNTJhNzIzMjYwMWRiMzkwNjNiY2I5NmE4ZWYyMTAxY2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MdDCETPCcLU2AW18mAsTQo5+Xe0 F/HK2MSp3+1hPFFiKoC37TZ7lXGW0uXRtBn1kRn0OJRSSzNDi48cE9oeelL1O0Fc iRO2zGusis6aSyjytl0tEzOn3QlGjpdPBHpOGmvlCTVSkaKefiCLAVVKGuo3sxSA jjqdqwn92QX+03fFPuhtkkF/jIAyl4MS1gb8Uqfzk3L10R2E0P2zc/ln8mJHa/wU EJqcRPzNCBolU73HNDGe0AbLrGt5IX1mmOnvM9gl5gds1jH1RJOUDMgeSDoiY3kT wKfPAaDw1a50Fa0d8GdMRBH26D08SKLSnFByYGg98A/v37BKQ3GXijF5KwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOW9x9UqcjJgHbOQY7y5ao7yEBzYMB8GA1UdIwQY MBaAFN4wqwEQKq7zDr1MiRwDgJuq0DngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAt ZDQyNzY4Yzg0ZGY3LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS81NTNkZTEtMGVlNS00YjI1LWE1MjAtZDQyNzY4Yzg0ZGY3 LzEvM2pDckFSQXFydk1PdlV5SkhBT0FtNnJRT2VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASi+ch6Xz xRFY/+k702tsBHNjTA45cxreNigQvrOHRm/DXllzzbmcEOpjLSUH4Xw3GecSqPbr yCupXsVIywJQ8aVD1+QGpNTjLmaztj3KgaTsOjAx1OuEO+1iOB7aMIANLxWTv5uN guCClhGCkyXgVDjnCOu/amOZaXRyewfV9xz4pT7H+cnbqpMMMQq1aR/vI/o6RouV eiWVVX5r36hqa65Pa6ctdXXU2hVu3K05EKpS81oLhJBeFpu9KGvODT90+vQtVFpx 88xHQ8Yw3V0c34Y2sv/W83Te9Sj7wDJYgMIq9cJ+kQb6NsetqhHsTTj4Ag/lm9Bu t6xswWJeifulAg== -----END CERTIFICATE-----Generated at Sun Dec 7 06:59:41 2025 by rpki-client