This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft File: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json) Hash identifier: 0JrN+5ew40tFVYeMMcLtJqV8gKawxmFLn8YldZTt1sU= Subject key identifier: 6C:21:CE:D9:C3:2D:98:FB:70:E5:AB:EF:A9:89:F1:4E:E1:A6:1F:EE Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4 Certificate issuer: /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4 Certificate serial: 019AF12DD02928ED9442D23083DB024AE2C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft Manifest number: 0E53 Signing time: Sat 06 Dec 2025 01:01:42 +0000 Manifest this update: Sat 06 Dec 2025 01:01:42 +0000 Manifest next update: Sun 07 Dec 2025 01:01:42 +0000 Files and hashes: 1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: 0u3JYgvZVcwlt4H+vHir811HUlcd/bS8/fqWGS45smI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d0:29:28:ed:94:42:d2:30:83:db:02:4a:e2:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4 Validity Not Before: Dec 6 01:01:42 2025 GMT Not After : Dec 7 01:01:42 2025 GMT Subject: CN=6c21ced9c32d98fb70e5abefa989f14ee1a61fee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:01:55:11:7e:3e:51:68:40:d9:93:e1:34:ba: 92:d0:e1:da:8f:cb:a8:71:a5:46:79:d2:05:c1:1e: c7:ac:79:9d:ac:33:5f:a3:c2:09:8a:09:6d:96:44: ab:ec:b2:3c:84:b0:cc:3a:56:0a:4b:c4:1a:29:13: 0e:46:2a:a3:18:4a:18:5c:62:94:8a:b9:95:ae:56: 1f:b9:65:3d:52:da:9e:b2:2a:f4:af:9b:8a:a2:8c: 63:7d:70:8c:8a:bd:d9:dd:c5:e1:10:c3:4f:df:9e: 5a:29:0b:c4:ba:7a:b8:73:b9:72:8f:2b:ec:cf:14: ca:bb:82:ca:d8:b3:9c:fd:8b:a2:74:de:0a:84:b4: 95:13:16:e7:c1:86:5b:78:26:52:09:9e:5e:48:67: 7e:e9:ae:a0:2d:fa:fb:ec:de:d0:6a:6d:b0:bd:5d: 14:aa:05:4f:a3:6f:3a:a4:e5:7f:ee:69:22:63:76: a8:4c:f7:e1:c3:be:54:85:83:f2:5d:7f:31:f6:d1: 67:bf:a2:81:bb:4b:a5:17:45:02:2f:56:b1:03:0c: 1d:f9:76:bd:fd:c0:59:4a:33:c6:7b:66:9a:5b:8c: 40:26:06:aa:77:7f:04:25:6d:2e:67:55:f9:53:fe: da:f7:e4:c6:86:fe:63:b0:24:d3:f3:81:37:63:6c: 9e:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:21:CE:D9:C3:2D:98:FB:70:E5:AB:EF:A9:89:F1:4E:E1:A6:1F:EE X509v3 Authority Key Identifier: keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:cd:ec:10:e4:4a:0e:0b:6a:cc:13:c6:5f:48:d7:89:5b:e4: 77:db:52:a4:5c:37:8e:3a:2b:b4:3b:b1:e8:40:86:f5:bb:fe: b5:c3:9c:37:d1:40:73:f0:a0:8d:de:ac:f3:3b:e6:62:9c:f2: ce:67:82:bc:6c:7d:ce:bb:ee:40:47:f0:2d:e4:87:81:ed:b8: 04:c8:8a:08:f7:46:35:41:0c:44:f3:56:a6:c6:cb:6b:a1:dc: d9:6e:2f:65:dd:73:8f:b5:37:79:13:83:ac:15:97:9b:bf:b8: e9:bb:dd:83:fc:c1:cd:c9:4c:15:bf:36:44:33:e4:52:d9:a0: e7:f8:b2:c4:e8:d7:08:78:13:b3:bb:15:b9:2a:75:06:5b:57: bd:1e:6d:d0:b2:50:9a:9d:0b:f3:f1:fd:58:71:20:0e:e0:28: a6:35:c7:bf:00:9d:f6:97:15:81:ff:31:80:66:45:b6:f8:0a: 57:97:bc:eb:ad:36:33:1c:bc:b5:67:d7:2f:9c:43:e4:4d:ce: ec:f7:02:ca:fd:6a:95:98:0a:2d:b3:44:09:ae:76:69:0e:1d: 55:53:88:76:1c:12:2a:bc:b8:bc:a9:26:50:94:29:4c:d7:2e: 72:b6:3d:a3:dd:e7:a8:75:47:0f:88:b6:f0:69:94:59:4e:75: 24:a6:bd:87 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdApKO2UQtIwg9sCSuLEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0 MDNjZDQwHhcNMjUxMjA2MDEwMTQyWhcNMjUxMjA3MDEwMTQyWjAzMTEwLwYDVQQD Eyg2YzIxY2VkOWMzMmQ5OGZiNzBlNWFiZWZhOTg5ZjE0ZWUxYTYxZmVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gFVEX4+UWhA2ZPhNLqS0OHaj8uo caVGedIFwR7HrHmdrDNfo8IJigltlkSr7LI8hLDMOlYKS8QaKRMORiqjGEoYXGKU irmVrlYfuWU9Utqesir0r5uKooxjfXCMir3Z3cXhEMNP355aKQvEunq4c7lyjyvs zxTKu4LK2LOc/YuidN4KhLSVExbnwYZbeCZSCZ5eSGd+6a6gLfr77N7Qam2wvV0U qgVPo286pOV/7mkiY3aoTPfhw75UhYPyXX8x9tFnv6KBu0ulF0UCL1axAwwd+Xa9 /cBZSjPGe2aaW4xAJgaqd38EJW0uZ1X5U/7a9+TGhv5jsCTT84E3Y2yeswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGwhztnDLZj7cOWr76mJ8U7hph/uMB8GA1UdIwQY MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbs3sEORK DgtqzBPGX0jXiVvkd9tSpFw3jjortDux6ECG9bv+tcOcN9FAc/Cgjd6s8zvmYpzy zmeCvGx9zrvuQEfwLeSHge24BMiKCPdGNUEMRPNWpsbLa6Hc2W4vZd1zj7U3eROD rBWXm7+46bvdg/zBzclMFb82RDPkUtmg5/iyxOjXCHgTs7sVuSp1BltXvR5t0LJQ mp0L8/H9WHEgDuAopjXHvwCd9pcVgf8xgGZFtvgKV5e86602Mxy8tWfXL5xD5E3O 7PcCyv1qlZgKLbNECa52aQ4dVVOIdhwSKry4vKkmUJQpTNcucrY9o93nqHVHD4i2 8GmUWU51JKa9hw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:15:59 2025 by rpki-client