This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft File: _sQT3TZn54GV5SaKooWupRa8sZk.mft (raw, json) Hash identifier: Qjl4u9Y8U++RjhJW5uktmBkzG4tlQgnVr2yvPv7fgso= Subject key identifier: E2:89:99:9C:DA:DC:72:DA:2E:93:64:5E:D9:45:BE:FF:C5:57:AA:25 Authority key identifier: FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99 Certificate issuer: /CN=fec413dd3667e78195e5268aa285aea516bcb199 Certificate serial: 019AF276658FE5899AFBD8D62360167443DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft Manifest number: 148B Signing time: Sat 06 Dec 2025 07:00:36 +0000 Manifest this update: Sat 06 Dec 2025 07:00:36 +0000 Manifest next update: Sun 07 Dec 2025 07:00:36 +0000 Files and hashes: 1: _sQT3TZn54GV5SaKooWupRa8sZk.crl (hash: EOzJJJiVLjpv/1Kva+6TzMHpe9D/1Orf038CgFfPadY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:65:8f:e5:89:9a:fb:d8:d6:23:60:16:74:43:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fec413dd3667e78195e5268aa285aea516bcb199 Validity Not Before: Dec 6 07:00:36 2025 GMT Not After : Dec 7 07:00:36 2025 GMT Subject: CN=e289999cdadc72da2e93645ed945beffc557aa25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:63:06:7a:a0:4f:25:30:fb:ce:fd:07:20:d3: 3d:e7:d7:e7:2b:65:c5:4e:66:6a:28:2d:b3:72:6e: d6:ea:5b:d7:1a:77:ed:9d:7a:b8:c8:32:27:04:3e: 5a:d5:77:dd:f7:9e:c6:d1:19:31:c9:05:b1:49:7a: d8:e6:fd:ac:02:22:e1:c4:e2:d7:a1:15:cd:ce:51: ea:d0:c9:73:e6:02:74:9b:d8:79:7d:70:d9:69:de: 93:d3:b7:b4:52:54:fe:9c:ca:f3:00:f8:19:9d:f4: e6:6b:d5:ba:45:32:2d:e4:0c:83:d1:0f:83:45:0a: be:60:b5:3b:e6:d2:d7:a8:95:67:f4:c3:57:d0:c1: cd:23:cd:a2:c7:c1:0b:93:c0:8d:fb:b7:30:7c:93: df:f0:6d:e4:56:a2:e4:0e:36:7e:95:bc:7b:27:36: 75:3d:0d:e7:1a:d6:dc:cb:2a:d0:f8:1f:74:fa:63: aa:a5:9c:f3:7b:5b:e1:f7:01:34:49:5f:99:42:a6: 6a:b3:bf:b2:14:14:5f:7a:36:35:06:99:03:5a:60: 34:2d:c5:9b:02:1c:77:9e:18:ed:01:9a:7a:ab:9c: 19:ed:a6:b2:86:4c:3e:ad:b6:c2:f6:2e:8a:8c:f1: fe:cd:3f:84:55:e3:76:27:39:b9:04:d1:45:10:11: 70:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:89:99:9C:DA:DC:72:DA:2E:93:64:5E:D9:45:BE:FF:C5:57:AA:25 X509v3 Authority Key Identifier: keyid:FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:55:7b:57:96:60:f8:71:57:8f:19:bb:e8:90:fe:4b:57:a0: 38:de:f1:cf:cc:a5:d9:7a:a4:b0:28:c7:e0:2d:3f:11:fc:e6: a6:e5:71:e3:0d:85:fa:0b:0e:99:6c:ce:c7:ca:ab:98:71:e3: b7:3d:bb:d6:5f:a4:c4:7a:fd:51:d6:97:bb:61:1d:a9:c3:22: 20:b3:30:e7:36:73:b2:a9:af:69:05:65:6f:43:2f:a7:43:5f: 6d:49:3d:f8:0c:ab:f7:28:76:b0:57:c8:79:18:d8:17:34:61: b8:6b:b9:e9:1b:a1:80:5c:31:c0:2e:b0:88:cf:d6:3e:13:db: 84:79:af:63:e0:e9:3e:62:dd:78:c3:0b:35:53:ae:a7:f7:f2: 43:93:6a:00:90:58:32:48:94:f6:b7:30:58:d2:a2:c2:49:56: 3b:fb:38:35:06:17:12:47:32:27:84:61:c9:8f:ec:c5:1b:51: ff:83:a1:5a:3d:31:ce:bf:68:24:8a:a3:c7:e4:99:b3:f1:76: 20:6f:13:9c:c5:f8:5a:80:2d:0b:1d:93:37:6b:cb:85:b5:ee: 62:06:b5:4a:9b:51:92:11:db:19:82:3f:a5:a4:ea:56:7e:8b: e3:2c:56:cc:bb:5a:24:6a:0e:94:e2:89:a1:d4:5c:84:cf:8f: c3:ac:d6:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydmWP5Yma+9jWI2AWdEPaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlYzQxM2RkMzY2N2U3ODE5NWU1MjY4YWEyODVhZWE1MTZi Y2IxOTkwHhcNMjUxMjA2MDcwMDM2WhcNMjUxMjA3MDcwMDM2WjAzMTEwLwYDVQQD EyhlMjg5OTk5Y2RhZGM3MmRhMmU5MzY0NWVkOTQ1YmVmZmM1NTdhYTI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGMGeqBPJTD7zv0HINM959fnK2XF TmZqKC2zcm7W6lvXGnftnXq4yDInBD5a1Xfd957G0RkxyQWxSXrY5v2sAiLhxOLX oRXNzlHq0Mlz5gJ0m9h5fXDZad6T07e0UlT+nMrzAPgZnfTma9W6RTIt5AyD0Q+D RQq+YLU75tLXqJVn9MNX0MHNI82ix8ELk8CN+7cwfJPf8G3kVqLkDjZ+lbx7JzZ1 PQ3nGtbcyyrQ+B90+mOqpZzze1vh9wE0SV+ZQqZqs7+yFBRfejY1BpkDWmA0LcWb Ahx3nhjtAZp6q5wZ7aayhkw+rbbC9i6KjPH+zT+EVeN2Jzm5BNFFEBFw0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOKJmZza3HLaLpNkXtlFvv/FV6olMB8GA1UdIwQY MBaAFP7EE902Z+eBleUmiqKFrqUWvLGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUt M2ZkMTRiOTM2ZWI0LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUtM2ZkMTRiOTM2ZWI0 LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAplV7V5Zg +HFXjxm76JD+S1egON7xz8yl2XqksCjH4C0/EfzmpuVx4w2F+gsOmWzOx8qrmHHj tz271l+kxHr9UdaXu2EdqcMiILMw5zZzsqmvaQVlb0Mvp0NfbUk9+Ayr9yh2sFfI eRjYFzRhuGu56RuhgFwxwC6wiM/WPhPbhHmvY+DpPmLdeMMLNVOup/fyQ5NqAJBY MkiU9rcwWNKiwklWO/s4NQYXEkcyJ4RhyY/sxRtR/4OhWj0xzr9oJIqjx+SZs/F2 IG8TnMX4WoAtCx2TN2vLhbXuYga1SptRkhHbGYI/paTqVn6L4yxWzLtaJGoOlOKJ odRchM+Pw6zWJw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:03:25 2025 by rpki-client