This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft File: 3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json) Hash identifier: woT+6vkcFNE9l9jtLmP+lBquqw4GzrUeSLZpN+BUSfc= Subject key identifier: CD:06:77:C6:50:66:36:C6:38:5A:CD:31:73:69:8A:CB:04:43:D5:44 Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86 Certificate issuer: /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586 Certificate serial: 019B2E1DA603238FEB66C8EA5B3256D4AE81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft Manifest number: 02E7 Signing time: Wed 17 Dec 2025 21:00:53 +0000 Manifest this update: Wed 17 Dec 2025 21:00:53 +0000 Manifest next update: Thu 18 Dec 2025 21:00:53 +0000 Files and hashes: 1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: FEjd+saZvLLUMDHtD7EYNxwZfqMpEZHKuUPmcFn4kc8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:1d:a6:03:23:8f:eb:66:c8:ea:5b:32:56:d4:ae:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586 Validity Not Before: Dec 17 21:00:53 2025 GMT Not After : Dec 18 21:00:53 2025 GMT Subject: CN=cd0677c6506636c6385acd3173698acb0443d544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:63:b1:77:96:de:64:de:55:6a:70:9c:4d:46: 66:b5:53:bd:ab:2c:39:f9:5f:43:17:aa:83:78:cd: 11:1b:09:45:df:88:15:8c:c0:20:8e:c6:cd:ae:9b: a7:59:45:54:5a:8a:a1:00:f2:9c:76:81:4a:68:39: 46:84:67:7b:68:de:0a:04:55:5c:8f:e3:fe:38:25: e2:52:37:9b:5b:d7:25:b6:1a:93:42:9e:09:68:b8: e3:21:91:e8:53:a8:c9:d7:03:bc:c3:01:59:dd:7e: a6:3a:dc:d2:23:57:ae:3e:92:66:7d:ba:c4:a2:5b: a1:50:e2:84:af:9b:64:71:84:e2:65:43:b0:96:7f: cc:4e:d1:83:63:8a:7c:2e:23:e9:e5:e5:6c:d1:37: c2:1c:a6:f2:ab:43:8e:6f:38:54:bd:7a:04:f8:b0: 8b:72:16:96:dd:de:0e:25:fe:3d:95:18:9f:03:e8: 1b:36:ac:e3:3c:6b:72:77:1c:90:e2:26:1f:12:4b: 72:0c:86:ea:0b:c9:46:dc:ec:90:3a:78:ee:a0:ff: e4:58:e6:b8:08:01:df:b5:8c:a9:71:3f:f9:c1:26: b4:49:ae:10:93:66:17:d6:e5:4c:6c:17:df:56:eb: 2f:c8:43:ff:a2:63:55:b6:b0:94:fe:5e:70:71:bd: 36:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:06:77:C6:50:66:36:C6:38:5A:CD:31:73:69:8A:CB:04:43:D5:44 X509v3 Authority Key Identifier: keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:cc:a8:85:ae:0d:66:f2:af:34:a6:d2:37:da:30:79:54:9e: 50:fe:52:5e:ea:4c:1b:b0:0d:ec:13:7b:39:fa:70:cb:82:4c: ae:f4:78:dd:e9:bc:8c:69:bf:f8:e8:00:09:a3:9c:a0:77:e7: b6:46:4d:19:6c:37:66:8d:c7:6f:a8:70:a5:62:5e:23:02:48: 49:db:c9:66:32:13:f9:5e:c2:74:19:25:33:8f:10:9c:c6:1f: 6e:bb:a8:d3:9f:f3:35:6c:67:12:cf:86:cb:c4:9e:8e:d5:2c: ee:b7:0a:df:01:02:19:a8:14:51:8d:3f:b5:69:11:78:09:f2: 59:50:01:7a:01:42:fd:99:61:01:08:4a:be:00:45:2b:c0:99: 8f:2e:f0:f9:60:55:60:d5:ff:59:8f:dc:17:52:c7:5d:45:5c: 01:88:14:f4:bb:df:9b:28:20:25:b2:11:74:27:ed:cb:ac:24: 21:ea:93:ce:b4:22:7e:a7:e3:7f:56:87:9a:85:4f:22:00:4b: 31:a4:59:e0:08:8b:26:78:0a:e9:cf:b7:2d:45:f3:d2:df:c2: d2:a4:fe:a3:ad:c4:d2:3b:d4:b9:43:95:26:00:2a:f6:a5:56: f4:d4:41:d5:3b:30:b3:1d:0d:6a:f5:7c:45:81:b6:66:79:8e: 37:66:01:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsuHaYDI4/rZsjqWzJW1K6BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2 MDU1ODYwHhcNMjUxMjE3MjEwMDUzWhcNMjUxMjE4MjEwMDUzWjAzMTEwLwYDVQQD EyhjZDA2NzdjNjUwNjYzNmM2Mzg1YWNkMzE3MzY5OGFjYjA0NDNkNTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGOxd5beZN5VanCcTUZmtVO9qyw5 +V9DF6qDeM0RGwlF34gVjMAgjsbNrpunWUVUWoqhAPKcdoFKaDlGhGd7aN4KBFVc j+P+OCXiUjebW9clthqTQp4JaLjjIZHoU6jJ1wO8wwFZ3X6mOtzSI1euPpJmfbrE oluhUOKEr5tkcYTiZUOwln/MTtGDY4p8LiPp5eVs0TfCHKbyq0OObzhUvXoE+LCL chaW3d4OJf49lRifA+gbNqzjPGtydxyQ4iYfEktyDIbqC8lG3OyQOnjuoP/kWOa4 CAHftYypcT/5wSa0Sa4Qk2YX1uVMbBffVusvyEP/omNVtrCU/l5wcb02WwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM0Gd8ZQZjbGOFrNMXNpissEQ9VEMB8GA1UdIwQY MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmMyoha4N ZvKvNKbSN9oweVSeUP5SXupMG7AN7BN7Ofpwy4JMrvR43em8jGm/+OgACaOcoHfn tkZNGWw3Zo3Hb6hwpWJeIwJISdvJZjIT+V7CdBklM48QnMYfbruo05/zNWxnEs+G y8SejtUs7rcK3wECGagUUY0/tWkReAnyWVABegFC/ZlhAQhKvgBFK8CZjy7w+WBV YNX/WY/cF1LHXUVcAYgU9LvfmyggJbIRdCfty6wkIeqTzrQifqfjf1aHmoVPIgBL MaRZ4AiLJngK6c+3LUXz0t/C0qT+o63E0jvUuUOVJgAq9qVW9NRB1Tswsx0NavV8 RYG2ZnmON2YBxg== -----END CERTIFICATE-----Generated at Thu Dec 18 05:45:53 2025 by rpki-client