This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft File: 3XzvizrZIDFjCqyiJqntebpgVYY.mft (raw, json) Hash identifier: gVw243qar+glTBvOS8v/waf+9OXHLP+uDUySXHqKCX4= Subject key identifier: 8E:74:EC:58:1D:20:FE:25:FA:43:E3:93:24:E4:F1:90:1E:DD:55:CB Authority key identifier: DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86 Certificate issuer: /CN=dd7cef8b3ad92031630aaca226a9ed79ba605586 Certificate serial: 019AF23FEC544A59246D7A475CC365E25D25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft Manifest number: 02C8 Signing time: Sat 06 Dec 2025 06:01:06 +0000 Manifest this update: Sat 06 Dec 2025 06:01:06 +0000 Manifest next update: Sun 07 Dec 2025 06:01:06 +0000 Files and hashes: 1: 3XzvizrZIDFjCqyiJqntebpgVYY.crl (hash: hsHQupZuou2BEkyUM8GGfAkOpobLrLlGCy6UJAKXJWU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:ec:54:4a:59:24:6d:7a:47:5c:c3:65:e2:5d:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd7cef8b3ad92031630aaca226a9ed79ba605586 Validity Not Before: Dec 6 06:01:06 2025 GMT Not After : Dec 7 06:01:06 2025 GMT Subject: CN=8e74ec581d20fe25fa43e39324e4f1901edd55cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e3:16:a8:46:9a:7e:81:c9:f9:3e:c6:9e:6d: 7a:4a:1a:45:76:32:7a:d2:34:66:09:c7:a2:56:25: 3e:b0:12:be:44:6c:d9:b4:c9:96:d7:b9:a4:95:ea: 07:cc:48:60:31:dc:92:e3:99:8c:2b:55:ef:a8:e8: af:7b:6e:1e:15:54:b1:6b:bf:81:b9:2b:68:73:15: f6:13:31:7b:bb:d5:d7:1d:22:e6:76:75:69:cc:c0: 5a:9f:d8:e6:cd:bc:02:23:c6:86:9c:44:49:2f:0d: eb:5f:1c:89:cc:76:f8:ab:33:a2:b3:e8:7d:cc:71: b5:b7:3d:dc:a4:86:02:da:fe:e7:06:31:08:a2:dd: a2:d9:f1:78:05:41:19:8d:ff:33:18:82:37:f4:1f: 9a:d1:ea:30:6a:18:35:de:29:2c:48:75:c4:b4:65: 09:e4:de:31:8a:22:1a:06:44:fb:27:97:d0:71:77: 54:05:08:3d:75:f7:a6:f3:e0:13:89:70:e8:d1:d4: 99:c6:7a:56:d6:76:22:88:33:9d:40:8e:15:c6:9b: 8b:4f:1f:12:d0:d7:57:0e:3d:ac:ad:f1:b1:90:c3: e3:2d:a6:83:ad:8b:61:7d:42:03:78:bd:1f:48:e7: 5f:2a:f1:a2:f5:5f:80:72:0f:4c:1b:66:30:18:ab: 77:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:74:EC:58:1D:20:FE:25:FA:43:E3:93:24:E4:F1:90:1E:DD:55:CB X509v3 Authority Key Identifier: keyid:DD:7C:EF:8B:3A:D9:20:31:63:0A:AC:A2:26:A9:ED:79:BA:60:55:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XzvizrZIDFjCqyiJqntebpgVYY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1d98b0-4a4d-4190-bd85-372f65d99a9f/1/3XzvizrZIDFjCqyiJqntebpgVYY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:9b:90:5d:8c:c5:6b:15:d0:15:60:c4:66:d3:93:b6:3d:8c: 2d:cc:a7:50:c4:b4:db:58:54:61:94:d8:70:e0:9d:19:14:45: 4c:f6:bb:1b:01:42:b9:06:dd:20:f1:cc:a3:79:06:e3:19:12: 2d:1b:1b:bb:6e:7a:c4:65:55:57:fe:0d:31:56:2c:8a:5c:29: 04:78:31:2e:5d:17:bc:86:ee:ea:96:c6:f0:97:c8:56:50:b6: 8b:02:e8:20:9f:12:62:70:71:2d:ef:5f:fd:df:7d:cc:79:4c: 4e:19:3c:ed:26:79:0b:29:34:b8:08:2c:3c:6c:35:6e:df:31: 02:c9:64:49:96:eb:59:f1:f0:7d:87:a1:7f:9e:52:3e:98:8e: 25:7a:ac:aa:f6:06:46:da:3d:f5:aa:af:c2:ac:23:d4:b8:4e: 7e:8a:5b:da:a4:6d:04:4f:6d:66:d8:9f:b2:bb:e2:e8:10:91: 2d:84:bc:7d:09:a0:5f:d0:58:3f:1a:ae:54:d9:2c:49:e4:48: 33:70:2f:08:ce:a5:ca:1f:fd:ea:44:da:1a:b7:13:82:a6:10: 2c:0d:d3:e2:c9:6e:0b:41:14:e8:b6:61:fb:38:a7:0a:eb:35: e4:84:3b:e9:b2:89:9a:77:35:25:2b:f9:ce:fb:47:74:77:44: 4a:4e:a5:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP+xUSlkkbXpHXMNl4l0lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkN2NlZjhiM2FkOTIwMzE2MzBhYWNhMjI2YTllZDc5YmE2 MDU1ODYwHhcNMjUxMjA2MDYwMTA2WhcNMjUxMjA3MDYwMTA2WjAzMTEwLwYDVQQD Eyg4ZTc0ZWM1ODFkMjBmZTI1ZmE0M2UzOTMyNGU0ZjE5MDFlZGQ1NWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+MWqEaafoHJ+T7Gnm16ShpFdjJ6 0jRmCceiViU+sBK+RGzZtMmW17mkleoHzEhgMdyS45mMK1XvqOive24eFVSxa7+B uStocxX2EzF7u9XXHSLmdnVpzMBan9jmzbwCI8aGnERJLw3rXxyJzHb4qzOis+h9 zHG1tz3cpIYC2v7nBjEIot2i2fF4BUEZjf8zGII39B+a0eowahg13iksSHXEtGUJ 5N4xiiIaBkT7J5fQcXdUBQg9dfem8+ATiXDo0dSZxnpW1nYiiDOdQI4VxpuLTx8S 0NdXDj2srfGxkMPjLaaDrYthfUIDeL0fSOdfKvGi9V+Acg9MG2YwGKt3owIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI507FgdIP4l+kPjkyTk8ZAe3VXLMB8GA1UdIwQY MBaAFN1874s62SAxYwqsoiap7Xm6YFWGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUt MzcyZjY1ZDk5YTlmLzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS8xZDk4YjAtNGE0ZC00MTkwLWJkODUtMzcyZjY1ZDk5YTlm LzEvM1h6dml6clpJREZqQ3F5aUpxbnRlYnBnVllZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZuQXYzF axXQFWDEZtOTtj2MLcynUMS021hUYZTYcOCdGRRFTPa7GwFCuQbdIPHMo3kG4xkS LRsbu256xGVVV/4NMVYsilwpBHgxLl0XvIbu6pbG8JfIVlC2iwLoIJ8SYnBxLe9f /d99zHlMThk87SZ5Cyk0uAgsPGw1bt8xAslkSZbrWfHwfYehf55SPpiOJXqsqvYG Rto99aqvwqwj1LhOfopb2qRtBE9tZtifsrvi6BCRLYS8fQmgX9BYPxquVNksSeRI M3AvCM6lyh/96kTaGrcTgqYQLA3T4sluC0EU6LZh+zinCus15IQ76bKJmnc1JSv5 zvtHdHdESk6l1A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:24:49 2025 by rpki-client