This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft File: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json) Hash identifier: uLniRaqdpKr/r9RIjKbDREToaoeipc6JR9rI8eqxM24= Subject key identifier: 1B:A3:86:B6:4A:CD:56:44:0B:9C:17:6F:2F:FB:9E:E7:B9:86:13:86 Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 Certificate issuer: /CN=de17fd66577b3ed358b3862a7dd980944a85d507 Certificate serial: 019B2C2F057BE5589CED34D8AF9749E7FE52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft Manifest number: 033E Signing time: Wed 17 Dec 2025 12:00:37 +0000 Manifest this update: Wed 17 Dec 2025 12:00:37 +0000 Manifest next update: Thu 18 Dec 2025 12:00:37 +0000 Files and hashes: 1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: eazIsHh5dk1z4nSVfw7T09vFiKSqrL1pPGouV+1j72M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:2f:05:7b:e5:58:9c:ed:34:d8:af:97:49:e7:fe:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507 Validity Not Before: Dec 17 12:00:37 2025 GMT Not After : Dec 18 12:00:37 2025 GMT Subject: CN=1ba386b64acd56440b9c176f2ffb9ee7b9861386 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:53:e2:df:16:ec:d7:2b:c4:5d:82:c2:05:8c: 15:6e:b3:bf:0e:74:7a:eb:90:65:00:06:a0:d1:d0: 3e:e4:5b:11:f3:10:5f:9c:d9:87:97:4c:0d:40:b4: 4f:83:36:72:a6:7c:f2:ca:3b:a6:d2:03:c1:6c:91: 49:5a:d0:7a:cc:08:4f:69:10:37:a7:52:b6:ce:4d: 06:6d:e7:b0:9d:37:ee:ac:2b:2a:44:6c:9a:e0:ef: d9:59:8f:e3:36:d4:c2:1d:98:47:81:ef:af:44:85: f5:60:1a:76:da:fe:78:99:e1:a8:04:6a:23:de:f3: e2:b1:a3:e6:44:1e:ff:c4:ff:ae:66:b4:ef:82:23: 42:4d:6b:36:02:e7:a2:a1:14:f3:0d:b8:d2:a0:8e: 52:a2:e1:4b:4c:3b:c4:09:59:81:a7:40:c6:e1:51: af:ac:e0:b2:75:f9:51:11:d4:de:bc:03:6d:3a:5a: fa:38:b1:e3:32:d1:d3:4d:ba:83:01:6e:a1:ab:d4: b8:10:67:16:d0:3a:b1:fa:31:6f:de:33:61:e3:a3: dd:8a:1a:76:89:e0:a6:fa:44:44:5c:28:5a:cf:37: 5c:51:b2:58:03:dd:3d:cf:ab:33:33:9e:5b:87:2f: e6:37:c3:21:22:83:86:98:60:cf:b5:cf:c6:d3:cf: e2:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:A3:86:B6:4A:CD:56:44:0B:9C:17:6F:2F:FB:9E:E7:B9:86:13:86 X509v3 Authority Key Identifier: keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:68:90:16:2e:55:9a:8d:f0:c7:48:06:69:b0:de:6c:00:df: b1:06:81:8d:24:77:45:23:77:08:a4:ed:9a:01:05:28:46:4a: 6c:d9:93:90:a3:f0:6b:30:fa:e0:6e:ae:c7:f3:21:0c:82:d4: 27:5a:c8:f2:43:7f:a7:b5:cd:2c:96:95:53:60:25:7a:42:1d: 07:e5:34:4a:58:08:b2:85:9c:e2:78:e7:9e:de:b6:f5:bf:f4: d7:67:c7:52:e7:62:4c:46:17:7d:78:82:46:1b:f4:77:90:55: 42:69:77:18:62:70:ab:1f:be:b7:6b:ef:01:b2:cf:6a:48:b2: 11:d1:a2:98:84:90:23:44:c7:42:75:2e:9f:7e:d4:98:4c:2e: ab:58:64:23:60:55:a4:06:ba:f7:dc:51:bd:a1:6d:fd:ab:a0: 9b:30:e1:cb:c7:73:11:b5:a1:84:63:2b:2b:b2:95:31:da:a9: fd:c2:c7:b0:fe:f4:16:c5:ef:c4:11:43:08:ec:4a:99:e9:d7: ce:8c:ed:7a:44:4a:53:45:43:34:5f:62:f3:4d:e6:a7:c0:6d: e9:06:3c:dc:a2:f7:6a:37:e2:72:92:83:af:dc:3e:60:ef:5e: 02:94:d0:61:4e:2a:c7:a9:cc:1a:43:ef:65:81:a0:ea:8f:8c: 8b:1a:31:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssLwV75Vic7TTYr5dJ5/5SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4 NWQ1MDcwHhcNMjUxMjE3MTIwMDM3WhcNMjUxMjE4MTIwMDM3WjAzMTEwLwYDVQQD EygxYmEzODZiNjRhY2Q1NjQ0MGI5YzE3NmYyZmZiOWVlN2I5ODYxMzg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFPi3xbs1yvEXYLCBYwVbrO/DnR6 65BlAAag0dA+5FsR8xBfnNmHl0wNQLRPgzZypnzyyjum0gPBbJFJWtB6zAhPaRA3 p1K2zk0GbeewnTfurCsqRGya4O/ZWY/jNtTCHZhHge+vRIX1YBp22v54meGoBGoj 3vPisaPmRB7/xP+uZrTvgiNCTWs2AueioRTzDbjSoI5SouFLTDvECVmBp0DG4VGv rOCydflREdTevANtOlr6OLHjMtHTTbqDAW6hq9S4EGcW0Dqx+jFv3jNh46Pdihp2 ieCm+kREXChazzdcUbJYA909z6szM55bhy/mN8MhIoOGmGDPtc/G08/iVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBujhrZKzVZEC5wXby/7nue5hhOGMB8GA1UdIwQY MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtmiQFi5V mo3wx0gGabDebADfsQaBjSR3RSN3CKTtmgEFKEZKbNmTkKPwazD64G6ux/MhDILU J1rI8kN/p7XNLJaVU2AlekIdB+U0SlgIsoWc4njnnt629b/012fHUudiTEYXfXiC Rhv0d5BVQml3GGJwqx++t2vvAbLPakiyEdGimISQI0THQnUun37UmEwuq1hkI2BV pAa699xRvaFt/augmzDhy8dzEbWhhGMrK7KVMdqp/cLHsP70FsXvxBFDCOxKmenX zoztekRKU0VDNF9i803mp8Bt6QY83KL3ajficpKDr9w+YO9eApTQYU4qx6nMGkPv ZYGg6o+Mixoxsw== -----END CERTIFICATE-----Generated at Wed Dec 17 17:57:17 2025 by rpki-client