This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.mft File: 3ZwwOZ9jhVX0wC6NG1W8knIly1E.mft (raw, json) Hash identifier: X3u6VK8PAsznrclLrLyPIrI9fb7MCVlsR+OENlSwrZ8= Subject key identifier: 01:D0:E4:E6:89:55:8F:9F:1E:D2:FD:5B:E0:A8:86:47:43:8F:EA:CA Authority key identifier: DD:9C:30:39:9F:63:85:55:F4:C0:2E:8D:1B:55:BC:92:72:25:CB:51 Certificate issuer: /CN=dd9c30399f638555f4c02e8d1b55bc927225cb51 Certificate serial: 019AF61C8A0F59F07AE11D5C4F6E665607B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZwwOZ9jhVX0wC6NG1W8knIly1E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.mft Manifest number: 0BCD Signing time: Sun 07 Dec 2025 00:00:56 +0000 Manifest this update: Sun 07 Dec 2025 00:00:56 +0000 Manifest next update: Mon 08 Dec 2025 00:00:56 +0000 Files and hashes: 1: 3ZwwOZ9jhVX0wC6NG1W8knIly1E.crl (hash: 6RPI6z7o9II6g4ofGPcXqyna5tAJc+bNOfRtRPLpbIw=) 2: dKbYijsCo6cz-c8VDyBQbX6KvIQ.roa (hash: s+UDqFCEg39f4gk9fs9ZUXaGmiKaVpMOQ/J8CYcOuY4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.crl rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.mft rsync://rpki.ripe.net/repository/DEFAULT/3ZwwOZ9jhVX0wC6NG1W8knIly1E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:1c:8a:0f:59:f0:7a:e1:1d:5c:4f:6e:66:56:07:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd9c30399f638555f4c02e8d1b55bc927225cb51 Validity Not Before: Dec 7 00:00:56 2025 GMT Not After : Dec 8 00:00:56 2025 GMT Subject: CN=01d0e4e689558f9f1ed2fd5be0a88647438feaca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:63:41:97:5f:82:5a:1f:07:5b:97:1a:38:36: 4f:87:56:77:3b:3f:d5:62:13:08:fd:e0:e3:a8:d2: fe:c8:db:40:10:c6:dc:1a:4f:be:44:c7:1f:d2:9f: 63:62:69:8d:f7:f5:76:ee:45:10:a4:30:5f:f5:a6: 30:7b:12:a6:0c:87:68:4b:2f:9e:b2:e2:f1:28:bf: d5:c5:5c:6a:d6:65:03:b6:7d:b3:1d:90:b8:62:3f: 93:b2:63:bb:cf:22:59:4c:cf:2b:2d:b1:5d:61:06: 02:a1:45:ed:d5:c9:dd:20:5e:dc:a8:b5:b8:f7:e1: 14:3b:4c:c6:7b:6c:dc:51:d6:c2:4b:3f:5d:5a:c5: 14:2c:f2:68:9e:2d:53:d5:21:ba:9a:09:0e:53:2c: 8d:1b:1c:87:48:01:9d:36:8f:cd:dd:28:ec:8f:60: cf:b4:22:42:25:2d:45:24:24:74:36:b3:df:45:ec: e9:89:d3:6d:0d:e9:bf:2d:69:82:18:7f:a7:ef:f3: a1:ab:be:11:4b:fc:f5:42:c2:1d:3e:1f:0e:04:4f: 0a:bb:4f:af:52:6e:32:14:84:a1:0f:52:6e:4e:e6: b4:e8:b8:28:4e:23:7c:23:8b:c6:26:0a:2d:79:0d: 43:68:a9:b5:c9:d4:c9:e0:4e:3b:37:bd:c1:9a:d6: d7:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:D0:E4:E6:89:55:8F:9F:1E:D2:FD:5B:E0:A8:86:47:43:8F:EA:CA X509v3 Authority Key Identifier: keyid:DD:9C:30:39:9F:63:85:55:F4:C0:2E:8D:1B:55:BC:92:72:25:CB:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZwwOZ9jhVX0wC6NG1W8knIly1E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/beca4d-70cc-4ca4-b452-0e514062c590/1/3ZwwOZ9jhVX0wC6NG1W8knIly1E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:0d:46:d4:fd:69:9c:00:c6:da:b4:32:ac:93:8a:1d:a1:90: 55:16:30:4e:94:06:0b:11:7c:3e:b9:69:29:74:7e:86:92:11: 40:61:0c:40:38:6b:c8:9a:07:3d:5d:93:76:a9:84:b9:90:34: 2b:76:e9:3b:24:1c:2a:c5:cf:50:71:4a:38:2e:2b:ab:7a:8f: 7f:e4:bd:c6:3f:d4:66:f7:c0:02:95:d4:d0:e1:bf:ab:72:6d: 30:36:fa:07:69:d5:ea:8e:0d:88:7e:fe:8e:15:fe:5a:8f:a6: fe:b5:51:7b:f3:44:b5:61:0d:d5:c0:3c:70:e4:b2:82:a9:ab: 0a:76:fc:4d:dd:a7:e8:51:5d:73:e3:17:5d:b6:87:52:bb:c1: 9c:cf:6c:d8:e5:69:49:ce:ce:65:e2:b2:d8:98:2a:a3:74:a2: 8e:da:a9:a8:9b:d1:7f:16:32:10:3e:7d:57:7a:eb:72:c7:b1: ca:c7:ab:2c:a0:5a:3e:4b:1e:5b:0f:f1:f1:47:f5:ed:aa:d9: f3:f9:a9:ac:c1:75:68:98:0e:a7:aa:f9:6c:25:ca:ea:ab:c0: 17:85:ae:4a:c8:b9:47:78:66:6d:32:68:7f:ed:65:74:97:da: 54:7e:bb:bd:25:07:64:3e:a5:37:73:08:94:3c:0b:fd:a2:21: 47:38:fb:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2HIoPWfB64R1cT25mVge4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkOWMzMDM5OWY2Mzg1NTVmNGMwMmU4ZDFiNTViYzkyNzIy NWNiNTEwHhcNMjUxMjA3MDAwMDU2WhcNMjUxMjA4MDAwMDU2WjAzMTEwLwYDVQQD EygwMWQwZTRlNjg5NTU4ZjlmMWVkMmZkNWJlMGE4ODY0NzQzOGZlYWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2NBl1+CWh8HW5caODZPh1Z3Oz/V YhMI/eDjqNL+yNtAEMbcGk++RMcf0p9jYmmN9/V27kUQpDBf9aYwexKmDIdoSy+e suLxKL/VxVxq1mUDtn2zHZC4Yj+TsmO7zyJZTM8rLbFdYQYCoUXt1cndIF7cqLW4 9+EUO0zGe2zcUdbCSz9dWsUULPJoni1T1SG6mgkOUyyNGxyHSAGdNo/N3Sjsj2DP tCJCJS1FJCR0NrPfRezpidNtDem/LWmCGH+n7/Ohq74RS/z1QsIdPh8OBE8Ku0+v Um4yFIShD1JuTua06LgoTiN8I4vGJgoteQ1DaKm1ydTJ4E47N73BmtbXvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAHQ5OaJVY+fHtL9W+CohkdDj+rKMB8GA1UdIwQY MBaAFN2cMDmfY4VV9MAujRtVvJJyJctRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1p3d09aOWpoVlgwd0M2TkcxVzhrbklseTFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iZWNhNGQtNzBjYy00Y2E0LWI0NTIt MGU1MTQwNjJjNTkwLzEvM1p3d09aOWpoVlgwd0M2TkcxVzhrbklseTFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNi9iZWNhNGQtNzBjYy00Y2E0LWI0NTItMGU1MTQwNjJjNTkw LzEvM1p3d09aOWpoVlgwd0M2TkcxVzhrbklseTFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQ1G1P1p nADG2rQyrJOKHaGQVRYwTpQGCxF8PrlpKXR+hpIRQGEMQDhryJoHPV2TdqmEuZA0 K3bpOyQcKsXPUHFKOC4rq3qPf+S9xj/UZvfAApXU0OG/q3JtMDb6B2nV6o4NiH7+ jhX+Wo+m/rVRe/NEtWEN1cA8cOSygqmrCnb8Td2n6FFdc+MXXbaHUrvBnM9s2OVp Sc7OZeKy2Jgqo3SijtqpqJvRfxYyED59V3rrcsexyserLKBaPkseWw/x8Uf17arZ 8/mprMF1aJgOp6r5bCXK6qvAF4WuSsi5R3hmbTJof+1ldJfaVH67vSUHZD6lN3MI lDwL/aIhRzj7UA== -----END CERTIFICATE-----Generated at Sun Dec 7 07:30:34 2025 by rpki-client