This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft File: 3YXca2FDoX_rSYIOpSAEiVj0itw.mft (raw, json) Hash identifier: 7OLYN01yFEw1acdEK2BpfHXpmxOkL2VeBw+nU2i7atg= Subject key identifier: 5A:4E:C1:16:92:7C:3C:25:14:40:E9:0B:60:8C:60:13:05:E8:C0:99 Authority key identifier: DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC Certificate issuer: /CN=dd85dc6b6143a17feb49820ea520048958f48adc Certificate serial: 019AF352B557733611F4FFCA181FC05163BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft Manifest number: 11FC Signing time: Sat 06 Dec 2025 11:01:15 +0000 Manifest this update: Sat 06 Dec 2025 11:01:15 +0000 Manifest next update: Sun 07 Dec 2025 11:01:15 +0000 Files and hashes: 1: 3YXca2FDoX_rSYIOpSAEiVj0itw.crl (hash: qm1kHLSUaDe6ve7OwcOvoJAynQDj1gCxAED1pCI6SiA=) 2: V06h50tDruiBUg9uiKF_DSq52w8.roa (hash: A6FA8GQqXA3RMWxT5r25HFVTJrUQ2PZEYKc6YcmeWfw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:b5:57:73:36:11:f4:ff:ca:18:1f:c0:51:63:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd85dc6b6143a17feb49820ea520048958f48adc Validity Not Before: Dec 6 11:01:15 2025 GMT Not After : Dec 7 11:01:15 2025 GMT Subject: CN=5a4ec116927c3c251440e90b608c601305e8c099 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:43:72:c3:92:c3:3a:90:6a:90:88:5d:7a:04: 0a:fd:4e:26:84:b8:07:18:34:85:d5:9c:92:9f:fd: 8c:d0:12:95:c4:41:dd:aa:f7:09:bf:e8:46:5a:e3: bb:6f:cb:35:07:82:96:a5:e3:31:9d:f9:71:4f:9d: f5:59:5a:d1:86:9e:48:52:5f:b3:c9:7f:1d:5b:f0: 5b:c3:9e:64:07:e6:53:6d:93:1e:39:7c:97:44:8e: 33:26:20:0c:90:f4:23:ac:ca:fe:34:e5:98:a2:74: 3e:52:c1:43:87:04:1f:83:9a:bc:0d:06:f9:79:ea: 23:5c:0a:80:5c:b5:60:d2:40:6b:a5:76:14:43:d4: 51:7c:46:a2:79:4f:c8:7d:a9:a5:0a:39:66:80:54: 3b:8b:c1:c9:29:47:fe:cf:96:c6:94:38:23:6c:07: 4d:3c:6f:aa:a2:91:58:4a:7f:07:91:ae:4f:a0:2b: 83:ec:78:30:16:b1:fe:b3:9a:24:f7:05:2a:d6:c8: 4a:cb:a6:9d:3d:95:4a:fe:fb:3d:97:b2:8e:6e:ec: d2:57:6d:c4:85:6a:d4:76:92:aa:15:96:f0:f6:2d: 97:39:d4:48:cc:d1:b4:31:c9:20:1a:05:8b:a3:7e: 04:e7:1c:f9:74:05:ee:9e:75:3f:23:7e:7d:a0:a8: 35:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:4E:C1:16:92:7C:3C:25:14:40:E9:0B:60:8C:60:13:05:E8:C0:99 X509v3 Authority Key Identifier: keyid:DD:85:DC:6B:61:43:A1:7F:EB:49:82:0E:A5:20:04:89:58:F4:8A:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YXca2FDoX_rSYIOpSAEiVj0itw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2a1d35-6e31-40e6-94b4-4ac856a8182d/1/3YXca2FDoX_rSYIOpSAEiVj0itw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:57:68:3a:9d:42:05:e7:e7:a5:a7:75:64:bc:13:27:b1:fc: 22:a0:ae:e1:c9:78:f1:4f:a6:f2:b9:f5:4f:30:4d:47:34:69: a7:b0:59:51:d8:29:47:c4:d6:72:d8:fc:fc:06:4b:6c:b9:0f: b5:33:4b:d1:88:14:3f:37:4f:1c:fb:6f:9a:9b:a1:ff:3c:93: fc:db:1c:77:0c:d8:8b:59:e2:e7:3f:2c:70:30:85:87:fc:fc: 43:86:b6:0d:bb:e9:ca:9e:cb:64:8f:4f:5b:cf:4e:c5:d5:77: 8e:ab:fc:b5:0f:da:8e:79:8a:87:c1:f4:26:0f:d6:67:79:e3: 3b:91:c3:b0:1f:c6:2f:81:9f:f0:ae:ba:eb:21:f0:86:82:0b: 65:e7:ca:3c:88:7d:14:5f:ec:eb:94:97:11:ae:0b:15:4e:31: 22:1a:d4:63:54:2a:3b:85:35:46:b6:e6:a2:7d:07:9e:49:af: 08:b7:7b:17:b6:e5:64:9a:2e:7f:ba:40:f4:a2:22:68:14:82: 6d:a9:cb:23:39:fa:7d:95:f3:91:36:27:64:3a:67:fa:5b:dc: 02:49:97:a5:59:2d:f3:2e:d3:90:47:d7:a7:c2:e4:de:07:dd: eb:d4:a3:ae:c3:8e:bd:6c:29:05:51:0a:41:e2:db:f5:a2:58: 53:a5:c0:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUrVXczYR9P/KGB/AUWO7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkODVkYzZiNjE0M2ExN2ZlYjQ5ODIwZWE1MjAwNDg5NThm NDhhZGMwHhcNMjUxMjA2MTEwMTE1WhcNMjUxMjA3MTEwMTE1WjAzMTEwLwYDVQQD Eyg1YTRlYzExNjkyN2MzYzI1MTQ0MGU5MGI2MDhjNjAxMzA1ZThjMDk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUNyw5LDOpBqkIhdegQK/U4mhLgH GDSF1ZySn/2M0BKVxEHdqvcJv+hGWuO7b8s1B4KWpeMxnflxT531WVrRhp5IUl+z yX8dW/Bbw55kB+ZTbZMeOXyXRI4zJiAMkPQjrMr+NOWYonQ+UsFDhwQfg5q8DQb5 eeojXAqAXLVg0kBrpXYUQ9RRfEaieU/IfamlCjlmgFQ7i8HJKUf+z5bGlDgjbAdN PG+qopFYSn8Hka5PoCuD7HgwFrH+s5ok9wUq1shKy6adPZVK/vs9l7KObuzSV23E hWrUdpKqFZbw9i2XOdRIzNG0MckgGgWLo34E5xz5dAXunnU/I359oKg1mQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFpOwRaSfDwlFEDpC2CMYBMF6MCZMB8GA1UdIwQY MBaAFN2F3GthQ6F/60mCDqUgBIlY9IrcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQt NGFjODU2YTgxODJkLzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8yYTFkMzUtNmUzMS00MGU2LTk0YjQtNGFjODU2YTgxODJk LzEvM1lYY2EyRkRvWF9yU1lJT3BTQUVpVmowaXR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFdoOp1C Befnpad1ZLwTJ7H8IqCu4cl48U+m8rn1TzBNRzRpp7BZUdgpR8TWctj8/AZLbLkP tTNL0YgUPzdPHPtvmpuh/zyT/NscdwzYi1ni5z8scDCFh/z8Q4a2Dbvpyp7LZI9P W89OxdV3jqv8tQ/ajnmKh8H0Jg/WZ3njO5HDsB/GL4Gf8K666yHwhoILZefKPIh9 FF/s65SXEa4LFU4xIhrUY1QqO4U1Rrbmon0HnkmvCLd7F7blZJouf7pA9KIiaBSC banLIzn6fZXzkTYnZDpn+lvcAkmXpVkt8y7TkEfXp8Lk3gfd69SjrsOOvWwpBVEK QeLb9aJYU6XAAw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:59 2025 by rpki-client