This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft File: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft (raw, json) Hash identifier: F+JskMpK+8nwcbkQhVR0RL4R3yGLll7RYybR3qDLIW0= Subject key identifier: 6C:82:1D:19:A9:60:1E:C8:BB:01:53:21:7D:80:23:17:1F:91:F0:04 Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96 Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796 Certificate serial: 019AF0BF1AB26C60DB0BB2D58CC32CCC8E35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft Manifest number: 0F49 Signing time: Fri 05 Dec 2025 23:00:47 +0000 Manifest this update: Fri 05 Dec 2025 23:00:47 +0000 Manifest next update: Sat 06 Dec 2025 23:00:47 +0000 Files and hashes: 1: 3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl (hash: lCxT0wVb/V5rKZ5Wrt5KP3sx0uie7xjmEu3gYb3FF7I=) 2: plkAs-IyDZJCIAE40BkNI36hTng.roa (hash: wOkXtaw5IC+9zxwCff906pm32/bh8wTs2La7fXktK8s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:1a:b2:6c:60:db:0b:b2:d5:8c:c3:2c:cc:8e:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796 Validity Not Before: Dec 5 23:00:47 2025 GMT Not After : Dec 6 23:00:47 2025 GMT Subject: CN=6c821d19a9601ec8bb0153217d8023171f91f004 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:bd:36:1f:2d:44:9c:e4:dd:0f:56:32:e5:98: 09:4d:87:3b:6e:ea:0b:e6:f7:c5:03:7f:50:4c:93: 07:a9:c9:a9:67:48:2f:93:72:75:df:f2:6a:d6:0b: 26:ea:46:f8:81:5d:97:01:13:b3:5a:35:b6:b8:08: cb:97:4b:30:16:9a:1d:11:98:6b:d5:43:5c:c6:8d: 73:f9:de:28:92:2e:c0:90:f3:02:c8:e0:24:0c:98: f3:32:46:19:30:23:86:ea:ae:21:fa:13:09:30:ae: e2:89:21:2b:55:b0:43:e2:45:d6:c7:53:b7:5b:9d: 48:b1:0f:4a:0a:06:78:f1:b4:d7:b6:90:02:7e:d7: de:34:a0:2e:4f:81:46:35:2d:b1:17:b2:3b:04:00: e7:2a:55:f6:bc:5d:0e:7f:e8:a1:d7:db:98:9e:21: 83:4a:f6:7d:2c:5f:d7:ce:03:6b:15:82:03:97:54: 61:58:33:5f:07:7e:ec:a0:de:46:38:62:25:83:79: 4a:20:5f:c1:c0:ec:61:a9:c1:5e:31:2e:7f:72:91: c7:a3:d5:b7:1f:92:ee:2b:9b:67:b8:09:95:37:c2: 45:ea:e7:35:f6:35:ae:b2:5c:da:93:e8:cb:c1:25: 44:a8:26:a7:4d:a6:cf:40:99:9f:a3:d2:b8:99:3f: 0e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:82:1D:19:A9:60:1E:C8:BB:01:53:21:7D:80:23:17:1F:91:F0:04 X509v3 Authority Key Identifier: keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:db:d3:e3:5d:0e:46:30:3b:f4:6c:40:73:be:e0:a7:66:59: 95:15:0a:a2:d5:fa:1d:6b:f1:3f:be:c8:fc:42:26:95:ad:7d: 39:7f:25:fe:91:f2:9e:d0:9e:13:cd:50:8d:ec:60:97:e6:3e: dd:2a:3f:42:fa:83:94:68:cb:8d:6d:1a:f7:63:9e:dd:48:d6: 55:19:66:28:4e:d5:bd:5f:d7:79:21:e2:63:e8:4c:1d:aa:cd: 43:6f:06:de:32:05:dd:7b:db:5a:e3:ab:83:12:88:5e:5d:76: 1e:0b:3c:a6:31:ab:c1:21:ea:61:bf:a8:3b:6a:89:e6:9d:1a: ed:fd:b6:4d:ca:5c:3c:26:aa:1e:67:36:ef:b3:85:1c:88:11: 74:59:9e:f8:af:b2:92:f3:06:6e:ea:41:04:86:83:39:b6:e0: 28:76:50:d1:20:78:05:0c:4d:b1:32:1f:78:de:7c:80:35:46: 35:d5:3a:19:dd:11:d0:73:a5:f0:5a:3a:56:ad:04:00:21:f1: c3:87:0f:f4:59:d5:9a:8d:71:db:b0:2e:41:24:00:63:f0:03: 4a:40:24:77:8d:91:94:10:ed:02:00:cb:8e:36:0b:0b:c8:68: 91:f5:2a:1a:8d:8f:d1:5e:a0:9a:a5:9b:d5:ae:44:6d:c0:34: 25:cc:13:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvxqybGDbC7LVjMMszI41MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy Yjg3OTYwHhcNMjUxMjA1MjMwMDQ3WhcNMjUxMjA2MjMwMDQ3WjAzMTEwLwYDVQQD Eyg2YzgyMWQxOWE5NjAxZWM4YmIwMTUzMjE3ZDgwMjMxNzFmOTFmMDA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxL02Hy1EnOTdD1Yy5ZgJTYc7buoL 5vfFA39QTJMHqcmpZ0gvk3J13/Jq1gsm6kb4gV2XAROzWjW2uAjLl0swFpodEZhr 1UNcxo1z+d4oki7AkPMCyOAkDJjzMkYZMCOG6q4h+hMJMK7iiSErVbBD4kXWx1O3 W51IsQ9KCgZ48bTXtpACftfeNKAuT4FGNS2xF7I7BADnKlX2vF0Of+ih19uYniGD SvZ9LF/XzgNrFYIDl1RhWDNfB37soN5GOGIlg3lKIF/BwOxhqcFeMS5/cpHHo9W3 H5LuK5tnuAmVN8JF6uc19jWuslzak+jLwSVEqCanTabPQJmfo9K4mT8OsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGyCHRmpYB7IuwFTIX2AIxcfkfAEMB8GA1UdIwQY MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt NjFiNzMzNTRhYmRiLzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNvT410O RjA79GxAc77gp2ZZlRUKotX6HWvxP77I/EImla19OX8l/pHyntCeE81Qjexgl+Y+ 3So/QvqDlGjLjW0a92Oe3UjWVRlmKE7VvV/XeSHiY+hMHarNQ28G3jIF3XvbWuOr gxKIXl12Hgs8pjGrwSHqYb+oO2qJ5p0a7f22TcpcPCaqHmc277OFHIgRdFme+K+y kvMGbupBBIaDObbgKHZQ0SB4BQxNsTIfeN58gDVGNdU6Gd0R0HOl8Fo6Vq0EACHx w4cP9FnVmo1x27AuQSQAY/ADSkAkd42RlBDtAgDLjjYLC8hokfUqGo2P0V6gmqWb 1a5EbcA0JcwTOA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:28:02 2025 by rpki-client