This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft File: MH3iES3L0Gv7x-h_O_8jcinS0XM.mft (raw, json) Hash identifier: 9tcDo3/ZepRlxFhSTJkMK5+0UJ90iOkbngLl8QSyEBg= Subject key identifier: 6C:A1:5B:65:E1:24:A5:8D:55:02:82:37:B0:57:94:51:5E:31:72:C6 Authority key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73 Certificate issuer: /CN=307de2112dcbd06bfbc7e87f3bff237229d2d173 Certificate serial: 019AF23F6A1508F56632591CF34EBBDD72E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft Manifest number: 0295 Signing time: Sat 06 Dec 2025 06:00:33 +0000 Manifest this update: Sat 06 Dec 2025 06:00:33 +0000 Manifest next update: Sun 07 Dec 2025 06:00:33 +0000 Files and hashes: 1: MH3iES3L0Gv7x-h_O_8jcinS0XM.crl (hash: vadoqQYpLCr2lTcMfg8ioR4k43l9+dI66eVv8ECBxZ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:6a:15:08:f5:66:32:59:1c:f3:4e:bb:dd:72:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173 Validity Not Before: Dec 6 06:00:33 2025 GMT Not After : Dec 7 06:00:33 2025 GMT Subject: CN=6ca15b65e124a58d55028237b05794515e3172c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e8:3e:0c:ce:6d:fb:d5:88:a5:d0:76:bb:75: 03:d1:10:3f:e0:4f:db:d3:59:47:c6:9a:c6:78:12: db:a4:9b:7b:61:e6:79:1e:31:5b:9a:c7:a4:bf:0b: 1d:4f:b2:12:6c:f8:b8:20:7e:27:9f:69:78:01:45: 02:59:7a:9c:f4:8e:0a:a4:31:8e:b9:4e:6c:bf:0b: ea:3f:35:27:7a:29:60:40:57:93:4b:ba:a9:3c:85: bd:68:55:01:2f:57:21:07:82:80:8d:6d:05:f8:02: a3:39:26:42:be:57:d7:73:e4:93:2f:5d:7f:a5:e4: 86:68:03:33:23:7d:9d:f6:03:89:cf:b7:53:53:e0: 47:a2:17:3a:bb:c3:09:df:c3:a0:f9:25:7f:7b:8a: 1a:10:1f:81:23:b3:17:bf:cf:2e:9b:47:69:16:55: 45:b2:b8:12:ac:88:34:42:db:56:49:cb:2d:05:0f: a8:4b:d6:f0:8f:fb:94:11:9f:6c:4f:fc:cd:61:0b: 9c:42:3a:be:fe:dd:42:ec:e8:7a:33:f0:6f:80:5d: f5:b3:54:35:73:fb:a0:5f:7d:ff:81:0a:36:e0:59: f6:5c:7a:7b:57:e6:13:75:56:03:44:9b:44:79:13: 83:df:d3:04:94:28:cf:15:42:ab:e1:62:33:d2:db: b1:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A1:5B:65:E1:24:A5:8D:55:02:82:37:B0:57:94:51:5E:31:72:C6 X509v3 Authority Key Identifier: keyid:30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:cb:df:3e:21:c2:47:de:c4:7b:54:4a:96:ae:c3:61:bb:f1: cb:94:6a:45:e3:ba:09:43:85:cc:57:d6:fc:c0:02:9e:dc:a3: df:c8:73:b1:78:15:a9:0e:2e:2d:db:32:bd:2a:d8:c8:1e:7f: 65:94:33:49:39:08:27:b2:d6:9f:96:95:d9:0e:26:d0:f5:3b: 67:ad:d4:56:5f:2d:5c:22:db:63:8a:1c:a0:ca:17:61:69:86: d6:68:8f:51:d3:b1:da:3f:f7:96:02:e0:8a:ff:ac:36:e7:5b: 29:b6:d4:30:8c:f0:90:1c:3c:78:f6:06:01:bb:2e:b6:7e:e5: df:d0:ca:62:9b:bc:a9:6f:20:71:e6:08:98:7a:c1:40:5b:78: 65:b3:e6:24:86:2b:e1:bd:03:18:f7:54:bb:7a:0b:1a:dc:e4: 57:99:d2:f2:1c:ec:65:82:14:c4:1d:44:08:94:a5:da:19:45: ff:55:c5:03:d2:a5:7a:ce:02:de:71:ba:6e:68:d7:65:f2:84: 0f:15:07:8e:7a:b4:d7:50:65:80:40:3a:53:b0:87:24:f2:7e: c5:d6:4c:78:d8:69:8e:a9:f2:61:22:22:54:57:60:a8:12:b1: 38:bc:e5:c7:d3:82:ec:ef:fc:fc:9b:bd:fd:39:85:94:ce:d7: 8c:d2:b8:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP2oVCPVmMlkc80673XLmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwN2RlMjExMmRjYmQwNmJmYmM3ZTg3ZjNiZmYyMzcyMjlk MmQxNzMwHhcNMjUxMjA2MDYwMDMzWhcNMjUxMjA3MDYwMDMzWjAzMTEwLwYDVQQD Eyg2Y2ExNWI2NWUxMjRhNThkNTUwMjgyMzdiMDU3OTQ1MTVlMzE3MmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeg+DM5t+9WIpdB2u3UD0RA/4E/b 01lHxprGeBLbpJt7YeZ5HjFbmsekvwsdT7ISbPi4IH4nn2l4AUUCWXqc9I4KpDGO uU5svwvqPzUneilgQFeTS7qpPIW9aFUBL1chB4KAjW0F+AKjOSZCvlfXc+STL11/ peSGaAMzI32d9gOJz7dTU+BHohc6u8MJ38Og+SV/e4oaEB+BI7MXv88um0dpFlVF srgSrIg0QttWScstBQ+oS9bwj/uUEZ9sT/zNYQucQjq+/t1C7Oh6M/BvgF31s1Q1 c/ugX33/gQo24Fn2XHp7V+YTdVYDRJtEeROD39MElCjPFUKr4WIz0tuxoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGyhW2XhJKWNVQKCN7BXlFFeMXLGMB8GA1UdIwQY MBaAFDB94hEty9Br+8fofzv/I3Ip0tFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2Ut MjczMjE1MWI4ZTg2LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9hZWM4NzctNTlkNS00MmY5LTk2N2UtMjczMjE1MWI4ZTg2 LzEvTUgzaUVTM0wwR3Y3eC1oX09fOGpjaW5TMFhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMvfPiHC R97Ee1RKlq7DYbvxy5RqReO6CUOFzFfW/MACntyj38hzsXgVqQ4uLdsyvSrYyB5/ ZZQzSTkIJ7LWn5aV2Q4m0PU7Z63UVl8tXCLbY4ocoMoXYWmG1miPUdOx2j/3lgLg iv+sNudbKbbUMIzwkBw8ePYGAbsutn7l39DKYpu8qW8gceYImHrBQFt4ZbPmJIYr 4b0DGPdUu3oLGtzkV5nS8hzsZYIUxB1ECJSl2hlF/1XFA9Kles4C3nG6bmjXZfKE DxUHjnq011BlgEA6U7CHJPJ+xdZMeNhpjqnyYSIiVFdgqBKxOLzlx9OC7O/8/Ju9 /TmFlM7XjNK4bg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:15:13 2025 by rpki-client