This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft File: 03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json) Hash identifier: 2v80vKNDeolrCQUD9Til+1FuWgRMlgHYnn1jcEMic7E= Subject key identifier: BE:8A:F5:4A:59:35:57:68:52:0D:0E:47:A6:6D:DA:3D:18:20:9C:2D Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43 Certificate issuer: /CN=d378771a106f6b0d054a57785356922caf02e343 Certificate serial: 019AF19B1A9EC4642608C51538073DB21408 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft Manifest number: 0B0B Signing time: Sat 06 Dec 2025 03:01:05 +0000 Manifest this update: Sat 06 Dec 2025 03:01:05 +0000 Manifest next update: Sun 07 Dec 2025 03:01:05 +0000 Files and hashes: 1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: KjilUPouOoHHBUCnK0mTMpxLvCwfZHt6Aiw7gMg/43A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:1a:9e:c4:64:26:08:c5:15:38:07:3d:b2:14:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d378771a106f6b0d054a57785356922caf02e343 Validity Not Before: Dec 6 03:01:05 2025 GMT Not After : Dec 7 03:01:05 2025 GMT Subject: CN=be8af54a59355768520d0e47a66dda3d18209c2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:29:2d:26:6b:f9:4b:07:ef:99:8f:c3:f6:8e: 1e:c4:ff:bf:d6:7d:e4:20:62:2c:85:14:9f:9f:5e: 87:47:dc:a5:16:f6:ac:c8:42:8c:ae:dd:87:65:78: 00:9b:c7:ef:6f:79:22:3a:c5:19:da:36:4c:d3:54: 70:a5:93:d7:56:bd:c9:65:b2:7b:47:09:51:62:f0: 3c:b2:48:dc:d5:d3:9b:45:43:df:ba:13:be:09:16: 3d:99:ec:ea:e8:b0:65:28:9c:ed:73:6e:ac:68:62: 22:df:4d:e6:f7:c3:50:f8:84:fd:5c:bb:e0:e7:10: f4:b5:c5:fe:55:bf:97:34:f6:d0:f7:db:c8:3b:41: 60:b0:58:66:54:be:df:25:c4:e7:3b:86:ea:27:07: bf:07:e8:12:6e:1f:f7:5b:2d:33:dc:96:8d:9c:8a: b0:05:2c:58:2f:69:77:74:38:26:84:1a:27:37:cf: 90:c3:58:3b:4d:de:b4:3f:2f:95:19:ff:2f:94:02: 65:57:5a:89:a2:4d:b5:8c:4a:ea:a7:c9:3c:b3:31: 2b:28:cd:c2:54:37:14:eb:96:86:98:52:d2:15:0c: 0f:44:41:ea:05:f8:db:ac:dc:dd:04:41:b5:ec:9e: 16:99:a2:35:ac:4b:85:ff:ba:82:8b:b9:01:00:14: cd:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:8A:F5:4A:59:35:57:68:52:0D:0E:47:A6:6D:DA:3D:18:20:9C:2D X509v3 Authority Key Identifier: keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:46:56:32:e7:15:87:56:b6:2e:a3:e4:84:41:a9:d8:59:21: 0f:e3:75:a1:63:1f:00:f2:73:e4:8b:b7:79:84:57:a9:9e:50: 87:39:c7:d0:13:c6:20:32:56:16:90:a4:93:f4:e9:37:ef:1c: ae:56:e6:b3:a9:90:a4:3e:2b:a2:4a:4a:99:86:40:95:9c:51: e3:98:3c:db:6f:14:af:b5:3c:4c:6b:a6:99:07:39:a9:59:de: ae:03:e6:91:fa:84:80:56:68:8d:53:90:8b:0c:36:e0:95:13: 81:f0:55:2e:c9:4a:13:51:68:e8:25:27:f6:a1:b8:8d:04:b1: 2d:dd:ef:13:2c:cd:03:65:e5:fc:be:3b:c9:b7:86:8a:ea:cd: 5c:a6:32:4e:6a:32:68:0b:78:f8:71:dc:f8:de:e7:52:d0:7e: 17:0e:21:9c:c4:82:39:c1:e3:f4:8c:11:8e:b0:56:16:c7:1d: 4d:3b:da:27:01:02:bb:f7:ce:de:ff:ff:d5:ad:6f:06:86:c0: 16:86:d3:f5:14:e9:f8:f5:56:a8:77:fd:77:91:8d:07:e7:b9: 97:66:a1:88:35:fd:8a:d8:cd:63:6e:1c:2f:26:64:7e:e4:79: fd:b5:02:ae:4d:a2:ba:c2:b4:85:d7:81:82:a3:48:31:02:d5: f4:52:22:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmxqexGQmCMUVOAc9shQIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw MmUzNDMwHhcNMjUxMjA2MDMwMTA1WhcNMjUxMjA3MDMwMTA1WjAzMTEwLwYDVQQD EyhiZThhZjU0YTU5MzU1NzY4NTIwZDBlNDdhNjZkZGEzZDE4MjA5YzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryktJmv5SwfvmY/D9o4exP+/1n3k IGIshRSfn16HR9ylFvasyEKMrt2HZXgAm8fvb3kiOsUZ2jZM01RwpZPXVr3JZbJ7 RwlRYvA8skjc1dObRUPfuhO+CRY9mezq6LBlKJztc26saGIi303m98NQ+IT9XLvg 5xD0tcX+Vb+XNPbQ99vIO0FgsFhmVL7fJcTnO4bqJwe/B+gSbh/3Wy0z3JaNnIqw BSxYL2l3dDgmhBonN8+Qw1g7Td60Py+VGf8vlAJlV1qJok21jErqp8k8szErKM3C VDcU65aGmFLSFQwPREHqBfjbrNzdBEG17J4WmaI1rEuF/7qCi7kBABTNkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL6K9UpZNVdoUg0OR6Zt2j0YIJwtMB8GA1UdIwQY MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5 LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApkZWMucV h1a2LqPkhEGp2FkhD+N1oWMfAPJz5Iu3eYRXqZ5QhznH0BPGIDJWFpCkk/TpN+8c rlbms6mQpD4rokpKmYZAlZxR45g8228Ur7U8TGummQc5qVnergPmkfqEgFZojVOQ iww24JUTgfBVLslKE1Fo6CUn9qG4jQSxLd3vEyzNA2Xl/L47ybeGiurNXKYyTmoy aAt4+HHc+N7nUtB+Fw4hnMSCOcHj9IwRjrBWFscdTTvaJwECu/fO3v//1a1vBobA FobT9RTp+PVWqHf9d5GNB+e5l2ahiDX9itjNY24cLyZkfuR5/bUCrk2iusK0hdeB gqNIMQLV9FIiew== -----END CERTIFICATE-----Generated at Sat Dec 6 12:35:49 2025 by rpki-client