This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft File: 3dStS_QUF7o4OE1lvC0HwPaFCeE.mft (raw, json) Hash identifier: 1swNFI7Jex8KgKxv3C9I5aaXu0RrZwoB6JB/itoYD8A= Subject key identifier: 58:34:7C:3F:43:2B:06:F5:71:9F:7D:B8:F9:E0:CA:8C:3A:F1:9E:E2 Authority key identifier: DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1 Certificate issuer: /CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1 Certificate serial: 019AF19ABC1C56374C3C8ED5B5BEDBAE72EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft Manifest number: 16F2 Signing time: Sat 06 Dec 2025 03:00:41 +0000 Manifest this update: Sat 06 Dec 2025 03:00:41 +0000 Manifest next update: Sun 07 Dec 2025 03:00:41 +0000 Files and hashes: 1: 3dStS_QUF7o4OE1lvC0HwPaFCeE.crl (hash: T0HHwIFQwZgZucLH4Jypd3KYlL+hBYvJ7JOYOj0hHqQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:bc:1c:56:37:4c:3c:8e:d5:b5:be:db:ae:72:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddd4ad4bf41417ba38384d65bc2d07c0f68509e1 Validity Not Before: Dec 6 03:00:41 2025 GMT Not After : Dec 7 03:00:41 2025 GMT Subject: CN=58347c3f432b06f5719f7db8f9e0ca8c3af19ee2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a7:91:b6:03:17:83:27:c8:01:fa:f9:8f:e9: 20:ea:76:8d:9a:c8:dd:8d:5f:2e:df:db:39:6c:6f: f0:06:e7:c0:d6:38:1b:c8:86:ca:1a:3a:b4:83:b7: 77:90:e0:a1:b4:95:d4:c9:b1:66:da:4d:2f:56:0a: 57:cf:6b:90:ed:f5:e5:7f:ef:97:57:13:8e:eb:c6: c7:bc:cf:1d:22:7a:49:61:5b:8b:1d:ae:d2:14:88: 2a:72:5a:99:d0:28:8c:16:65:0f:45:fc:b6:dc:e6: 95:6d:3b:b9:f9:9f:19:53:46:d6:9a:b5:85:9a:13: 9b:1f:36:d0:21:44:1a:38:11:7f:2a:11:af:42:3f: a9:93:0a:c8:5b:ae:5c:fe:fa:61:0e:55:4c:ec:70: 9d:10:ff:70:2d:b0:a7:c2:21:3d:e9:4c:c7:d0:e0: 80:db:d5:2d:29:e1:04:d5:d7:f7:cb:e1:7b:f2:6b: cd:37:30:64:1c:1c:4e:79:00:1b:60:2e:6d:e8:7d: 79:d8:1f:2b:cd:f4:d5:8d:ea:d1:08:07:b6:9a:18: f9:9d:5a:b7:af:e0:7c:8b:a2:8c:02:d7:eb:79:25: c6:f9:50:e5:27:e5:b8:60:a7:03:8d:43:1e:ff:3c: 75:56:7a:39:c4:9f:70:ca:68:04:c9:6b:0c:72:4b: 7c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:34:7C:3F:43:2B:06:F5:71:9F:7D:B8:F9:E0:CA:8C:3A:F1:9E:E2 X509v3 Authority Key Identifier: keyid:DD:D4:AD:4B:F4:14:17:BA:38:38:4D:65:BC:2D:07:C0:F6:85:09:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dStS_QUF7o4OE1lvC0HwPaFCeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/094969-13ed-4c14-8575-7bc8c20a235a/1/3dStS_QUF7o4OE1lvC0HwPaFCeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:72:da:7e:2c:f2:6e:79:8c:cb:04:f6:db:72:53:ae:08:d1: 93:ec:24:a2:5d:16:2d:95:af:be:22:3a:01:f6:6d:4a:22:44: 88:7e:ba:0e:48:23:5d:bf:f8:9c:de:2b:a5:f1:3c:91:ca:69: a0:68:9b:a5:ae:b8:b5:97:52:de:4c:0c:0d:85:d0:6b:3e:cc: e1:42:58:40:ec:3b:a7:07:fd:ec:77:f6:81:61:b0:f3:4d:bd: ad:6d:a1:99:cb:8f:5d:f2:0d:84:b4:0d:f4:b7:49:1a:09:26: 74:05:6f:45:21:17:39:e0:e0:13:fa:a0:74:aa:05:e8:a6:ec: 02:56:47:ae:ed:eb:ad:f9:71:44:db:c0:66:fc:a7:47:36:d6: f3:d9:d6:5f:47:b5:34:be:79:a4:95:d4:d1:06:e6:46:3d:ca: de:e3:d9:16:ec:a1:83:f0:c1:0b:bc:1e:93:f9:f6:76:65:df: 5e:25:8d:70:96:86:05:84:d5:29:f7:b1:7d:b4:65:e2:e2:e9: 61:73:60:b6:74:e3:6a:63:8c:b7:76:c1:bf:5f:3b:2e:51:46: 1f:fe:83:bb:fb:76:96:5d:5b:8d:04:1a:1a:e8:77:6f:0d:69: 9f:a5:f1:1e:6d:43:cf:36:68:a0:ba:65:c0:fe:ab:48:30:59: b7:c7:46:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmrwcVjdMPI7Vtb7brnLrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZDRhZDRiZjQxNDE3YmEzODM4NGQ2NWJjMmQwN2MwZjY4 NTA5ZTEwHhcNMjUxMjA2MDMwMDQxWhcNMjUxMjA3MDMwMDQxWjAzMTEwLwYDVQQD Eyg1ODM0N2MzZjQzMmIwNmY1NzE5ZjdkYjhmOWUwY2E4YzNhZjE5ZWUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqeRtgMXgyfIAfr5j+kg6naNmsjd jV8u39s5bG/wBufA1jgbyIbKGjq0g7d3kOChtJXUybFm2k0vVgpXz2uQ7fXlf++X VxOO68bHvM8dInpJYVuLHa7SFIgqclqZ0CiMFmUPRfy23OaVbTu5+Z8ZU0bWmrWF mhObHzbQIUQaOBF/KhGvQj+pkwrIW65c/vphDlVM7HCdEP9wLbCnwiE96UzH0OCA 29UtKeEE1df3y+F78mvNNzBkHBxOeQAbYC5t6H152B8rzfTVjerRCAe2mhj5nVq3 r+B8i6KMAtfreSXG+VDlJ+W4YKcDjUMe/zx1Vno5xJ9wymgEyWsMckt8qwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFg0fD9DKwb1cZ99uPngyow68Z7iMB8GA1UdIwQY MBaAFN3UrUv0FBe6ODhNZbwtB8D2hQnhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUt N2JjOGMyMGEyMzVhLzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC8wOTQ5NjktMTNlZC00YzE0LTg1NzUtN2JjOGMyMGEyMzVh LzEvM2RTdFNfUVVGN280T0UxbHZDMEh3UGFGQ2VFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASXLafizy bnmMywT223JTrgjRk+wkol0WLZWvviI6AfZtSiJEiH66DkgjXb/4nN4rpfE8kcpp oGibpa64tZdS3kwMDYXQaz7M4UJYQOw7pwf97Hf2gWGw8029rW2hmcuPXfINhLQN 9LdJGgkmdAVvRSEXOeDgE/qgdKoF6KbsAlZHru3rrflxRNvAZvynRzbW89nWX0e1 NL55pJXU0QbmRj3K3uPZFuyhg/DBC7wek/n2dmXfXiWNcJaGBYTVKfexfbRl4uLp YXNgtnTjamOMt3bBv187LlFGH/6Du/t2ll1bjQQaGuh3bw1pn6XxHm1DzzZooLpl wP6rSDBZt8dGUw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:44:09 2025 by rpki-client