This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft File: 3dya0lC4XNOZSUZbZoGy8d8U1qM.mft (raw, json) Hash identifier: WIrkswoIjpOK35B02tvjPxSaGGCC0Te4xVkAiiSTJAg= Subject key identifier: 0D:44:48:9C:B9:F0:C0:33:F1:EF:9D:4C:35:DB:69:0D:E4:0C:BA:52 Authority key identifier: DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3 Certificate issuer: /CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3 Certificate serial: 019AF1D1D8950EB1F724B11656566CE28EED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft Manifest number: 0647 Signing time: Sat 06 Dec 2025 04:00:52 +0000 Manifest this update: Sat 06 Dec 2025 04:00:52 +0000 Manifest next update: Sun 07 Dec 2025 04:00:52 +0000 Files and hashes: 1: 3dya0lC4XNOZSUZbZoGy8d8U1qM.crl (hash: ebSAML74AKrjwisBF9UshyB6ay6OA1G9q8CYXgLDU4E=) 2: dA9DZPAABtlejc0G0adjQxYBv5c.roa (hash: 3UVeFl3N3ODI+QVLphkmL5y9dyL4Gw+YagDr/4SW4gs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:d8:95:0e:b1:f7:24:b1:16:56:56:6c:e2:8e:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dddc9ad250b85cd39949465b6681b2f1df14d6a3 Validity Not Before: Dec 6 04:00:52 2025 GMT Not After : Dec 7 04:00:52 2025 GMT Subject: CN=0d44489cb9f0c033f1ef9d4c35db690de40cba52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b2:a1:46:4b:7c:63:93:a4:72:e5:57:3c:d8: e9:76:cc:cc:8a:cc:e8:a8:b5:5d:75:e4:59:00:6e: 86:17:ce:aa:ff:06:72:fc:63:ef:69:98:88:0d:7e: 68:f2:ce:9e:dd:fb:0f:cb:3a:9d:23:8e:b9:e1:16: fc:b8:83:9c:68:24:d0:ac:c1:e2:71:1a:6a:41:9f: 7e:5f:67:fb:50:24:04:34:31:a3:bc:87:e8:aa:9d: 9d:6c:0d:99:dc:52:42:65:86:71:6e:31:e2:20:66: 00:9d:eb:e7:61:20:04:f2:ec:42:ba:d1:5f:a9:66: 95:b9:57:03:35:e7:25:5d:52:a8:08:45:6d:83:b8: e7:a2:15:e4:9f:c2:ab:39:c5:1e:fe:fd:cd:9a:6f: 3e:d0:cd:9a:8f:7c:3b:ca:fb:bd:6d:c2:70:69:f8: b6:d3:85:83:eb:b8:8c:a6:38:35:6e:45:7e:60:34: f1:c8:fb:8d:32:60:b8:19:76:86:3f:1f:ce:07:b7: 9b:82:99:cd:9f:c8:3b:19:86:1a:96:33:2f:67:49: e7:5b:36:98:66:67:06:3a:5b:d9:22:36:9a:16:ec: 70:35:d9:8d:02:df:b4:62:07:68:fb:e8:31:78:18: 66:66:96:4e:fe:99:e5:0a:c5:42:85:91:d0:50:00: 2f:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:44:48:9C:B9:F0:C0:33:F1:EF:9D:4C:35:DB:69:0D:E4:0C:BA:52 X509v3 Authority Key Identifier: keyid:DD:DC:9A:D2:50:B8:5C:D3:99:49:46:5B:66:81:B2:F1:DF:14:D6:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dya0lC4XNOZSUZbZoGy8d8U1qM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/5bf948-977b-4b0e-b8e7-0d4318ca8c55/1/3dya0lC4XNOZSUZbZoGy8d8U1qM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:4c:00:4a:95:a2:af:2c:e7:49:df:26:eb:a5:e7:db:f9:13: a0:b6:ef:24:83:25:d6:e3:0a:a8:d8:c7:c1:15:58:39:11:71: b0:01:8b:25:c0:b4:ae:1d:ac:cf:17:38:fc:75:5f:ff:d9:9d: 7b:53:d8:25:30:ba:dc:fe:cb:ba:ba:cd:71:cf:f5:c0:7e:0f: ee:b1:13:3c:8f:bd:20:33:a6:31:24:2a:19:29:be:30:72:c2: a6:f5:bd:e1:c8:c9:74:a7:7f:ce:5f:cf:b5:e4:1b:34:86:98: 9e:08:98:c3:0c:ce:d9:a6:d4:20:0b:36:51:50:12:3b:f8:f1: 72:e1:21:5d:e1:56:03:84:76:d1:9f:c6:f4:4d:69:05:11:32: 56:b9:da:16:15:5c:6d:5b:81:0d:f8:68:04:7d:d1:6a:26:64: c4:21:81:23:df:92:36:b3:ff:83:14:30:cb:ff:28:da:fd:80: 19:a4:9e:f2:3d:fe:45:60:1d:34:e0:f5:cd:2c:5c:c7:7e:df: 95:fb:7f:d8:d0:0d:83:67:e5:ff:a3:17:2a:3b:f1:13:95:bf: f6:74:e9:f0:b9:b5:52:70:f2:19:3d:e8:e9:50:61:2e:76:60: fc:ac:b0:7f:bc:8a:c2:c9:14:ad:e4:31:88:c9:10:6e:ea:56: 92:12:84:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0diVDrH3JLEWVlZs4o7tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZGM5YWQyNTBiODVjZDM5OTQ5NDY1YjY2ODFiMmYxZGYx NGQ2YTMwHhcNMjUxMjA2MDQwMDUyWhcNMjUxMjA3MDQwMDUyWjAzMTEwLwYDVQQD EygwZDQ0NDg5Y2I5ZjBjMDMzZjFlZjlkNGMzNWRiNjkwZGU0MGNiYTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrKhRkt8Y5OkcuVXPNjpdszMiszo qLVddeRZAG6GF86q/wZy/GPvaZiIDX5o8s6e3fsPyzqdI4654Rb8uIOcaCTQrMHi cRpqQZ9+X2f7UCQENDGjvIfoqp2dbA2Z3FJCZYZxbjHiIGYAnevnYSAE8uxCutFf qWaVuVcDNeclXVKoCEVtg7jnohXkn8KrOcUe/v3Nmm8+0M2aj3w7yvu9bcJwafi2 04WD67iMpjg1bkV+YDTxyPuNMmC4GXaGPx/OB7ebgpnNn8g7GYYaljMvZ0nnWzaY ZmcGOlvZIjaaFuxwNdmNAt+0Ygdo++gxeBhmZpZO/pnlCsVChZHQUAAv/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA1ESJy58MAz8e+dTDXbaQ3kDLpSMB8GA1UdIwQY MBaAFN3cmtJQuFzTmUlGW2aBsvHfFNajMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTct MGQ0MzE4Y2E4YzU1LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81YmY5NDgtOTc3Yi00YjBlLWI4ZTctMGQ0MzE4Y2E4YzU1 LzEvM2R5YTBsQzRYTk9aU1VaYlpvR3k4ZDhVMXFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKUwASpWi ryznSd8m66Xn2/kToLbvJIMl1uMKqNjHwRVYORFxsAGLJcC0rh2szxc4/HVf/9md e1PYJTC63P7LurrNcc/1wH4P7rETPI+9IDOmMSQqGSm+MHLCpvW94cjJdKd/zl/P teQbNIaYngiYwwzO2abUIAs2UVASO/jxcuEhXeFWA4R20Z/G9E1pBREyVrnaFhVc bVuBDfhoBH3RaiZkxCGBI9+SNrP/gxQwy/8o2v2AGaSe8j3+RWAdNOD1zSxcx37f lft/2NANg2fl/6MXKjvxE5W/9nTp8Lm1UnDyGT3o6VBhLnZg/Kywf7yKwskUreQx iMkQbupWkhKEzA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:10:08 2025 by rpki-client