This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json) Hash identifier: CdDRoYhwqv9j1LsGJNZMEameDIAxefZUYglXL3b1ekU= Subject key identifier: 77:36:E6:2B:89:64:AB:B0:90:48:04:C1:ED:3A:56:42:00:E8:5D:81 Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a Certificate serial: 019B36450BF5A00A33D954DDF97A0F4C177C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft Manifest number: 10B4 Signing time: Fri 19 Dec 2025 11:00:53 +0000 Manifest this update: Fri 19 Dec 2025 11:00:53 +0000 Manifest next update: Sat 20 Dec 2025 11:00:53 +0000 Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: 1LadBidlB6CnMUO91nNy8LHBGRR0yjHZ28DuWhUo96A=) 2: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (hash: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 11:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:45:0b:f5:a0:0a:33:d9:54:dd:f9:7a:0f:4c:17:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a Validity Not Before: Dec 19 11:00:53 2025 GMT Not After : Dec 20 11:00:53 2025 GMT Subject: CN=7736e62b8964abb0904804c1ed3a564200e85d81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:cc:ba:5e:8b:5a:7c:4b:9b:31:88:4f:c2:e4: 73:46:48:f0:68:2f:be:d1:0c:94:d4:6b:f0:69:da: 57:10:d5:e5:9b:cd:cf:85:7e:9c:90:5b:ec:f5:da: 23:3d:48:19:e3:96:70:1f:75:46:bf:99:66:1e:70: 35:a6:10:50:ba:fd:7d:2f:01:45:2f:b4:6e:87:42: 21:19:bf:84:67:2d:b0:1b:75:42:74:d4:20:3b:bb: 29:cf:df:52:fc:f6:77:bd:6a:b9:2b:d2:cd:57:99: 67:eb:44:6d:3a:a9:8e:05:9c:1a:6c:a3:6c:5b:8c: 55:a4:81:b3:39:04:06:62:9c:1f:fd:b0:d4:62:6c: ef:02:fe:66:6c:d8:d7:35:aa:cf:75:44:f2:a2:7a: 8e:d2:8b:19:91:2f:70:c1:7e:1a:0e:dd:e2:91:84: e7:7a:01:9b:e7:7d:e2:ad:b9:78:6c:43:fd:0a:a6: b1:fa:ae:c3:99:2b:95:a9:89:f9:bd:b8:5f:23:32: b6:b6:a1:c0:aa:e5:a6:d7:37:d7:d6:84:67:22:cc: 14:7a:8b:72:a5:8e:9a:61:f3:d8:9d:d9:f4:55:6a: 55:58:c9:dd:d8:e9:b6:91:ae:85:68:ef:00:52:27: 79:32:95:93:42:35:63:5b:80:05:a3:27:45:c3:c7: 87:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:36:E6:2B:89:64:AB:B0:90:48:04:C1:ED:3A:56:42:00:E8:5D:81 X509v3 Authority Key Identifier: keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:04:ae:0a:21:80:e8:70:dd:0e:e8:d7:66:12:e7:db:e3:1f: 31:88:07:65:2f:35:94:34:1b:bd:8c:7b:9c:bb:d2:eb:d9:3b: 6e:ee:39:d1:ec:65:c9:58:0f:13:82:c8:c7:59:a5:31:fa:f8: 9d:93:0c:6b:20:7d:f5:9c:7d:04:e6:22:7b:c3:7f:80:e6:f9: 3f:44:09:20:06:4b:5d:94:da:97:6c:2c:81:ba:19:61:91:1d: 70:2e:a1:88:1d:c6:33:32:a5:f1:1e:ce:19:0a:48:63:53:6c: d1:32:3e:3d:88:76:a0:30:76:d8:4f:0c:28:22:4b:3d:0e:a4: 89:46:80:3e:50:92:27:2a:ca:a6:94:53:7c:f1:b2:3d:7e:77: 2f:36:9d:0f:7b:db:2e:57:79:4a:05:89:3f:a1:1f:2f:08:94: 17:13:3c:05:6b:bd:11:70:01:93:35:e5:28:ec:17:59:00:88: 47:15:15:1d:9d:45:fc:bd:09:a8:8a:c1:d2:45:23:ae:59:0f: ab:c9:af:f5:e8:38:42:8a:09:21:02:1c:0a:1a:5f:47:de:e2: 19:2c:d8:61:e9:92:23:88:0e:4f:51:62:5b:43:16:56:37:8e: 09:8a:86:ab:01:04:72:a7:0d:d3:f5:58:3e:4d:cf:ab:ed:ca: b2:54:8d:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2RQv1oAoz2VTd+XoPTBd8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw MDJhMmEwHhcNMjUxMjE5MTEwMDUzWhcNMjUxMjIwMTEwMDUzWjAzMTEwLwYDVQQD Eyg3NzM2ZTYyYjg5NjRhYmIwOTA0ODA0YzFlZDNhNTY0MjAwZTg1ZDgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8y6XotafEubMYhPwuRzRkjwaC++ 0QyU1GvwadpXENXlm83PhX6ckFvs9dojPUgZ45ZwH3VGv5lmHnA1phBQuv19LwFF L7Ruh0IhGb+EZy2wG3VCdNQgO7spz99S/PZ3vWq5K9LNV5ln60RtOqmOBZwabKNs W4xVpIGzOQQGYpwf/bDUYmzvAv5mbNjXNarPdUTyonqO0osZkS9wwX4aDt3ikYTn egGb533irbl4bEP9Cqax+q7DmSuVqYn5vbhfIzK2tqHAquWm1zfX1oRnIswUeoty pY6aYfPYndn0VWpVWMnd2Om2ka6FaO8AUid5MpWTQjVjW4AFoydFw8eHYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHc25iuJZKuwkEgEwe06VkIA6F2BMB8GA1UdIwQY MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1 LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVASuCiGA 6HDdDujXZhLn2+MfMYgHZS81lDQbvYx7nLvS69k7bu450exlyVgPE4LIx1mlMfr4 nZMMayB99Zx9BOYie8N/gOb5P0QJIAZLXZTal2wsgboZYZEdcC6hiB3GMzKl8R7O GQpIY1Ns0TI+PYh2oDB22E8MKCJLPQ6kiUaAPlCSJyrKppRTfPGyPX53LzadD3vb Lld5SgWJP6EfLwiUFxM8BWu9EXABkzXlKOwXWQCIRxUVHZ1F/L0JqIrB0kUjrlkP q8mv9eg4QooJIQIcChpfR97iGSzYYemSI4gOT1FiW0MWVjeOCYqGqwEEcqcN0/VY Pk3Pq+3KslSNEQ== -----END CERTIFICATE-----Generated at Fri Dec 19 18:49:06 2025 by rpki-client