This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft File: 3-ytVuquEjX6eI5OrTkiwpbig6U.mft (raw, json) Hash identifier: kOPl0Iopz4xA7xz4MG/6ETEYk3q6+I3+nGtAeSy2WrA= Subject key identifier: 01:8D:5E:62:59:76:4B:E2:43:ED:5B:44:E3:AF:09:B1:DA:E1:1E:FE Authority key identifier: DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5 Certificate issuer: /CN=dfecad56eaae1235fa788e4ead3922c296e283a5 Certificate serial: 019AF16404B41DB008C730F9149C7F9F3F9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft Manifest number: 029A Signing time: Sat 06 Dec 2025 02:00:55 +0000 Manifest this update: Sat 06 Dec 2025 02:00:55 +0000 Manifest next update: Sun 07 Dec 2025 02:00:55 +0000 Files and hashes: 1: 3-ytVuquEjX6eI5OrTkiwpbig6U.crl (hash: WrnZG47dqqy9U0L5v2f3m1TODB0mGrh5urcCwcEsNGM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:04:b4:1d:b0:08:c7:30:f9:14:9c:7f:9f:3f:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfecad56eaae1235fa788e4ead3922c296e283a5 Validity Not Before: Dec 6 02:00:55 2025 GMT Not After : Dec 7 02:00:55 2025 GMT Subject: CN=018d5e6259764be243ed5b44e3af09b1dae11efe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:cf:e0:3e:b9:b4:91:90:df:47:90:44:c7:52: 76:dd:68:0a:78:0e:51:16:5d:23:a9:45:e4:40:20: 5e:45:f2:6d:9c:6c:e6:9f:32:ce:23:70:9d:2d:4f: 06:9f:67:84:7c:be:02:e6:dd:01:fb:cc:c8:ab:10: 6a:57:55:24:69:e3:41:cf:50:05:48:8b:b6:7d:b5: cf:a2:92:2d:35:b9:9a:f5:3c:31:03:dc:9d:ab:e7: ad:91:ec:35:4b:b3:e0:ed:33:b7:b6:e6:6c:db:a4: cf:29:79:86:cd:28:02:a1:df:f2:e0:26:de:42:73: de:25:f4:48:be:2c:4c:73:b7:e4:59:d0:35:3b:e9: a9:76:f9:14:a2:07:92:26:d5:7c:56:b9:e4:4f:09: 43:57:e2:0c:a4:92:4f:83:d7:17:7c:14:c4:b9:69: 30:2f:5c:6a:d7:ec:cf:d4:7e:86:e8:42:98:56:44: 65:fe:1d:c2:e9:26:c1:9f:35:d2:37:93:76:97:bd: c6:6f:74:50:ea:03:5b:7b:c5:3c:e2:f7:ec:28:98: 14:31:0a:2d:b5:24:73:b1:96:d8:ed:69:cb:cf:bc: 18:b4:26:5e:7f:bb:b4:48:b1:ac:5b:b0:b9:28:63: 69:7e:ad:de:b1:05:b3:a7:ef:32:c0:df:70:56:41: 12:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:8D:5E:62:59:76:4B:E2:43:ED:5B:44:E3:AF:09:B1:DA:E1:1E:FE X509v3 Authority Key Identifier: keyid:DF:EC:AD:56:EA:AE:12:35:FA:78:8E:4E:AD:39:22:C2:96:E2:83:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-ytVuquEjX6eI5OrTkiwpbig6U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/d67087-765b-46eb-808c-677bab613aff/1/3-ytVuquEjX6eI5OrTkiwpbig6U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:3d:85:71:a5:d6:d7:ad:2c:bd:7b:e4:3a:2a:8c:49:b9:35: fe:a8:62:63:b8:1f:53:78:0d:36:01:34:8b:06:08:5b:2f:f4: 93:1a:82:f3:2b:d1:88:b1:e7:03:3d:da:a4:47:0c:d1:a6:60: 18:f7:d3:a7:9d:7a:48:b4:2b:fa:30:fd:cb:87:8c:3e:da:ea: b5:34:6b:cf:82:d0:51:af:4e:38:21:b0:71:97:6f:81:10:f3: 23:b1:3a:cf:f2:b6:6d:2a:85:84:c7:43:db:03:46:22:86:70: e3:24:c7:44:83:c5:7b:9c:b8:a2:31:b7:ec:c5:68:a8:87:99: bc:9e:ac:cc:2e:8f:71:c2:f6:05:4a:a9:6b:32:27:50:15:fb: a4:25:cb:e0:8c:69:31:da:b3:f2:e8:a3:ca:38:97:9b:c2:93: 16:52:49:e3:88:2b:d5:1d:c2:15:ec:84:6c:03:55:c1:a8:cd: 1b:97:f7:77:fc:00:4a:79:cf:bd:43:65:c9:3c:10:4b:4c:ce: 50:83:a3:8c:02:00:fc:a1:a0:bb:ec:32:5d:6a:a4:c1:cf:35: 0b:a6:08:f4:ee:dd:5c:4d:1a:52:93:43:0d:6f:03:ff:29:25: 75:29:b6:6e:2d:97:ab:f5:fb:b6:96:34:66:90:a7:c6:b2:64: 29:51:e5:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZAS0HbAIxzD5FJx/nz+aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWNhZDU2ZWFhZTEyMzVmYTc4OGU0ZWFkMzkyMmMyOTZl MjgzYTUwHhcNMjUxMjA2MDIwMDU1WhcNMjUxMjA3MDIwMDU1WjAzMTEwLwYDVQQD EygwMThkNWU2MjU5NzY0YmUyNDNlZDViNDRlM2FmMDliMWRhZTExZWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s/gPrm0kZDfR5BEx1J23WgKeA5R Fl0jqUXkQCBeRfJtnGzmnzLOI3CdLU8Gn2eEfL4C5t0B+8zIqxBqV1UkaeNBz1AF SIu2fbXPopItNbma9TwxA9ydq+etkew1S7Pg7TO3tuZs26TPKXmGzSgCod/y4Cbe QnPeJfRIvixMc7fkWdA1O+mpdvkUogeSJtV8VrnkTwlDV+IMpJJPg9cXfBTEuWkw L1xq1+zP1H6G6EKYVkRl/h3C6SbBnzXSN5N2l73Gb3RQ6gNbe8U84vfsKJgUMQot tSRzsZbY7WnLz7wYtCZef7u0SLGsW7C5KGNpfq3esQWzp+8ywN9wVkES2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAGNXmJZdkviQ+1bROOvCbHa4R7+MB8GA1UdIwQY MBaAFN/srVbqrhI1+niOTq05IsKW4oOlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMt Njc3YmFiNjEzYWZmLzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9kNjcwODctNzY1Yi00NmViLTgwOGMtNjc3YmFiNjEzYWZm LzEvMy15dFZ1cXVFalg2ZUk1T3JUa2l3cGJpZzZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATz2FcaXW 160svXvkOiqMSbk1/qhiY7gfU3gNNgE0iwYIWy/0kxqC8yvRiLHnAz3apEcM0aZg GPfTp516SLQr+jD9y4eMPtrqtTRrz4LQUa9OOCGwcZdvgRDzI7E6z/K2bSqFhMdD 2wNGIoZw4yTHRIPFe5y4ojG37MVoqIeZvJ6szC6PccL2BUqpazInUBX7pCXL4Ixp Mdqz8uijyjiXm8KTFlJJ44gr1R3CFeyEbANVwajNG5f3d/wASnnPvUNlyTwQS0zO UIOjjAIA/KGgu+wyXWqkwc81C6YI9O7dXE0aUpNDDW8D/ykldSm2bi2Xq/X7tpY0 ZpCnxrJkKVHl/Q== -----END CERTIFICATE-----Generated at Sat Dec 6 12:22:21 2025 by rpki-client