This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft File: 3frtS0AyNuLKi-twkcug4GpUPQo.mft (raw, json) Hash identifier: 6+KRrSoS0+i/fIS+WDW9eqSJueWAtFlmLiwP/PbgBdw= Subject key identifier: 52:05:5B:88:90:46:99:EA:21:61:E3:1D:70:D8:C9:50:4E:BF:DE:83 Authority key identifier: DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A Certificate issuer: /CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a Certificate serial: 019AF31BF36783DB7C565D8924BC6C0274CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft Manifest number: 02A5 Signing time: Sat 06 Dec 2025 10:01:26 +0000 Manifest this update: Sat 06 Dec 2025 10:01:26 +0000 Manifest next update: Sun 07 Dec 2025 10:01:26 +0000 Files and hashes: 1: 3frtS0AyNuLKi-twkcug4GpUPQo.crl (hash: WDiOTNYSBoM/rMalgGO6J5DbBa7tDuY71mT+f/tOtlU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:f3:67:83:db:7c:56:5d:89:24:bc:6c:02:74:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddfaed4b403236e2ca8beb7091cba0e06a543d0a Validity Not Before: Dec 6 10:01:26 2025 GMT Not After : Dec 7 10:01:26 2025 GMT Subject: CN=52055b88904699ea2161e31d70d8c9504ebfde83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:4b:ac:ee:22:3d:b6:c6:95:19:2d:98:47:76: c9:24:85:a0:9b:89:b7:7c:c6:9d:19:0d:20:8f:b5: 67:02:b5:f3:d0:9c:9f:31:fc:ea:5a:27:24:6d:70: d2:75:be:44:08:59:7b:48:6b:c2:28:db:cf:81:1a: 69:1f:3d:69:59:de:44:6c:68:c7:81:4e:4e:3c:31: 22:1e:94:47:18:0d:4f:23:77:3e:3f:b0:9e:9f:cc: c3:e7:81:f6:77:50:f9:74:d7:f9:eb:fe:37:20:9c: af:42:ef:25:84:7d:29:9e:f3:9f:d4:a4:70:5b:54: 27:cd:7f:14:f4:f3:cf:25:13:44:26:63:de:6f:9a: 75:4b:f2:2b:62:27:f7:d3:85:92:dc:66:ab:af:e8: dd:16:18:b2:10:95:39:f7:5a:33:c5:4d:b6:49:8b: 00:06:38:cf:65:25:b8:0e:a1:fc:59:44:81:e4:89: b9:1e:d3:8f:b8:49:4f:f0:8d:63:4b:7f:33:59:71: 04:03:ec:f6:a2:a0:88:f9:e1:d2:51:7e:36:3e:a5: 6d:ce:6c:25:d1:13:e1:a2:21:33:41:bc:63:23:e8: 52:de:53:ab:58:de:89:2e:69:1a:68:31:1a:6e:1e: b5:d3:96:40:22:77:ce:f8:3b:08:16:d2:ca:6d:da: fa:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:05:5B:88:90:46:99:EA:21:61:E3:1D:70:D8:C9:50:4E:BF:DE:83 X509v3 Authority Key Identifier: keyid:DD:FA:ED:4B:40:32:36:E2:CA:8B:EB:70:91:CB:A0:E0:6A:54:3D:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3frtS0AyNuLKi-twkcug4GpUPQo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c56917-2cc3-4067-850a-b937d1205ab1/1/3frtS0AyNuLKi-twkcug4GpUPQo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:37:20:50:41:a0:bc:19:c2:85:c9:79:5c:1d:f9:97:6b:94: e9:7e:d9:69:27:df:6a:0e:af:e7:3b:78:ba:1d:44:2f:28:54: 81:e4:f4:d8:f4:1d:4c:b7:87:ea:f5:53:d5:97:6a:63:f2:f9: 57:ba:61:f3:51:3c:0f:26:a3:06:28:40:b2:30:37:94:5c:7c: 10:3c:47:ec:13:64:b6:6b:4b:05:61:71:57:75:eb:71:f4:66: 9a:9d:0a:37:13:d2:04:12:95:fc:a6:da:2c:44:3a:34:f3:42: 0d:ce:90:80:42:14:9c:2c:2e:bd:04:18:f4:8e:5e:80:9a:f5: 28:d6:d6:42:19:ce:ac:c4:3d:15:ae:17:e8:4e:ab:c0:0a:21: bd:2c:52:a1:6d:f2:c6:11:95:69:e9:03:0f:3d:6d:cc:cb:b7: 14:30:01:f0:c6:b7:ce:7a:c5:3a:c6:b5:00:ae:be:4f:53:5d: 74:b5:d2:b6:f3:d3:61:14:e5:5f:75:bf:69:12:f5:14:a4:e1: c6:6e:6a:c2:e8:05:7d:7d:05:50:4c:f5:75:35:cf:93:98:ba: 85:26:e7:ad:4a:05:ac:6a:eb:d6:51:16:ba:5b:37:81:e1:b1: d5:b5:99:80:61:c0:05:31:8b:d2:81:47:6e:c4:72:d8:02:70: a2:bb:27:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG/Nng9t8Vl2JJLxsAnTLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkZmFlZDRiNDAzMjM2ZTJjYThiZWI3MDkxY2JhMGUwNmE1 NDNkMGEwHhcNMjUxMjA2MTAwMTI2WhcNMjUxMjA3MTAwMTI2WjAzMTEwLwYDVQQD Eyg1MjA1NWI4ODkwNDY5OWVhMjE2MWUzMWQ3MGQ4Yzk1MDRlYmZkZTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0us7iI9tsaVGS2YR3bJJIWgm4m3 fMadGQ0gj7VnArXz0JyfMfzqWickbXDSdb5ECFl7SGvCKNvPgRppHz1pWd5EbGjH gU5OPDEiHpRHGA1PI3c+P7Cen8zD54H2d1D5dNf56/43IJyvQu8lhH0pnvOf1KRw W1QnzX8U9PPPJRNEJmPeb5p1S/IrYif304WS3Garr+jdFhiyEJU591ozxU22SYsA BjjPZSW4DqH8WUSB5Im5HtOPuElP8I1jS38zWXEEA+z2oqCI+eHSUX42PqVtzmwl 0RPhoiEzQbxjI+hS3lOrWN6JLmkaaDEabh6105ZAInfO+DsIFtLKbdr6UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFIFW4iQRpnqIWHjHXDYyVBOv96DMB8GA1UdIwQY MBaAFN367UtAMjbiyovrcJHLoOBqVD0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEt YjkzN2QxMjA1YWIxLzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9jNTY5MTctMmNjMy00MDY3LTg1MGEtYjkzN2QxMjA1YWIx LzEvM2ZydFMwQXlOdUxLaS10d2tjdWc0R3BVUFFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWzcgUEGg vBnChcl5XB35l2uU6X7ZaSffag6v5zt4uh1ELyhUgeT02PQdTLeH6vVT1ZdqY/L5 V7ph81E8DyajBihAsjA3lFx8EDxH7BNktmtLBWFxV3XrcfRmmp0KNxPSBBKV/Kba LEQ6NPNCDc6QgEIUnCwuvQQY9I5egJr1KNbWQhnOrMQ9Fa4X6E6rwAohvSxSoW3y xhGVaekDDz1tzMu3FDAB8Ma3znrFOsa1AK6+T1NddLXStvPTYRTlX3W/aRL1FKTh xm5qwugFfX0FUEz1dTXPk5i6hSbnrUoFrGrr1lEWuls3geGx1bWZgGHABTGL0oFH bsRy2AJworsnZg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:17:06 2025 by rpki-client