This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft File: 3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json) Hash identifier: Av9T1Dfe+gkRSyg/f8jBInJEGq2g1vNhp3BthpG7Xgw= Subject key identifier: C2:A8:1D:24:6E:F0:D3:FC:0A:E3:BA:D9:80:E2:DD:E4:19:C7:09:38 Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1 Certificate issuer: /CN=dc4be25375942276b2644097dc3d5a875afb8af1 Certificate serial: 019AF12D4AA9CC5E8600B9ACF15BC81B7010 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft Manifest number: 0A15 Signing time: Sat 06 Dec 2025 01:01:08 +0000 Manifest this update: Sat 06 Dec 2025 01:01:08 +0000 Manifest next update: Sun 07 Dec 2025 01:01:08 +0000 Files and hashes: 1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: Te+V9dsvXGzjULr+ez2F5Lzo03k8Y7Tif5fQha9jjdY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:4a:a9:cc:5e:86:00:b9:ac:f1:5b:c8:1b:70:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1 Validity Not Before: Dec 6 01:01:08 2025 GMT Not After : Dec 7 01:01:08 2025 GMT Subject: CN=c2a81d246ef0d3fc0ae3bad980e2dde419c70938 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fd:7c:eb:28:14:33:00:d9:71:d2:e1:cd:64: c1:19:1b:9a:5c:ff:8e:c3:85:f9:7d:ab:52:e9:11: b1:ea:03:cb:89:29:dc:13:e7:da:2c:6e:ee:39:b0: 99:5c:5f:ff:8e:40:5f:54:1c:55:8a:15:68:73:43: 09:9c:20:d6:77:93:ce:bb:d3:62:fe:51:72:29:17: 60:3a:6c:65:a6:49:a3:9c:99:68:e1:6c:88:5b:ae: ba:10:a0:9a:c1:59:e5:35:00:f5:7e:54:15:a6:f5: d1:fa:06:a5:2f:cf:85:c1:12:03:43:f0:bd:a2:ed: 17:72:a7:e2:fb:ee:fc:e6:75:42:3f:ec:09:f5:24: 95:d4:98:e3:4a:a8:86:1e:89:f4:2b:3f:11:10:0a: 3b:00:19:24:67:3e:a2:e4:89:1f:da:e9:3a:26:11: 8a:f2:31:b5:f6:6f:a1:ae:ab:09:90:8f:e1:51:59: 20:01:74:dc:69:ea:2b:4c:dc:d1:cf:8c:96:b4:0a: f2:5f:8e:44:07:a5:db:74:1f:e7:39:5e:13:c7:c6: 96:8f:53:55:67:02:de:ae:13:bb:fd:0a:49:44:b9: 44:7b:0e:b4:51:ae:b9:e8:da:ec:69:91:6c:09:f1: ca:12:c0:eb:e9:c0:a7:b7:06:d4:ed:1b:a5:20:c3: 94:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:A8:1D:24:6E:F0:D3:FC:0A:E3:BA:D9:80:E2:DD:E4:19:C7:09:38 X509v3 Authority Key Identifier: keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:db:0f:ba:fb:1b:33:62:c7:98:29:f8:83:b4:3e:ad:bf:21: 54:7e:3f:e5:92:4e:33:51:f4:74:33:6a:76:18:a9:f8:40:6d: 8b:d0:fb:97:43:b4:31:f9:9a:4b:a6:b3:33:c1:50:27:96:c4: 88:de:ba:c8:f1:ff:f3:12:f3:64:96:26:42:57:a5:b8:34:48: cf:13:df:78:fb:dd:46:a0:2b:87:5a:9f:5a:d3:df:e9:01:6a: 6c:29:d1:f8:55:f6:39:f1:00:7b:ab:92:a1:22:49:44:62:87: b0:3b:50:42:09:3b:a4:09:b8:36:d5:c6:37:5d:a4:f9:f0:d0: 68:13:3c:35:e5:33:dd:3e:4c:71:a5:08:62:ca:54:95:8e:23: 9c:3f:de:61:9b:2e:ab:00:47:dd:66:d6:48:dc:f2:fe:64:7c: 55:13:fa:90:f5:52:6c:01:f8:01:ef:dd:0f:1e:3a:54:e1:67: 63:ad:3a:f9:ea:97:ec:0a:66:ab:40:94:b4:79:e6:db:a7:d9: 39:aa:da:71:4c:55:74:79:de:97:8b:e8:8a:67:0e:02:3c:f6: 7e:a8:23:d3:ca:0f:99:6c:ce:10:09:49:2f:af:de:ec:03:61: f5:4f:42:ac:62:88:57:5a:f9:75:d2:19:37:36:6b:57:38:bd: ba:39:46:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLUqpzF6GALms8VvIG3AQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm YjhhZjEwHhcNMjUxMjA2MDEwMTA4WhcNMjUxMjA3MDEwMTA4WjAzMTEwLwYDVQQD EyhjMmE4MWQyNDZlZjBkM2ZjMGFlM2JhZDk4MGUyZGRlNDE5YzcwOTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/186ygUMwDZcdLhzWTBGRuaXP+O w4X5fatS6RGx6gPLiSncE+faLG7uObCZXF//jkBfVBxVihVoc0MJnCDWd5POu9Ni /lFyKRdgOmxlpkmjnJlo4WyIW666EKCawVnlNQD1flQVpvXR+galL8+FwRIDQ/C9 ou0Xcqfi++785nVCP+wJ9SSV1JjjSqiGHon0Kz8REAo7ABkkZz6i5Ikf2uk6JhGK 8jG19m+hrqsJkI/hUVkgAXTcaeorTNzRz4yWtAryX45EB6XbdB/nOV4Tx8aWj1NV ZwLerhO7/QpJRLlEew60Ua656NrsaZFsCfHKEsDr6cCntwbU7RulIMOU/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMKoHSRu8NP8CuO62YDi3eQZxwk4MB8GA1UdIwQY MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHtsPuvsb M2LHmCn4g7Q+rb8hVH4/5ZJOM1H0dDNqdhip+EBti9D7l0O0MfmaS6azM8FQJ5bE iN66yPH/8xLzZJYmQleluDRIzxPfePvdRqArh1qfWtPf6QFqbCnR+FX2OfEAe6uS oSJJRGKHsDtQQgk7pAm4NtXGN12k+fDQaBM8NeUz3T5McaUIYspUlY4jnD/eYZsu qwBH3WbWSNzy/mR8VRP6kPVSbAH4Ae/dDx46VOFnY606+eqX7Apmq0CUtHnm26fZ OaracUxVdHnel4voimcOAjz2fqgj08oPmWzOEAlJL6/e7ANh9U9CrGKIV1r5ddIZ NzZrVzi9ujlGJA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:55 2025 by rpki-client