This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft (raw, json) Hash identifier: eDS8lDtNAtGt0Pzb91vTJI0+chDaC4NPkrwFxq2ufZw= Subject key identifier: AD:6A:71:FD:7B:41:12:D6:2A:80:DB:D7:C8:B2:21:74:62:FF:E5:39 Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B Certificate issuer: /CN=dea85f21668a98d7e81a74183f0cce513086601b Certificate serial: 019B1BA935E347E4812168A3CDA2175A3FF2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft Manifest number: 070A Signing time: Sun 14 Dec 2025 07:00:32 +0000 Manifest this update: Sun 14 Dec 2025 07:00:32 +0000 Manifest next update: Mon 15 Dec 2025 07:00:32 +0000 Files and hashes: 1: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl (hash: QQ0a0Xlwxu8zYWsRxGEL/Rb/lMlSktMds4TIqHuezi8=) 2: Vnw9H8iqt-gts3LY3CEVf7p6PaE.roa (hash: s2vDBc3kUppwqWxQSMIljxY/yV7+Xm77EH+5A9yGbgM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:a9:35:e3:47:e4:81:21:68:a3:cd:a2:17:5a:3f:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b Validity Not Before: Dec 14 07:00:32 2025 GMT Not After : Dec 15 07:00:32 2025 GMT Subject: CN=ad6a71fd7b4112d62a80dbd7c8b2217462ffe539 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a1:88:1c:bb:c8:12:bb:c8:e9:a8:8d:23:a4: d3:3a:2b:d1:25:84:cf:c6:ec:94:63:44:34:b3:e4: 58:0e:57:d9:72:18:0c:42:36:de:69:9a:01:f9:7d: 73:c2:c5:47:0d:03:54:4b:69:8c:c0:2d:62:c9:0c: be:f0:88:00:a0:2f:e1:8b:dc:1e:a2:11:5f:7c:35: 1f:d3:fd:66:d8:de:9f:34:6d:9c:b1:4e:da:16:6a: 02:d5:c0:1b:e6:01:7f:02:ec:12:a1:c2:f3:6a:d9: 65:90:d9:ed:32:2e:b8:4b:7b:52:ba:70:44:ae:12: b9:9d:2b:48:5c:26:62:6c:8c:0f:67:0d:fc:51:55: 4c:88:ce:a5:b7:fb:b2:7f:99:ad:e4:73:69:ed:e2: e9:05:73:b8:89:1d:94:e1:2d:58:b2:6a:77:93:2a: f1:7e:76:6b:e3:cd:97:a4:c7:a8:cb:87:f3:dc:13: 26:dd:ec:eb:62:7c:d3:dd:cf:76:1e:38:06:25:0a: 7a:0b:af:7f:f2:a2:f6:59:7e:3d:4c:d2:62:ab:31: 75:5a:3b:78:54:d6:d2:0a:c2:8a:bf:4c:25:9c:e2: ad:38:52:32:05:ef:d6:9e:39:bf:6a:37:16:f7:51: 98:0d:47:08:37:fd:37:67:0e:3c:8d:31:7d:66:2f: dd:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6A:71:FD:7B:41:12:D6:2A:80:DB:D7:C8:B2:21:74:62:FF:E5:39 X509v3 Authority Key Identifier: keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:3e:c4:69:0e:25:7b:59:53:36:f2:f0:42:b9:92:01:07:b5: 19:41:a5:52:50:7e:df:e6:4d:18:e2:82:c5:a9:65:8e:9b:c5: a5:63:03:16:c5:c7:d4:b0:ab:9e:dc:41:2c:43:b5:bb:94:f6: 22:2d:fb:2d:a3:d0:91:c7:28:7c:dc:06:c7:ec:cf:f0:47:b3: 2f:9c:59:5d:da:e4:61:6f:60:2f:2b:00:72:f1:00:07:9d:f6: 36:30:15:dc:9e:59:6d:dd:71:40:bf:8a:e1:e5:7c:86:ce:8b: 7f:f2:be:62:df:bf:7e:d5:58:0d:58:5e:02:e9:f1:2f:f1:8c: af:da:3b:b8:c0:ea:38:8d:6f:54:db:4c:74:0e:2b:d4:30:31: 8f:75:c7:c1:d0:24:05:6c:4a:ec:93:57:08:32:1d:97:df:8b: 22:c1:b9:1f:96:e8:80:fb:b9:4d:8e:bc:61:f6:9d:82:7b:01: 62:34:dc:31:7b:52:9a:cf:c1:8b:1e:b8:68:20:a6:ba:be:7b: 03:d8:a6:aa:74:6d:eb:18:10:5f:ca:78:c3:8f:39:7f:1f:79: 28:e6:0c:76:05:48:ed:b3:f3:07:c0:2f:a0:70:e3:3f:6d:ca: 7d:08:80:0f:f5:bb:4a:31:0a:95:1c:3e:66:f9:16:dd:ba:7e: 0d:91:c9:fb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqTXjR+SBIWijzaIXWj/yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4 NjYwMWIwHhcNMjUxMjE0MDcwMDMyWhcNMjUxMjE1MDcwMDMyWjAzMTEwLwYDVQQD EyhhZDZhNzFmZDdiNDExMmQ2MmE4MGRiZDdjOGIyMjE3NDYyZmZlNTM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKGIHLvIErvI6aiNI6TTOivRJYTP xuyUY0Q0s+RYDlfZchgMQjbeaZoB+X1zwsVHDQNUS2mMwC1iyQy+8IgAoC/hi9we ohFffDUf0/1m2N6fNG2csU7aFmoC1cAb5gF/AuwSocLzatllkNntMi64S3tSunBE rhK5nStIXCZibIwPZw38UVVMiM6lt/uyf5mt5HNp7eLpBXO4iR2U4S1Ysmp3kyrx fnZr482XpMeoy4fz3BMm3ezrYnzT3c92HjgGJQp6C69/8qL2WX49TNJiqzF1Wjt4 VNbSCsKKv0wlnOKtOFIyBe/Wnjm/ajcW91GYDUcIN/03Zw48jTF9Zi/dEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK1qcf17QRLWKoDb18iyIXRi/+U5MB8GA1UdIwQY MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt NTJmOGZmMThkMDY5LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5 LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVj7EaQ4l e1lTNvLwQrmSAQe1GUGlUlB+3+ZNGOKCxalljpvFpWMDFsXH1LCrntxBLEO1u5T2 Ii37LaPQkccofNwGx+zP8EezL5xZXdrkYW9gLysAcvEAB532NjAV3J5Zbd1xQL+K 4eV8hs6Lf/K+Yt+/ftVYDVheAunxL/GMr9o7uMDqOI1vVNtMdA4r1DAxj3XHwdAk BWxK7JNXCDIdl9+LIsG5H5bogPu5TY68YfadgnsBYjTcMXtSms/Bix64aCCmur57 A9imqnRt6xgQX8p4w485fx95KOYMdgVI7bPzB8AvoHDjP23KfQiAD/W7SjEKlRw+ ZvkW3bp+DZHJ+w== -----END CERTIFICATE-----Generated at Sun Dec 14 15:01:21 2025 by rpki-client