This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft File: 3r5RfnR14XwGlkORD9b3ezF7hTg.mft (raw, json) Hash identifier: fzBYUc4ifc/JKFHkN5O+m3+6kGB7BbQ9whhWUZhGpkw= Subject key identifier: 08:42:BA:7F:47:47:43:5E:21:F0:B8:BF:6C:F6:87:0A:29:74:69:31 Authority key identifier: DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38 Certificate issuer: /CN=debe517e7475e17c069643910fd6f77b317b8538 Certificate serial: 019B435BE7256F89EDB4224E68EB2F717F55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft Manifest number: 0A1F Signing time: Mon 22 Dec 2025 00:00:54 +0000 Manifest this update: Mon 22 Dec 2025 00:00:54 +0000 Manifest next update: Tue 23 Dec 2025 00:00:54 +0000 Files and hashes: 1: 3r5RfnR14XwGlkORD9b3ezF7hTg.crl (hash: RYxDXkbdtFXts5lybcTEIBpSuE6B+t0gxrGLkyu/8M8=) 2: ij43C7xr8xTz-pjXAc9irjAaFXA.roa (hash: TchsYLXYDpTrG6rR/zLX/7ji8qJkl2gfrI50UG67KC4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:5b:e7:25:6f:89:ed:b4:22:4e:68:eb:2f:71:7f:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=debe517e7475e17c069643910fd6f77b317b8538 Validity Not Before: Dec 22 00:00:54 2025 GMT Not After : Dec 23 00:00:54 2025 GMT Subject: CN=0842ba7f4747435e21f0b8bf6cf6870a29746931 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a4:8b:34:47:5d:2d:ae:e0:43:a4:3f:58:76: 1d:cf:2d:61:ec:e1:5a:fb:4e:71:94:22:bb:b0:de: a3:e3:f7:f5:17:42:81:b4:6d:57:a0:52:b1:d3:3a: f9:d5:57:3f:ba:7d:42:74:84:d9:a8:7a:99:3e:bf: b9:93:94:67:31:3a:a0:d2:a5:2b:f7:fa:3e:d2:04: 64:7b:21:63:49:3e:de:ee:5c:a6:a6:77:21:c5:ce: 72:97:c9:f5:03:15:1c:34:85:e8:ad:66:22:4a:cc: ad:78:b9:17:4a:92:87:0f:d9:79:d8:e8:9b:11:b3: d3:41:85:ec:25:33:7c:94:c4:2b:4a:0d:31:f5:d1: a4:c2:6e:4b:dc:c8:92:a1:f8:27:52:31:cc:1c:f7: 12:a2:91:8d:9e:1d:11:58:17:8c:97:f3:c1:76:84: ee:f2:f4:95:2a:f6:20:e7:9e:73:ef:a3:08:b4:b9: 3d:65:75:26:96:8a:2b:0a:9c:a0:d7:c6:b4:f2:76: d4:73:33:d1:30:39:90:4f:64:27:b9:8a:1c:23:83: 0a:cc:d2:10:c0:7e:f4:02:29:3e:b1:18:4d:02:59: 24:65:cd:c2:cd:f8:b5:0f:58:35:9f:f6:83:7b:12: 36:5e:01:e8:74:3d:aa:ed:67:92:5d:4f:eb:32:23: 7c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:42:BA:7F:47:47:43:5E:21:F0:B8:BF:6C:F6:87:0A:29:74:69:31 X509v3 Authority Key Identifier: keyid:DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:b0:73:c3:e8:53:a8:03:b6:9d:83:82:94:ea:a8:16:2b:6b: ed:84:18:0a:76:f1:2b:8a:98:98:e2:bf:0c:f6:6a:7b:9a:09: bf:30:04:0d:2f:e4:92:ee:fb:30:36:87:82:13:be:28:0c:49: 95:39:d7:22:f8:c5:63:4a:e1:ca:9d:c9:86:cc:d2:c1:1c:e8: c8:86:07:d5:4f:10:eb:f0:9d:c7:46:2c:31:75:16:1f:8c:75: 37:c5:bc:c8:d7:37:c1:5e:c0:a2:bd:86:d8:89:4c:06:08:8f: a8:6d:59:ec:08:69:f1:36:1c:4c:ae:34:fe:94:36:c4:07:49: 2d:67:c4:f5:01:36:8c:b3:17:45:74:99:9c:37:5f:39:8a:e0: 35:13:5c:d1:aa:49:c4:3d:ee:6b:b4:d1:da:6b:22:df:60:90: 6b:e9:da:e7:0c:6a:b9:b9:d9:6f:bc:b0:58:ac:a3:77:b2:49: 77:8c:5c:c0:08:8b:34:34:a8:16:e6:6b:da:88:d0:4b:1d:98: 4d:e2:5f:d2:3b:c9:7b:aa:08:1e:0d:b3:a2:ac:12:a3:5a:ac: 9f:2a:83:ff:f2:fe:81:51:bd:f2:06:6e:30:5a:bb:f3:8c:bc: 2b:6b:d1:ff:44:9f:40:51:a3:3c:5e:48:fb:bb:72:67:32:ec: 00:6a:17:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDW+clb4nttCJOaOsvcX9VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlYmU1MTdlNzQ3NWUxN2MwNjk2NDM5MTBmZDZmNzdiMzE3 Yjg1MzgwHhcNMjUxMjIyMDAwMDU0WhcNMjUxMjIzMDAwMDU0WjAzMTEwLwYDVQQD EygwODQyYmE3ZjQ3NDc0MzVlMjFmMGI4YmY2Y2Y2ODcwYTI5NzQ2OTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqSLNEddLa7gQ6Q/WHYdzy1h7OFa +05xlCK7sN6j4/f1F0KBtG1XoFKx0zr51Vc/un1CdITZqHqZPr+5k5RnMTqg0qUr 9/o+0gRkeyFjST7e7lympnchxc5yl8n1AxUcNIXorWYiSsyteLkXSpKHD9l52Oib EbPTQYXsJTN8lMQrSg0x9dGkwm5L3MiSofgnUjHMHPcSopGNnh0RWBeMl/PBdoTu 8vSVKvYg555z76MItLk9ZXUmloorCpyg18a08nbUczPRMDmQT2QnuYocI4MKzNIQ wH70Aik+sRhNAlkkZc3Czfi1D1g1n/aDexI2XgHodD2q7WeSXU/rMiN87QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAhCun9HR0NeIfC4v2z2hwopdGkxMB8GA1UdIwQY MBaAFN6+UX50deF8BpZDkQ/W93sxe4U4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAt ODlmNWM0ZjMyOTcwLzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAtODlmNWM0ZjMyOTcw LzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA7Bzw+hT qAO2nYOClOqoFitr7YQYCnbxK4qYmOK/DPZqe5oJvzAEDS/kku77MDaHghO+KAxJ lTnXIvjFY0rhyp3JhszSwRzoyIYH1U8Q6/Cdx0YsMXUWH4x1N8W8yNc3wV7Aor2G 2IlMBgiPqG1Z7Ahp8TYcTK40/pQ2xAdJLWfE9QE2jLMXRXSZnDdfOYrgNRNc0apJ xD3ua7TR2msi32CQa+na5wxqubnZb7ywWKyjd7JJd4xcwAiLNDSoFuZr2ojQSx2Y TeJf0jvJe6oIHg2zoqwSo1qsnyqD//L+gVG98gZuMFq784y8K2vR/0SfQFGjPF5I +7tyZzLsAGoXOQ== -----END CERTIFICATE-----Generated at Mon Dec 22 07:20:33 2025 by rpki-client