This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft File: 3plxFn-T_DSzvEebsh_2LTvzyYQ.mft (raw, json) Hash identifier: ddPZDnb+XTryYaN59SihCyfXNTb3BkLG0zeTNZGyySA= Subject key identifier: CE:EC:64:93:14:B9:6D:09:33:F8:E1:61:94:B4:B2:B5:6F:9A:E1:20 Authority key identifier: DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84 Certificate issuer: /CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984 Certificate serial: 019B342008DF5F31E644E4987BCAB44E443A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft Manifest number: 0385 Signing time: Fri 19 Dec 2025 01:01:13 +0000 Manifest this update: Fri 19 Dec 2025 01:01:13 +0000 Manifest next update: Sat 20 Dec 2025 01:01:13 +0000 Files and hashes: 1: 3plxFn-T_DSzvEebsh_2LTvzyYQ.crl (hash: YbdcSCN02iAvexiW8Si+dwDe0As/TBGXi2FSWyUI7+4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:20:08:df:5f:31:e6:44:e4:98:7b:ca:b4:4e:44:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de9971167f93fc34b3bc479bb21ff62d3bf3c984 Validity Not Before: Dec 19 01:01:13 2025 GMT Not After : Dec 20 01:01:13 2025 GMT Subject: CN=ceec649314b96d0933f8e16194b4b2b56f9ae120 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f7:46:7c:d5:59:13:4d:54:db:44:a2:b2:b4: f3:9e:bf:1d:7d:a7:74:9e:b2:4e:71:80:45:4f:55: 1b:db:4c:f4:32:82:a8:45:b1:8a:1a:39:94:c4:4a: 77:4d:9f:47:01:a9:b1:06:1c:28:5e:59:a4:57:95: 98:a7:04:dc:c6:5b:9e:dd:8b:27:ae:60:b5:13:1c: 36:3b:cc:2f:3b:fc:6c:b2:37:99:de:e1:7d:d6:48: 89:aa:33:8e:b2:3c:24:16:5c:90:bb:7e:8c:3d:73: b3:85:43:c0:5e:3f:26:45:0c:c6:e7:75:26:e6:e4: 2b:f9:93:b9:c4:7a:83:68:2d:36:4b:40:6a:8a:b3: 9e:6a:54:26:62:3c:b1:f5:24:8c:76:21:f0:96:02: cb:be:e1:24:b7:5d:9c:96:99:30:fd:b6:2c:5c:f2: 71:ba:92:51:de:4e:17:c4:95:f8:21:f7:d0:11:24: b4:b4:86:aa:c6:ba:24:e7:35:79:38:fb:75:47:60: 3f:05:09:c6:e8:42:f9:5a:33:77:5c:35:77:43:db: 47:b6:4c:04:78:61:85:1b:c3:8d:59:8f:1b:40:07: c9:39:29:36:32:40:c3:40:3a:83:51:72:a4:2e:b8: a2:b9:99:d9:70:db:43:2b:35:b9:59:5d:e1:05:0a: fe:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:EC:64:93:14:B9:6D:09:33:F8:E1:61:94:B4:B2:B5:6F:9A:E1:20 X509v3 Authority Key Identifier: keyid:DE:99:71:16:7F:93:FC:34:B3:BC:47:9B:B2:1F:F6:2D:3B:F3:C9:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3plxFn-T_DSzvEebsh_2LTvzyYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9be40-cd42-4a6c-9d4e-1dfbd1efd5d4/1/3plxFn-T_DSzvEebsh_2LTvzyYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:03:9f:4d:fd:69:00:cc:d9:13:b6:98:81:41:2a:90:b0:03: 09:43:5a:1c:73:a6:69:85:b1:b5:1e:c9:3d:bf:43:d4:dc:01: 2a:dc:1a:29:db:5f:2b:ba:27:40:15:e9:15:d0:81:1a:ba:f3: 39:f8:d4:5d:08:5b:70:fd:fd:47:60:bd:17:d2:60:3c:2f:58: fa:5a:d8:fc:06:eb:a1:6b:4c:6d:63:0f:ca:f6:5e:59:75:5a: 84:6e:30:12:ea:a3:85:4f:d1:c0:e0:c2:cf:3a:48:7a:40:ef: a3:ac:0b:c2:e3:1a:78:d6:a9:b9:59:75:24:14:b6:ed:6c:75: 41:99:99:32:f5:cb:fe:42:64:c5:43:58:29:17:84:d9:17:08: 0b:02:4b:15:12:90:ad:01:11:95:81:2e:3a:5d:e4:6a:e7:e7: f8:8b:f2:f6:f4:05:84:74:31:29:ae:00:e0:b6:8f:72:55:63: e7:b3:69:db:d3:bb:a8:45:cd:b0:ba:84:24:ea:12:b7:71:6f: 2a:08:b9:21:59:df:8f:05:e4:6a:7c:58:87:19:bb:e5:9c:72: b8:a2:ba:1f:9a:64:fd:11:44:fe:cc:f2:0c:e1:1d:ca:4c:f3: a8:f6:ff:a3:0b:51:f1:b6:61:c0:98:5f:09:50:c5:b2:aa:9e: 25:cd:a1:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0IAjfXzHmROSYe8q0TkQ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlOTk3MTE2N2Y5M2ZjMzRiM2JjNDc5YmIyMWZmNjJkM2Jm M2M5ODQwHhcNMjUxMjE5MDEwMTEzWhcNMjUxMjIwMDEwMTEzWjAzMTEwLwYDVQQD EyhjZWVjNjQ5MzE0Yjk2ZDA5MzNmOGUxNjE5NGI0YjJiNTZmOWFlMTIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPdGfNVZE01U20SisrTznr8dfad0 nrJOcYBFT1Ub20z0MoKoRbGKGjmUxEp3TZ9HAamxBhwoXlmkV5WYpwTcxlue3Ysn rmC1Exw2O8wvO/xssjeZ3uF91kiJqjOOsjwkFlyQu36MPXOzhUPAXj8mRQzG53Um 5uQr+ZO5xHqDaC02S0BqirOealQmYjyx9SSMdiHwlgLLvuEkt12clpkw/bYsXPJx upJR3k4XxJX4IffQESS0tIaqxrok5zV5OPt1R2A/BQnG6EL5WjN3XDV3Q9tHtkwE eGGFG8ONWY8bQAfJOSk2MkDDQDqDUXKkLriiuZnZcNtDKzW5WV3hBQr+1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM7sZJMUuW0JM/jhYZS0srVvmuEgMB8GA1UdIwQY MBaAFN6ZcRZ/k/w0s7xHm7If9i0788mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUt MWRmYmQxZWZkNWQ0LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9kOWJlNDAtY2Q0Mi00YTZjLTlkNGUtMWRmYmQxZWZkNWQ0 LzEvM3BseEZuLVRfRFN6dkVlYnNoXzJMVHZ6eVlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeAOfTf1p AMzZE7aYgUEqkLADCUNaHHOmaYWxtR7JPb9D1NwBKtwaKdtfK7onQBXpFdCBGrrz OfjUXQhbcP39R2C9F9JgPC9Y+lrY/AbroWtMbWMPyvZeWXVahG4wEuqjhU/RwODC zzpIekDvo6wLwuMaeNapuVl1JBS27Wx1QZmZMvXL/kJkxUNYKReE2RcICwJLFRKQ rQERlYEuOl3kaufn+Ivy9vQFhHQxKa4A4LaPclVj57Np29O7qEXNsLqEJOoSt3Fv Kgi5IVnfjwXkanxYhxm75ZxyuKK6H5pk/RFE/szyDOEdykzzqPb/owtR8bZhwJhf CVDFsqqeJc2how== -----END CERTIFICATE-----Generated at Fri Dec 19 06:45:14 2025 by rpki-client