This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft File: MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json) Hash identifier: 0B2npXUOnA6HJfZvVLv3tYr6OSn+ph5Yn076sRWwqcs= Subject key identifier: 4E:03:54:E8:B6:12:2E:C9:97:0C:69:B7:D0:AB:39:5D:11:B2:99:1F Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E Certificate issuer: /CN=313dcd18712266504586976733ca1f92f6261f5e Certificate serial: 019B34C43F6B115A77F7F9B933C6B2249921 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft Manifest number: 15AF Signing time: Fri 19 Dec 2025 04:00:35 +0000 Manifest this update: Fri 19 Dec 2025 04:00:35 +0000 Manifest next update: Sat 20 Dec 2025 04:00:35 +0000 Files and hashes: 1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: /Ine+WnfuXqE0lR4PpB+785dsjZKSE9GUyvfill361o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:3f:6b:11:5a:77:f7:f9:b9:33:c6:b2:24:99:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e Validity Not Before: Dec 19 04:00:35 2025 GMT Not After : Dec 20 04:00:35 2025 GMT Subject: CN=4e0354e8b6122ec9970c69b7d0ab395d11b2991f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ed:bc:b8:c5:29:15:8e:04:74:67:5b:75:69: d7:62:39:63:a1:e0:a5:00:92:45:dc:b7:50:39:08: c9:47:82:cf:36:3d:8c:99:19:b0:82:c9:28:6e:a5: b7:00:44:63:43:78:aa:9d:10:b8:b4:36:b2:01:cb: 4d:d6:77:04:3c:5e:4e:fc:90:c1:66:62:4f:dd:23: d2:67:e3:32:de:35:99:da:2d:32:16:ec:3a:8f:78: 0e:f9:96:62:ad:10:e4:7b:78:fe:1e:21:ad:c2:ec: 29:30:af:b8:6e:b1:ca:22:c7:ce:d8:1b:bc:f2:ba: 08:67:e0:85:e7:f1:a4:03:eb:3e:2f:a0:3c:64:4f: ba:c6:08:4d:e2:bc:dd:87:3d:2d:f5:a2:e6:4b:b6: de:20:c1:85:75:9c:16:c0:9f:fb:a9:52:66:42:50: 7a:e6:dd:5a:43:d8:ed:e8:ef:73:6c:00:3e:15:d3: 15:9c:80:6b:ba:1e:b0:9c:4f:0f:66:4e:00:76:7e: b3:bc:3f:0c:d9:2c:2d:69:1e:b1:b8:46:c9:bd:65: 97:7f:b4:7e:4f:41:d5:3e:75:6e:0a:50:93:d6:0b: 5e:dc:d3:72:cf:42:bf:5c:fb:89:ca:2e:c6:b9:b7: 35:df:12:6e:38:ae:df:07:7b:75:09:42:c4:a9:32: e1:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:03:54:E8:B6:12:2E:C9:97:0C:69:B7:D0:AB:39:5D:11:B2:99:1F X509v3 Authority Key Identifier: keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:b4:f3:e7:fc:ef:f2:a4:00:6d:62:d1:7d:f6:6c:e6:83:9b: 1b:de:4a:08:17:df:af:9a:97:6a:bc:aa:b9:65:de:0b:ab:87: a9:8f:a8:cc:b7:41:ef:46:20:9f:c2:40:4c:96:64:fb:93:b0: 48:0f:fb:f6:75:fd:23:2c:42:1a:b3:2e:bc:be:88:93:d9:96: a5:88:29:ac:62:db:5f:70:52:31:c6:61:69:c3:8e:c8:8d:82: dd:34:83:c6:bd:5a:4b:98:c7:e1:9f:0a:74:cf:e4:37:a1:c4: 6b:f1:06:d7:6c:05:78:2e:f2:26:2c:4d:31:20:20:3e:26:32: d8:62:63:d5:99:bc:92:e4:58:f0:1d:96:1d:f7:88:dd:f0:13: 3a:3c:f5:5d:2f:12:c0:7d:d2:ed:49:96:2a:cb:3b:26:91:86: 15:39:43:f0:c2:4a:e3:19:ee:78:a2:ed:38:d4:ce:e6:1b:ef: a0:1c:18:81:ae:07:37:c5:cc:6c:7a:e0:0d:5a:22:1b:79:6c: 3a:cb:d5:43:0e:06:55:ba:a2:3d:48:b8:63:5c:7b:8e:2b:d9: dd:96:27:9d:34:5c:47:41:50:69:af:70:fd:e9:8d:65:d3:0a: 85:a0:c1:a1:63:36:b6:90:95:e4:ab:64:7b:b3:eb:b4:e6:98: 16:63:93:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xD9rEVp39/m5M8ayJJkhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy NjFmNWUwHhcNMjUxMjE5MDQwMDM1WhcNMjUxMjIwMDQwMDM1WjAzMTEwLwYDVQQD Eyg0ZTAzNTRlOGI2MTIyZWM5OTcwYzY5YjdkMGFiMzk1ZDExYjI5OTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+28uMUpFY4EdGdbdWnXYjljoeCl AJJF3LdQOQjJR4LPNj2MmRmwgskobqW3AERjQ3iqnRC4tDayActN1ncEPF5O/JDB ZmJP3SPSZ+My3jWZ2i0yFuw6j3gO+ZZirRDke3j+HiGtwuwpMK+4brHKIsfO2Bu8 8roIZ+CF5/GkA+s+L6A8ZE+6xghN4rzdhz0t9aLmS7beIMGFdZwWwJ/7qVJmQlB6 5t1aQ9jt6O9zbAA+FdMVnIBruh6wnE8PZk4Adn6zvD8M2SwtaR6xuEbJvWWXf7R+ T0HVPnVuClCT1gte3NNyz0K/XPuJyi7Gubc13xJuOK7fB3t1CULEqTLhIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE4DVOi2Ei7Jlwxpt9CrOV0RspkfMB8GA1UdIwQY MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE7Tz5/zv 8qQAbWLRffZs5oObG95KCBffr5qXaryquWXeC6uHqY+ozLdB70Ygn8JATJZk+5Ow SA/79nX9IyxCGrMuvL6Ik9mWpYgprGLbX3BSMcZhacOOyI2C3TSDxr1aS5jH4Z8K dM/kN6HEa/EG12wFeC7yJixNMSAgPiYy2GJj1Zm8kuRY8B2WHfeI3fATOjz1XS8S wH3S7UmWKss7JpGGFTlD8MJK4xnueKLtONTO5hvvoBwYga4HN8XMbHrgDVoiG3ls OsvVQw4GVbqiPUi4Y1x7jivZ3ZYnnTRcR0FQaa9w/emNZdMKhaDBoWM2tpCV5Ktk e7PrtOaYFmOT+g== -----END CERTIFICATE-----Generated at Fri Dec 19 07:58:42 2025 by rpki-client