This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft File: 3hL5ZansM-LC6HthYb7vuL4obKM.mft (raw, json) Hash identifier: X1ZGOCrtDsrcFB6zy2LocjkyKYwT3MWtHIT+PLaMpCE= Subject key identifier: 06:90:3D:52:41:86:78:FF:C0:DC:4F:6F:77:BB:67:89:9C:24:C8:16 Authority key identifier: DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3 Certificate issuer: /CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3 Certificate serial: 019B5ABF170F907F6C758E01D5DB2AF7C2EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft Manifest number: 15BB Signing time: Fri 26 Dec 2025 13:00:31 +0000 Manifest this update: Fri 26 Dec 2025 13:00:31 +0000 Manifest next update: Sat 27 Dec 2025 13:00:31 +0000 Files and hashes: 1: 3hL5ZansM-LC6HthYb7vuL4obKM.crl (hash: eSO76GCfIr0+Wl9aL8yQQaDkAk8JwIPPJrXYZb7VZl0=) 2: WwmcE7wGl7pyI1JEZUrcMqc8ydE.roa (hash: eYdzJRuLYCeHIGBMM52itYWmfWw58ujov0m3EgFoPMo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:17:0f:90:7f:6c:75:8e:01:d5:db:2a:f7:c2:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de12f965a9ec33e2c2e87b6161beefb8be286ca3 Validity Not Before: Dec 26 13:00:31 2025 GMT Not After : Dec 27 13:00:31 2025 GMT Subject: CN=06903d52418678ffc0dc4f6f77bb67899c24c816 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:8d:56:ed:66:5d:6a:64:45:43:87:20:69:db: 59:82:0b:56:d4:d4:0e:eb:9b:95:85:63:8f:e0:ed: 1e:60:bc:00:85:18:88:58:4f:73:df:25:e8:4b:97: 78:b0:f0:a2:37:85:ee:8f:19:f8:f2:11:14:4f:d0: f7:2a:00:79:a9:66:e3:7d:02:e4:37:3f:2f:c5:3f: d6:0a:8f:fe:c6:5e:05:38:98:e8:51:68:b1:e2:cd: f5:a6:a2:1d:97:5b:bf:26:12:ec:03:f6:ab:ba:eb: f6:b2:80:de:58:db:c2:5b:34:55:76:6d:3d:8a:04: bc:c5:f8:b7:c0:cc:95:5c:61:60:87:4f:7a:78:09: 23:c8:92:03:40:b6:3f:44:e8:af:7a:ac:90:3f:5e: 86:fb:0d:cc:ca:8e:41:ab:7d:41:3a:73:19:1b:75: f5:d3:39:8d:44:17:8a:4c:bf:33:3e:44:2c:6c:60: 92:bd:90:28:06:6f:1b:a9:5c:87:07:f5:14:90:5c: de:52:4c:b6:fa:81:92:a1:39:8c:cb:7b:fd:37:ea: 8b:67:a2:b7:c5:30:12:90:50:0a:b9:ad:86:fb:43: 58:25:fa:5f:fb:0e:a2:16:96:b1:e0:17:78:a2:b2: 8f:da:0e:26:58:1c:57:c2:45:c0:3c:c5:7f:25:38: 0b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:90:3D:52:41:86:78:FF:C0:DC:4F:6F:77:BB:67:89:9C:24:C8:16 X509v3 Authority Key Identifier: keyid:DE:12:F9:65:A9:EC:33:E2:C2:E8:7B:61:61:BE:EF:B8:BE:28:6C:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hL5ZansM-LC6HthYb7vuL4obKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0f0373-db6d-4797-820d-b6d12ac66831/1/3hL5ZansM-LC6HthYb7vuL4obKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:f7:38:ef:be:89:44:b0:f8:46:79:a3:f4:50:7e:cc:36:b6: 27:c7:6f:a6:30:15:d3:16:e7:f6:8f:b9:bc:12:88:e4:b7:11: a6:84:68:58:bf:8c:cf:b7:6a:1b:e4:4e:45:21:9c:f0:b1:3f: ca:52:74:7b:bb:93:4a:ef:ee:7b:70:ea:f7:14:6b:1c:d7:59: 17:f6:fc:41:7e:e4:1b:b3:89:be:fe:b9:38:ab:0f:69:67:4e: ab:46:74:14:f1:4d:5b:3d:41:a7:be:8b:6b:57:fe:51:15:b3: 2e:89:72:39:61:ba:d4:14:14:78:31:f4:14:c3:72:70:4c:0e: 11:c7:e8:75:14:61:b9:53:63:e5:34:df:51:b4:b3:dc:70:17: ca:44:af:30:2b:ea:8c:48:dd:d2:0e:54:03:19:ea:e3:30:b6: f9:15:5e:d4:43:87:be:b2:d7:24:be:c1:90:d6:f7:e1:59:aa: 2f:b9:bb:4a:0c:cc:1e:5d:d7:c0:a4:31:83:ab:d2:5a:f8:7b: cf:79:4c:a3:73:3f:ef:54:fd:7e:84:5e:7a:ce:f9:66:35:fe: ce:7b:74:a2:fd:0b:7f:5a:ee:e5:a8:d5:0c:0c:d7:75:66:5a: 56:ca:4b:45:3d:3c:74:48:58:23:57:c5:5d:85:b2:ff:24:db: 1d:63:19:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtavxcPkH9sdY4B1dsq98LrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTJmOTY1YTllYzMzZTJjMmU4N2I2MTYxYmVlZmI4YmUy ODZjYTMwHhcNMjUxMjI2MTMwMDMxWhcNMjUxMjI3MTMwMDMxWjAzMTEwLwYDVQQD EygwNjkwM2Q1MjQxODY3OGZmYzBkYzRmNmY3N2JiNjc4OTljMjRjODE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr41W7WZdamRFQ4cgadtZggtW1NQO 65uVhWOP4O0eYLwAhRiIWE9z3yXoS5d4sPCiN4Xujxn48hEUT9D3KgB5qWbjfQLk Nz8vxT/WCo/+xl4FOJjoUWix4s31pqIdl1u/JhLsA/aruuv2soDeWNvCWzRVdm09 igS8xfi3wMyVXGFgh096eAkjyJIDQLY/ROiveqyQP16G+w3Myo5Bq31BOnMZG3X1 0zmNRBeKTL8zPkQsbGCSvZAoBm8bqVyHB/UUkFzeUky2+oGSoTmMy3v9N+qLZ6K3 xTASkFAKua2G+0NYJfpf+w6iFpax4Bd4orKP2g4mWBxXwkXAPMV/JTgLXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAaQPVJBhnj/wNxPb3e7Z4mcJMgWMB8GA1UdIwQY MBaAFN4S+WWp7DPiwuh7YWG+77i+KGyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQt YjZkMTJhYzY2ODMxLzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi8wZjAzNzMtZGI2ZC00Nzk3LTgyMGQtYjZkMTJhYzY2ODMx LzEvM2hMNVphbnNNLUxDNkh0aFliN3Z1TDRvYktNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfc4776J RLD4Rnmj9FB+zDa2J8dvpjAV0xbn9o+5vBKI5LcRpoRoWL+Mz7dqG+RORSGc8LE/ ylJ0e7uTSu/ue3Dq9xRrHNdZF/b8QX7kG7OJvv65OKsPaWdOq0Z0FPFNWz1Bp76L a1f+URWzLolyOWG61BQUeDH0FMNycEwOEcfodRRhuVNj5TTfUbSz3HAXykSvMCvq jEjd0g5UAxnq4zC2+RVe1EOHvrLXJL7BkNb34VmqL7m7SgzMHl3XwKQxg6vSWvh7 z3lMo3M/71T9foRees75ZjX+znt0ov0Lf1ru5ajVDAzXdWZaVspLRT08dEhYI1fF XYWy/yTbHWMZgA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:50 2025 by rpki-client