This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft File: 3mshhKwi402MRNprhFSbunH9VT0.mft (raw, json) Hash identifier: oplUFXCWB9YXWnovtpf0+LNr8o1l92wAB+MRwTvvOCY= Subject key identifier: 34:1A:68:6D:4F:17:04:3A:13:D5:55:37:1F:BF:BD:AF:B7:55:46:CC Authority key identifier: DE:6B:21:84:AC:22:E3:4D:8C:44:DA:6B:84:54:9B:BA:71:FD:55:3D Certificate issuer: /CN=de6b2184ac22e34d8c44da6b84549bba71fd553d Certificate serial: 019B5AF672217F6C4D42341A72C7241D72F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft Manifest number: C2 Signing time: Fri 26 Dec 2025 14:00:58 +0000 Manifest this update: Fri 26 Dec 2025 14:00:58 +0000 Manifest next update: Sat 27 Dec 2025 14:00:58 +0000 Files and hashes: 1: 3mshhKwi402MRNprhFSbunH9VT0.crl (hash: gwMjmjH5XVqjsdO1RWv5soRSiiAHRrp2/+P7/ggzh64=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.crl rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:72:21:7f:6c:4d:42:34:1a:72:c7:24:1d:72:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de6b2184ac22e34d8c44da6b84549bba71fd553d Validity Not Before: Dec 26 14:00:58 2025 GMT Not After : Dec 27 14:00:58 2025 GMT Subject: CN=341a686d4f17043a13d555371fbfbdafb75546cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:13:75:ba:93:96:77:ec:e5:f8:2e:e9:50:05: 21:5b:fb:5e:12:b2:1e:63:39:bc:40:dd:20:1c:40: 7d:73:da:ab:0b:46:2a:0f:f1:b4:5d:0e:da:c2:b0: ae:d2:b4:d2:e9:22:0f:a2:ed:02:1e:08:b2:7f:e4: 4c:0d:3b:4c:04:c1:9d:13:58:fc:ef:b9:b1:7c:77: b5:3e:51:c6:c5:8c:ed:d6:f6:02:bc:de:0d:b5:8d: e5:b5:17:de:6b:c3:5c:f8:4f:19:d7:37:27:a0:62: 7d:e1:29:2a:e5:28:5d:b1:61:27:de:82:3e:57:62: 1d:da:d4:65:8b:36:1a:74:de:cb:d7:ff:9b:5c:36: a1:3f:cc:06:8c:4e:55:7d:82:9f:a5:cd:bd:ee:b1: 7b:72:d6:bf:3c:13:cc:5b:08:10:a7:36:b7:8a:87: 73:eb:d0:20:3b:ba:4a:ad:f7:83:fa:12:5c:5e:af: c1:d5:4a:df:c7:78:18:5b:81:0a:49:79:b3:db:ba: ad:62:2a:85:45:65:72:fb:e7:27:0a:11:3e:03:f3: f0:40:88:9f:66:c3:65:33:1b:f7:6c:7d:2e:76:12: b6:7a:f1:c9:ac:0c:b6:79:48:0f:fb:41:90:93:0a: 2a:ad:71:de:b5:0e:8b:b5:68:6c:88:00:b0:bc:01: 51:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:1A:68:6D:4F:17:04:3A:13:D5:55:37:1F:BF:BD:AF:B7:55:46:CC X509v3 Authority Key Identifier: keyid:DE:6B:21:84:AC:22:E3:4D:8C:44:DA:6B:84:54:9B:BA:71:FD:55:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mshhKwi402MRNprhFSbunH9VT0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0a86fc-de08-4234-a5c4-11650cdb9c91/1/3mshhKwi402MRNprhFSbunH9VT0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:e5:a5:34:b1:12:97:17:2d:90:c5:7b:6d:35:f3:c8:43:28: ba:ff:be:ab:79:5a:51:c0:55:c1:81:2a:4e:dc:61:6d:af:b9: 1d:b0:8d:db:14:7a:b8:6d:5d:59:c9:32:31:ce:81:20:4d:93: 9f:99:8a:b8:2c:34:5f:91:36:e8:4b:13:bb:30:7a:29:09:0a: cf:6d:9d:a7:d1:eb:e7:07:3f:43:eb:7d:3b:bc:b5:7a:7a:26: c6:c2:b8:fc:28:c6:46:fc:38:90:93:51:e2:98:cb:10:97:fc: e3:68:df:f4:22:21:b0:2f:ec:21:80:c9:5a:e6:39:3f:8f:39: f5:b1:c3:64:f0:56:c8:f2:83:cf:5a:88:ee:e2:c1:8c:f8:5d: c6:50:03:54:11:2b:8e:c5:75:2a:d6:48:58:fb:1f:0d:30:5c: 9b:7f:43:67:3b:8d:b9:da:73:4a:56:e7:98:86:a0:12:c4:c3: d8:70:c5:1b:68:fe:56:86:3c:ce:2f:14:a7:7b:24:a8:f2:84: d6:69:0e:5d:34:4a:24:b0:ab:95:a1:eb:85:6d:f2:f2:9e:ed: f2:79:22:4d:18:f0:bf:db:db:a8:ed:41:4f:ad:4c:80:95:35: 34:ee:ed:2f:c1:92:52:4a:ec:03:73:1a:cd:30:22:15:07:61: aa:a0:c5:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9nIhf2xNQjQacsckHXL5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNmIyMTg0YWMyMmUzNGQ4YzQ0ZGE2Yjg0NTQ5YmJhNzFm ZDU1M2QwHhcNMjUxMjI2MTQwMDU4WhcNMjUxMjI3MTQwMDU4WjAzMTEwLwYDVQQD EygzNDFhNjg2ZDRmMTcwNDNhMTNkNTU1MzcxZmJmYmRhZmI3NTU0NmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshN1upOWd+zl+C7pUAUhW/teErIe Yzm8QN0gHEB9c9qrC0YqD/G0XQ7awrCu0rTS6SIPou0CHgiyf+RMDTtMBMGdE1j8 77mxfHe1PlHGxYzt1vYCvN4NtY3ltRfea8Nc+E8Z1zcnoGJ94Skq5ShdsWEn3oI+ V2Id2tRlizYadN7L1/+bXDahP8wGjE5VfYKfpc297rF7cta/PBPMWwgQpza3iodz 69AgO7pKrfeD+hJcXq/B1Urfx3gYW4EKSXmz27qtYiqFRWVy++cnChE+A/PwQIif ZsNlMxv3bH0udhK2evHJrAy2eUgP+0GQkwoqrXHetQ6LtWhsiACwvAFRTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQaaG1PFwQ6E9VVNx+/va+3VUbMMB8GA1UdIwQY MBaAFN5rIYSsIuNNjETaa4RUm7px/VU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wYTg2ZmMtZGUwOC00MjM0LWE1YzQt MTE2NTBjZGI5YzkxLzEvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS8wYTg2ZmMtZGUwOC00MjM0LWE1YzQtMTE2NTBjZGI5Yzkx LzEvM21zaGhLd2k0MDJNUk5wcmhGU2J1bkg5VlQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeeWlNLES lxctkMV7bTXzyEMouv++q3laUcBVwYEqTtxhba+5HbCN2xR6uG1dWckyMc6BIE2T n5mKuCw0X5E26EsTuzB6KQkKz22dp9Hr5wc/Q+t9O7y1enomxsK4/CjGRvw4kJNR 4pjLEJf842jf9CIhsC/sIYDJWuY5P4859bHDZPBWyPKDz1qI7uLBjPhdxlADVBEr jsV1KtZIWPsfDTBcm39DZzuNudpzSlbnmIagEsTD2HDFG2j+VoY8zi8Up3skqPKE 1mkOXTRKJLCrlaHrhW3y8p7t8nkiTRjwv9vbqO1BT61MgJU1NO7tL8GSUkrsA3Ma zTAiFQdhqqDFpw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:45 2025 by rpki-client