This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft File: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json) Hash identifier: LhFOoJS6XSJoNMSIqImwlZjqFHAvXkI202byKcm/HXE= Subject key identifier: 79:89:2F:AF:47:49:B9:CE:34:36:C0:3E:B0:B7:EB:FF:60:85:96:62 Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 Certificate issuer: /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Certificate serial: 019B32D6546833FD5641605C571C950C7253 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft Manifest number: 08A9 Signing time: Thu 18 Dec 2025 19:01:05 +0000 Manifest this update: Thu 18 Dec 2025 19:01:05 +0000 Manifest next update: Fri 19 Dec 2025 19:01:05 +0000 Files and hashes: 1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: lSHNFAOHBnzo1v8v1HokgXJRmBMjq8/4ZkS7xzgkVgs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:54:68:33:fd:56:41:60:5c:57:1c:95:0c:72:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3 Validity Not Before: Dec 18 19:01:05 2025 GMT Not After : Dec 19 19:01:05 2025 GMT Subject: CN=79892faf4749b9ce3436c03eb0b7ebff60859662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b1:a9:71:72:9b:1a:16:14:78:5b:87:86:d0: 5c:03:78:1b:13:b4:20:9b:1a:59:81:85:a9:7a:30: 9c:ee:77:ab:6f:29:95:d2:3a:26:92:9a:22:18:18: b7:c9:7f:59:3b:e5:b7:bc:c6:fb:98:74:ff:0b:cd: 5c:a4:d9:9f:48:2e:d2:32:52:09:1f:7f:57:d9:00: 99:e0:f6:58:4f:ca:32:6c:f8:cc:67:87:91:bd:a6: 2f:90:c7:84:93:da:31:3a:d7:f9:7d:48:db:4a:61: 0b:46:41:69:5f:52:1a:1f:e4:c9:13:ee:45:4b:ca: 6e:31:a5:70:5a:fa:60:44:58:1d:d5:76:23:83:66: f4:5f:e4:33:91:ce:24:f6:54:24:77:54:44:ef:ea: bc:00:72:82:a9:fc:d3:6f:b1:76:e8:f0:0f:ff:40: 4d:cf:6a:84:04:6f:67:31:af:6e:4a:16:7d:33:76: a9:ad:f8:74:c3:24:e6:ae:90:59:13:62:91:91:e2: 21:1e:58:aa:6d:71:69:ba:6b:00:8f:67:a5:e8:c2: 50:cc:47:e1:25:1b:66:4b:e5:6a:00:13:8f:14:27: 07:fe:69:17:3d:4a:2f:96:14:82:52:52:13:04:0c: 23:ab:40:9e:10:0f:13:47:1b:72:c4:3d:94:cc:36: 0c:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:89:2F:AF:47:49:B9:CE:34:36:C0:3E:B0:B7:EB:FF:60:85:96:62 X509v3 Authority Key Identifier: keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:78:2f:0c:d2:32:f1:e3:0a:dc:80:4e:f1:b7:9b:58:aa:3e: 4b:6e:96:14:bf:87:e9:b5:13:b8:58:b6:49:b7:e2:83:b9:4c: f6:33:64:d5:82:4c:bb:4a:24:92:85:60:3d:dc:4c:c2:ec:dd: 0a:9a:b0:c0:56:df:62:ba:7d:39:62:c5:fe:c6:e3:00:13:e5: 40:0e:0b:66:47:0c:08:36:cc:3b:90:f0:b5:ae:a2:77:b9:59: 5b:53:ba:db:ac:2c:4c:9d:6a:72:b9:01:c9:e7:0a:e7:6f:8f: 3f:78:14:c6:8b:ba:33:15:71:d1:42:35:45:7f:26:a0:63:21: de:c5:6c:4b:86:f7:c3:49:40:e8:38:da:e7:15:5e:46:f6:3f: 5e:f6:69:bc:fd:f6:b2:b9:0e:1d:87:65:70:4a:04:a8:7c:83: 01:57:7f:a2:69:07:76:a2:5a:92:be:7e:24:05:85:9f:4f:43: 14:26:0f:a5:83:ca:2a:8e:86:f4:2e:d1:f6:fc:69:c8:3d:1f: 4d:c9:35:5d:e2:a2:d6:c2:a9:38:1a:84:f1:77:8c:73:4c:a6: ed:17:bc:f3:fd:b5:09:ed:21:c4:0c:87:c8:f2:ec:20:9d:c6: 8c:62:83:1b:71:4e:42:2a:17:61:10:29:08:2a:a3:76:af:80: 3f:f3:43:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1lRoM/1WQWBcVxyVDHJTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0 OTA3YjMwHhcNMjUxMjE4MTkwMTA1WhcNMjUxMjE5MTkwMTA1WjAzMTEwLwYDVQQD Eyg3OTg5MmZhZjQ3NDliOWNlMzQzNmMwM2ViMGI3ZWJmZjYwODU5NjYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybGpcXKbGhYUeFuHhtBcA3gbE7Qg mxpZgYWpejCc7nerbymV0jomkpoiGBi3yX9ZO+W3vMb7mHT/C81cpNmfSC7SMlIJ H39X2QCZ4PZYT8oybPjMZ4eRvaYvkMeEk9oxOtf5fUjbSmELRkFpX1IaH+TJE+5F S8puMaVwWvpgRFgd1XYjg2b0X+Qzkc4k9lQkd1RE7+q8AHKCqfzTb7F26PAP/0BN z2qEBG9nMa9uShZ9M3aprfh0wyTmrpBZE2KRkeIhHliqbXFpumsAj2el6MJQzEfh JRtmS+VqABOPFCcH/mkXPUovlhSCUlITBAwjq0CeEA8TRxtyxD2UzDYMvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHmJL69HSbnONDbAPrC36/9ghZZiMB8GA1UdIwQY MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIngvDNIy 8eMK3IBO8bebWKo+S26WFL+H6bUTuFi2Sbfig7lM9jNk1YJMu0okkoVgPdxMwuzd CpqwwFbfYrp9OWLF/sbjABPlQA4LZkcMCDbMO5Dwta6id7lZW1O626wsTJ1qcrkB yecK52+PP3gUxou6MxVx0UI1RX8moGMh3sVsS4b3w0lA6Dja5xVeRvY/XvZpvP32 srkOHYdlcEoEqHyDAVd/omkHdqJakr5+JAWFn09DFCYPpYPKKo6G9C7R9vxpyD0f Tck1XeKi1sKpOBqE8XeMc0ym7Re88/21Ce0hxAyHyPLsIJ3GjGKDG3FOQioXYRAp CCqjdq+AP/NDwA== -----END CERTIFICATE-----Generated at Thu Dec 18 23:33:08 2025 by rpki-client