This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft File: 3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json) Hash identifier: XC8/2d/e4zw+TsPLFzy2BmaIWuMYBbB3PJ5Wqo+ormk= Subject key identifier: 80:71:AF:7E:EB:54:C5:9B:E0:A4:83:7A:3F:81:CA:1B:9B:10:00:7F Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F Certificate issuer: /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f Certificate serial: 019B48822800A60FE445A3B82F09D57ADFAA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft Manifest number: 149C Signing time: Tue 23 Dec 2025 00:00:48 +0000 Manifest this update: Tue 23 Dec 2025 00:00:48 +0000 Manifest next update: Wed 24 Dec 2025 00:00:48 +0000 Files and hashes: 1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: e0R+qVd4FwRrGphicgnMOZoJL6Pr2gSH8qP+EZYNL1k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:28:00:a6:0f:e4:45:a3:b8:2f:09:d5:7a:df:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f Validity Not Before: Dec 23 00:00:48 2025 GMT Not After : Dec 24 00:00:48 2025 GMT Subject: CN=8071af7eeb54c59be0a4837a3f81ca1b9b10007f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ff:f4:2b:49:fd:4f:ef:0d:0b:ee:c2:6f:e7: f3:da:94:f4:47:d9:6a:d8:07:67:55:f9:45:94:01: 74:7f:ed:7b:62:52:6e:39:9d:f5:3c:a5:e2:86:60: 95:ac:e0:98:11:e8:1d:da:a1:53:05:fd:22:68:4f: 18:ff:4b:76:6e:10:44:96:80:17:95:ca:8a:70:45: 98:ef:e8:d1:f4:14:14:14:fb:2d:11:cf:c5:b8:c4: 7b:21:d6:a3:f6:65:48:26:a5:af:9f:51:6f:69:36: b5:e8:c7:f9:f2:04:c8:3c:d7:e0:6b:48:bb:d4:f0: a3:2e:c2:5a:86:4d:a3:e6:55:5c:ab:49:e2:85:ee: 4b:ab:eb:a6:4b:66:21:05:cd:69:ad:d9:8d:a2:3f: 65:57:38:39:52:75:27:18:7d:d1:26:34:a7:76:13: 94:91:37:6a:2f:c6:a2:ac:23:c5:75:09:63:75:56: 7d:c5:e1:e8:cf:02:6f:66:09:dc:07:ff:0d:ad:85: 63:71:5a:1f:12:80:64:d4:93:ee:3f:ac:70:6d:d6: 57:a8:a8:be:14:79:5a:b3:66:78:21:81:97:0c:b4: 21:28:8c:18:a5:fb:cc:ec:00:a3:7e:81:5d:81:c3: 16:73:49:28:7b:48:9a:5e:4a:6e:3a:30:5e:f2:12: e3:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:71:AF:7E:EB:54:C5:9B:E0:A4:83:7A:3F:81:CA:1B:9B:10:00:7F X509v3 Authority Key Identifier: keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:31:48:f1:0b:48:f9:ca:1f:30:f5:0d:f3:08:ee:af:df:71: 7d:be:f1:f4:f1:08:37:c0:cb:fa:f0:a0:48:0f:5a:9a:85:40: 9c:0b:14:35:80:4f:af:83:ca:57:3c:a1:df:4b:7a:bb:f4:c6: ca:17:1f:3c:f1:7a:a5:f0:3d:45:00:f6:4d:35:08:ad:44:cc: e1:03:a2:3a:e4:12:b3:0b:5d:56:eb:7a:71:fd:86:0c:e6:bf: 7e:5b:bc:c3:43:40:69:53:41:36:45:e5:1f:e0:6a:5a:92:3e: a0:c3:62:80:22:40:0e:27:c0:96:9a:98:b1:95:4d:e9:51:53: de:63:13:d7:ba:c8:2c:05:61:b8:39:b2:4f:71:09:94:a0:04: 19:8c:f3:69:ef:f4:76:2c:ef:85:fd:2c:41:f4:3a:7a:63:4b: 33:70:c6:25:84:2e:d3:a3:a2:41:fc:2b:c6:85:8a:c9:9e:16: ce:0c:dc:9d:c7:d7:3b:1e:1b:a5:96:8b:a8:9c:10:23:d1:98: 4c:28:dd:3f:a1:d8:c7:b6:a4:a5:3c:d0:a7:7b:e9:d9:8f:db: f6:4d:16:80:20:64:6c:62:38:c4:24:67:12:95:f9:aa:8d:7d: 65:dc:79:07:f4:49:3d:12:64:a7:73:dd:ea:8b:f4:8c:d7:01: 47:ab:0f:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgigApg/kRaO4LwnVet+qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy OGFjNGYwHhcNMjUxMjIzMDAwMDQ4WhcNMjUxMjI0MDAwMDQ4WjAzMTEwLwYDVQQD Eyg4MDcxYWY3ZWViNTRjNTliZTBhNDgzN2EzZjgxY2ExYjliMTAwMDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxP/0K0n9T+8NC+7Cb+fz2pT0R9lq 2AdnVflFlAF0f+17YlJuOZ31PKXihmCVrOCYEegd2qFTBf0iaE8Y/0t2bhBEloAX lcqKcEWY7+jR9BQUFPstEc/FuMR7Idaj9mVIJqWvn1FvaTa16Mf58gTIPNfga0i7 1PCjLsJahk2j5lVcq0nihe5Lq+umS2YhBc1prdmNoj9lVzg5UnUnGH3RJjSndhOU kTdqL8airCPFdQljdVZ9xeHozwJvZgncB/8NrYVjcVofEoBk1JPuP6xwbdZXqKi+ FHlas2Z4IYGXDLQhKIwYpfvM7ACjfoFdgcMWc0koe0iaXkpuOjBe8hLjgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIBxr37rVMWb4KSDej+ByhubEAB/MB8GA1UdIwQY MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApDFI8QtI +cofMPUN8wjur99xfb7x9PEIN8DL+vCgSA9amoVAnAsUNYBPr4PKVzyh30t6u/TG yhcfPPF6pfA9RQD2TTUIrUTM4QOiOuQSswtdVut6cf2GDOa/flu8w0NAaVNBNkXl H+BqWpI+oMNigCJADifAlpqYsZVN6VFT3mMT17rILAVhuDmyT3EJlKAEGYzzae/0 dizvhf0sQfQ6emNLM3DGJYQu06OiQfwrxoWKyZ4WzgzcncfXOx4bpZaLqJwQI9GY TCjdP6HYx7akpTzQp3vp2Y/b9k0WgCBkbGI4xCRnEpX5qo19Zdx5B/RJPRJkp3Pd 6ov0jNcBR6sPmg== -----END CERTIFICATE-----Generated at Tue Dec 23 02:13:29 2025 by rpki-client