This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft File: 3AOqmk_p1gxc-FOpJIIiafHMdFI.mft (raw, json) Hash identifier: lIFQ4zyAygLDPhn5aRPzvEq4Onxr33B73j3+9Alme3I= Subject key identifier: 3B:E9:82:44:37:BA:DB:80:FC:3D:C9:BE:A9:7B:BF:89:A5:74:F5:EF Authority key identifier: DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52 Certificate issuer: /CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452 Certificate serial: 019B1E739249FBA067D9CFDEF9674A65D5D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft Manifest number: 0D24 Signing time: Sun 14 Dec 2025 20:00:49 +0000 Manifest this update: Sun 14 Dec 2025 20:00:49 +0000 Manifest next update: Mon 15 Dec 2025 20:00:49 +0000 Files and hashes: 1: 3AOqmk_p1gxc-FOpJIIiafHMdFI.crl (hash: PY0oPdnSNjy7EBU3B0fXu9aIYf8z9RuGFAsUfljz72E=) 2: qHsLN52OLV40PkdsNg1LTDhrI1k.roa (hash: o2jlcmcZCFuQ0+N7Kss7ufNJs+2izJmB43Pkb+WDd2c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:73:92:49:fb:a0:67:d9:cf:de:f9:67:4a:65:d5:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc03aa9a4fe9d60c5cf853a924822269f1cc7452 Validity Not Before: Dec 14 20:00:49 2025 GMT Not After : Dec 15 20:00:49 2025 GMT Subject: CN=3be9824437badb80fc3dc9bea97bbf89a574f5ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:26:91:6c:e0:ec:d0:9d:dd:9d:27:f5:30:4b: 7f:44:69:3f:7f:34:0b:c1:5a:10:68:cd:e4:c8:6f: db:80:51:0a:cc:7d:4a:1a:df:0a:f3:5e:08:be:62: 73:4d:f5:ab:65:f0:01:52:8d:76:a6:19:b7:38:23: 9c:a5:3a:2d:19:dc:c7:68:34:8f:42:d7:a5:d7:5b: 31:9c:85:20:13:80:d8:4f:29:e0:6e:af:c2:22:fa: d2:38:0d:ee:f5:26:04:2f:93:09:7b:bc:de:ae:b8: 89:b2:5a:a8:fa:ca:71:2d:af:ca:04:41:31:da:1f: 02:ed:48:63:29:8e:a5:7b:32:32:2f:f5:85:98:4e: 64:36:a7:92:dc:65:03:5e:29:bf:7d:80:18:a8:e4: b3:b6:9f:0d:1a:1e:c0:40:02:48:09:c9:bb:aa:e9: ad:e8:d0:bb:f9:05:9a:7d:bf:9d:4d:01:92:a7:18: 5a:11:6e:ca:fc:73:8f:a6:31:90:68:38:03:ed:c5: ce:17:99:22:61:f0:e2:b1:69:d5:d1:0d:80:8e:32: 16:ec:af:ac:53:4a:ec:ff:e3:60:79:ce:0b:dd:f0: ae:74:38:ba:d5:45:a4:dc:54:38:37:7c:c2:21:79: 4a:87:9c:e9:e0:fe:b6:ce:81:ce:76:d9:97:60:53: 1b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:E9:82:44:37:BA:DB:80:FC:3D:C9:BE:A9:7B:BF:89:A5:74:F5:EF X509v3 Authority Key Identifier: keyid:DC:03:AA:9A:4F:E9:D6:0C:5C:F8:53:A9:24:82:22:69:F1:CC:74:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AOqmk_p1gxc-FOpJIIiafHMdFI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d84e1e-cc53-4cc2-aab9-1ca766fbeeba/1/3AOqmk_p1gxc-FOpJIIiafHMdFI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:14:3f:31:c7:53:11:29:b4:16:54:07:b4:0b:16:88:d1:c8: 22:d7:66:0e:99:6a:17:d3:39:39:00:27:f7:1c:aa:c7:69:26: a5:3d:55:67:ec:12:1c:76:02:ee:e3:74:2f:ac:dd:c2:b3:04: 77:6e:bf:79:42:30:f2:5f:ae:d2:12:98:ae:aa:6d:40:b3:f1: bb:6a:a4:4c:89:f2:3b:bd:37:65:83:20:34:92:62:2e:75:b4: 4c:8d:77:2e:0c:34:64:b3:f9:7a:c5:91:b2:f4:a0:e6:38:2d: de:6e:e8:97:53:5c:c9:65:37:46:db:20:dc:08:83:8e:82:6e: c3:f8:47:41:4c:18:3d:30:fc:5d:c1:3e:ad:1a:7b:10:f0:ae: 7c:cf:3b:ba:c9:1c:f7:3c:9b:ba:8f:df:36:e4:5c:46:2c:c5: 49:7a:44:18:a0:31:aa:6e:9e:55:08:b6:12:a2:3d:21:05:ad: 8c:f4:31:b2:60:00:eb:0b:31:74:37:46:62:b7:f4:80:69:c4: e8:10:c3:e7:61:33:cc:1d:bf:c2:bb:40:09:f5:6d:dc:2e:dc: 93:ec:d2:73:ce:82:68:43:cf:48:ef:a2:51:a8:1f:68:21:77: 65:c6:5c:8c:1b:91:1a:85:d2:c3:bc:5f:3e:db:b0:3a:c8:39: 1a:fa:08:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsec5JJ+6Bn2c/e+WdKZdXTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDNhYTlhNGZlOWQ2MGM1Y2Y4NTNhOTI0ODIyMjY5ZjFj Yzc0NTIwHhcNMjUxMjE0MjAwMDQ5WhcNMjUxMjE1MjAwMDQ5WjAzMTEwLwYDVQQD EygzYmU5ODI0NDM3YmFkYjgwZmMzZGM5YmVhOTdiYmY4OWE1NzRmNWVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiaRbODs0J3dnSf1MEt/RGk/fzQL wVoQaM3kyG/bgFEKzH1KGt8K814IvmJzTfWrZfABUo12phm3OCOcpTotGdzHaDSP Qtel11sxnIUgE4DYTyngbq/CIvrSOA3u9SYEL5MJe7zerriJslqo+spxLa/KBEEx 2h8C7UhjKY6lezIyL/WFmE5kNqeS3GUDXim/fYAYqOSztp8NGh7AQAJICcm7qumt 6NC7+QWafb+dTQGSpxhaEW7K/HOPpjGQaDgD7cXOF5kiYfDisWnV0Q2AjjIW7K+s U0rs/+Ngec4L3fCudDi61UWk3FQ4N3zCIXlKh5zp4P62zoHOdtmXYFMb+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDvpgkQ3utuA/D3Jvql7v4mldPXvMB8GA1UdIwQY MBaAFNwDqppP6dYMXPhTqSSCImnxzHRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjkt MWNhNzY2ZmJlZWJhLzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9kODRlMWUtY2M1My00Y2MyLWFhYjktMWNhNzY2ZmJlZWJh LzEvM0FPcW1rX3AxZ3hjLUZPcEpJSWlhZkhNZEZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchQ/McdT ESm0FlQHtAsWiNHIItdmDplqF9M5OQAn9xyqx2kmpT1VZ+wSHHYC7uN0L6zdwrME d26/eUIw8l+u0hKYrqptQLPxu2qkTInyO703ZYMgNJJiLnW0TI13Lgw0ZLP5esWR svSg5jgt3m7ol1NcyWU3Rtsg3AiDjoJuw/hHQUwYPTD8XcE+rRp7EPCufM87uskc 9zybuo/fNuRcRizFSXpEGKAxqm6eVQi2EqI9IQWtjPQxsmAA6wsxdDdGYrf0gGnE 6BDD52EzzB2/wrtACfVt3C7ck+zSc86CaEPPSO+iUagfaCF3ZcZcjBuRGoXSw7xf PtuwOsg5GvoIkQ== -----END CERTIFICATE-----Generated at Sun Dec 14 21:39:42 2025 by rpki-client