This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft File: p3tNEFqlxNZemaq2926tWJ5ih8w.mft (raw, json) Hash identifier: aXICEK6G04VaME21/9oIbz83p2MJlmIGTpRWKGcOYNE= Subject key identifier: 2B:4E:37:C6:5F:5F:74:8F:5B:28:F5:EF:DB:FE:ED:4C:47:42:DF:B8 Authority key identifier: A7:7B:4D:10:5A:A5:C4:D6:5E:99:AA:B6:F7:6E:AD:58:9E:62:87:CC Certificate issuer: /CN=a77b4d105aa5c4d65e99aab6f76ead589e6287cc Certificate serial: 019B334481C4C1AD9E2695E072F637D1ABEF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft Manifest number: 0580 Signing time: Thu 18 Dec 2025 21:01:26 +0000 Manifest this update: Thu 18 Dec 2025 21:01:26 +0000 Manifest next update: Fri 19 Dec 2025 21:01:26 +0000 Files and hashes: 1: p3tNEFqlxNZemaq2926tWJ5ih8w.crl (hash: 71c2z87y5pPuIc9PIpQsHS39nF4R/kag4cuukDT7fGE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:81:c4:c1:ad:9e:26:95:e0:72:f6:37:d1:ab:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a77b4d105aa5c4d65e99aab6f76ead589e6287cc Validity Not Before: Dec 18 21:01:26 2025 GMT Not After : Dec 19 21:01:26 2025 GMT Subject: CN=2b4e37c65f5f748f5b28f5efdbfeed4c4742dfb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:88:64:f7:ad:1f:a7:46:46:db:8a:df:39:38: 67:93:ec:23:c5:fa:9a:b5:98:23:53:63:8c:26:04: 68:a7:1d:c5:c1:8c:64:e3:c5:c4:43:f5:ee:99:47: 87:a7:55:9c:2a:82:e5:b2:80:44:22:7d:26:09:23: 14:79:cf:dd:a2:c4:72:2f:48:ec:d9:12:f8:89:5e: 57:ab:ba:16:06:87:df:b9:06:a4:9e:e6:a9:e6:d9: 12:48:25:96:6a:08:de:0e:80:21:21:0b:a9:09:cd: 05:07:12:73:b8:37:9f:22:37:1b:d2:c0:7b:99:80: ee:fc:ea:3b:d4:30:30:9a:b2:bf:ac:8f:86:a4:60: 94:45:62:d3:74:37:c3:2c:06:0f:fc:3f:61:a4:c0: 53:4e:ba:81:b6:9f:7c:f3:dd:76:0f:3c:5b:7c:3a: 5f:10:6b:ae:16:11:b2:70:5c:74:ae:8e:7e:69:e7: 7c:3e:eb:f2:a3:22:7d:18:30:91:a6:68:6d:d3:55: 70:eb:a4:f0:8f:48:02:39:ee:08:08:23:40:c8:df: 37:c0:fb:ec:a7:60:b9:c3:70:fd:44:23:c5:fe:d1: 11:b6:f5:c6:a0:61:e8:44:71:50:4b:eb:22:4e:df: 02:b4:2c:ac:61:3f:89:ff:bb:f5:3e:2f:86:30:52: fe:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:4E:37:C6:5F:5F:74:8F:5B:28:F5:EF:DB:FE:ED:4C:47:42:DF:B8 X509v3 Authority Key Identifier: keyid:A7:7B:4D:10:5A:A5:C4:D6:5E:99:AA:B6:F7:6E:AD:58:9E:62:87:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p3tNEFqlxNZemaq2926tWJ5ih8w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5ea2a6-ff2f-47fd-b7c8-f4f45043b8bc/1/p3tNEFqlxNZemaq2926tWJ5ih8w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:1f:17:2e:9b:47:38:d1:78:43:cc:21:87:4b:17:cc:4a:68: b8:cd:67:1b:e0:3e:15:00:fe:50:54:af:06:6d:bd:a4:84:53: ca:83:a1:6d:ce:8a:49:e5:aa:b3:eb:47:42:59:66:8c:4d:c7: 39:2e:74:6b:a1:25:81:8f:ed:bb:22:67:20:38:e7:33:43:4e: f6:de:e9:97:17:44:27:bb:2d:57:be:bb:40:23:8a:f5:58:1c: 31:60:1e:e6:3d:b3:37:eb:32:9d:a0:0e:a5:f1:08:96:a0:29: 7f:ba:fb:c8:08:cd:30:7c:03:fe:53:cd:a9:3e:9e:85:90:5a: b8:77:c3:1e:14:20:79:6e:54:c0:3a:f3:2b:e2:3a:a1:cd:b3: 8b:ff:be:16:18:18:40:93:ee:b6:6e:46:f5:a9:8c:64:a0:5f: 5d:58:39:96:15:c9:a0:f8:27:9e:76:6d:9b:f5:48:a7:5b:55: 3c:35:2b:e6:dd:03:fa:ba:81:98:0e:5b:db:78:89:e4:4e:6d: 80:fd:0e:42:9e:80:1f:ad:9f:59:2e:31:28:d4:a0:c5:95:2e: 35:d9:09:08:15:82:4b:12:99:7f:89:d8:13:7e:e9:18:7c:cf: a7:38:ea:09:e0:85:78:84:60:26:f9:dd:a1:80:07:5b:0f:aa: b1:8f:02:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRIHEwa2eJpXgcvY30avvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3N2I0ZDEwNWFhNWM0ZDY1ZTk5YWFiNmY3NmVhZDU4OWU2 Mjg3Y2MwHhcNMjUxMjE4MjEwMTI2WhcNMjUxMjE5MjEwMTI2WjAzMTEwLwYDVQQD EygyYjRlMzdjNjVmNWY3NDhmNWIyOGY1ZWZkYmZlZWQ0YzQ3NDJkZmI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ohk960fp0ZG24rfOThnk+wjxfqa tZgjU2OMJgRopx3FwYxk48XEQ/XumUeHp1WcKoLlsoBEIn0mCSMUec/dosRyL0js 2RL4iV5Xq7oWBoffuQaknuap5tkSSCWWagjeDoAhIQupCc0FBxJzuDefIjcb0sB7 mYDu/Oo71DAwmrK/rI+GpGCURWLTdDfDLAYP/D9hpMBTTrqBtp988912DzxbfDpf EGuuFhGycFx0ro5+aed8PuvyoyJ9GDCRpmht01Vw66Twj0gCOe4ICCNAyN83wPvs p2C5w3D9RCPF/tERtvXGoGHoRHFQS+siTt8CtCysYT+J/7v1Pi+GMFL+jwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCtON8ZfX3SPWyj179v+7UxHQt+4MB8GA1UdIwQY MBaAFKd7TRBapcTWXpmqtvdurVieYofMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZWEyYTYtZmYyZi00N2ZkLWI3Yzgt ZjRmNDUwNDNiOGJjLzEvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81ZWEyYTYtZmYyZi00N2ZkLWI3YzgtZjRmNDUwNDNiOGJj LzEvcDN0TkVGcWx4TlplbWFxMjkyNnRXSjVpaDh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADx8XLptH ONF4Q8whh0sXzEpouM1nG+A+FQD+UFSvBm29pIRTyoOhbc6KSeWqs+tHQllmjE3H OS50a6ElgY/tuyJnIDjnM0NO9t7plxdEJ7stV767QCOK9VgcMWAe5j2zN+synaAO pfEIlqApf7r7yAjNMHwD/lPNqT6ehZBauHfDHhQgeW5UwDrzK+I6oc2zi/++FhgY QJPutm5G9amMZKBfXVg5lhXJoPgnnnZtm/VIp1tVPDUr5t0D+rqBmA5b23iJ5E5t gP0OQp6AH62fWS4xKNSgxZUuNdkJCBWCSxKZf4nYE37pGHzPpzjqCeCFeIRgJvnd oYAHWw+qsY8CpA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:43:19 2025 by rpki-client