This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.mft File: 3UftWIupBpRXoqiY_HoMuXfR-B4.mft (raw, json) Hash identifier: fvCQC6YaMK+RFfbvHUecr8De3ODECfOKThjipGxfj6I= Subject key identifier: F3:5A:38:B3:22:26:D5:2C:39:AB:6E:88:9F:98:BC:9B:39:42:6D:B8 Authority key identifier: DD:47:ED:58:8B:A9:06:94:57:A2:A8:98:FC:7A:0C:B9:77:D1:F8:1E Certificate issuer: /CN=dd47ed588ba9069457a2a898fc7a0cb977d1f81e Certificate serial: 019B364567A02BB67FF5E99981FD24D2A8B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UftWIupBpRXoqiY_HoMuXfR-B4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.mft Manifest number: 1789 Signing time: Fri 19 Dec 2025 11:01:16 +0000 Manifest this update: Fri 19 Dec 2025 11:01:16 +0000 Manifest next update: Sat 20 Dec 2025 11:01:16 +0000 Files and hashes: 1: 3UftWIupBpRXoqiY_HoMuXfR-B4.crl (hash: q0mCB8W9mtX1XLJGNb8KjnYrhhNwI983Tx6QN5gu5v8=) 2: NjNc1F_noFOuVoizuwyNmIiyikg.roa (hash: IrtAGIN7Mq5Prcg2l/Rn0ppsqJX7JmRhzfI5wRDO3Ps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.crl rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.mft rsync://rpki.ripe.net/repository/DEFAULT/3UftWIupBpRXoqiY_HoMuXfR-B4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:45:67:a0:2b:b6:7f:f5:e9:99:81:fd:24:d2:a8:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd47ed588ba9069457a2a898fc7a0cb977d1f81e Validity Not Before: Dec 19 11:01:16 2025 GMT Not After : Dec 20 11:01:16 2025 GMT Subject: CN=f35a38b32226d52c39ab6e889f98bc9b39426db8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:64:c4:a5:e9:14:94:23:81:73:b6:f2:f5:a5: 8c:ec:9b:e7:3f:4b:63:eb:9c:66:e4:94:1f:e2:06: 62:bb:71:e7:b6:7a:c6:34:f0:20:37:27:c5:98:58: 13:53:5b:6d:7f:61:3a:35:73:ce:3c:39:03:21:22: 3f:37:61:c5:6e:e0:e9:68:ec:74:04:45:41:65:75: 98:75:d0:d3:ba:54:71:80:23:2f:80:f8:a4:e7:77: ca:2f:af:91:8d:32:46:27:72:d4:8f:cc:25:38:a5: 9a:25:04:14:03:b4:34:9d:6e:1a:e6:91:23:d6:e4: f5:cb:49:c1:ce:04:1b:bd:a7:4b:f9:4e:3f:fe:4c: 00:bc:42:ed:33:de:db:b7:8d:d8:fe:c5:7c:0d:cc: fc:98:55:9f:87:6b:a1:63:12:4b:8e:34:b2:57:56: c6:0f:ee:28:a8:35:8b:29:94:52:7f:22:0b:50:08: 76:97:c8:9d:cf:27:b5:df:c4:cd:dc:70:b7:b2:9f: 0d:a4:f3:2e:ca:ae:c4:47:69:5d:14:c2:63:e1:95: ca:32:b9:2a:76:d6:c1:11:f2:56:89:44:56:34:a5: 71:98:34:67:85:8f:87:1b:5b:0a:42:26:de:da:4a: 44:2e:59:64:65:44:6a:c2:1b:bd:94:13:3a:9e:0d: d5:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:5A:38:B3:22:26:D5:2C:39:AB:6E:88:9F:98:BC:9B:39:42:6D:B8 X509v3 Authority Key Identifier: keyid:DD:47:ED:58:8B:A9:06:94:57:A2:A8:98:FC:7A:0C:B9:77:D1:F8:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UftWIupBpRXoqiY_HoMuXfR-B4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:51:b8:ba:53:ad:3b:03:03:4e:6a:37:c7:87:78:d3:89:87: a5:58:40:a1:41:3f:6d:d7:eb:70:f4:ec:b3:40:0e:28:fa:65: 2e:b7:a6:94:48:d9:cb:17:17:03:14:ff:06:b2:99:3f:58:10: e4:32:a0:f0:48:8c:9c:57:79:48:60:1b:56:91:02:bb:97:8d: 3c:c1:3f:30:f6:f1:db:0e:18:ca:b7:29:0e:43:b5:96:e8:2c: e1:d0:16:f9:22:c3:40:5b:cf:0e:50:ea:0f:a7:b1:81:2e:c8: 12:17:46:be:93:48:de:af:34:07:72:01:ca:45:61:84:55:8c: 3c:c0:90:ba:eb:2c:be:87:00:1f:cc:4b:22:50:2c:6b:a0:d1: e0:23:ec:43:59:62:2b:e2:f6:eb:db:bf:1c:52:e5:92:5f:a2: 2a:54:94:dd:e9:a3:74:5c:d7:16:70:25:64:d2:a4:b8:bb:05: c0:4a:fd:4b:02:39:d6:dc:8d:e6:2d:4b:a0:bf:1e:e1:61:c7: 37:30:72:03:b7:45:ed:f0:83:bc:1c:53:86:f1:db:2f:40:2e: 4a:8c:7d:96:59:bd:97:56:c4:2b:37:16:d6:fd:85:66:50:97: b5:5c:9d:6b:3c:c1:cc:cb:46:00:bd:de:4e:f3:5b:30:06:7d: dc:02:e5:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2RWegK7Z/9emZgf0k0qiwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNDdlZDU4OGJhOTA2OTQ1N2EyYTg5OGZjN2EwY2I5Nzdk MWY4MWUwHhcNMjUxMjE5MTEwMTE2WhcNMjUxMjIwMTEwMTE2WjAzMTEwLwYDVQQD EyhmMzVhMzhiMzIyMjZkNTJjMzlhYjZlODg5Zjk4YmM5YjM5NDI2ZGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWTEpekUlCOBc7by9aWM7JvnP0tj 65xm5JQf4gZiu3HntnrGNPAgNyfFmFgTU1ttf2E6NXPOPDkDISI/N2HFbuDpaOx0 BEVBZXWYddDTulRxgCMvgPik53fKL6+RjTJGJ3LUj8wlOKWaJQQUA7Q0nW4a5pEj 1uT1y0nBzgQbvadL+U4//kwAvELtM97bt43Y/sV8Dcz8mFWfh2uhYxJLjjSyV1bG D+4oqDWLKZRSfyILUAh2l8idzye138TN3HC3sp8NpPMuyq7ER2ldFMJj4ZXKMrkq dtbBEfJWiURWNKVxmDRnhY+HG1sKQibe2kpELllkZURqwhu9lBM6ng3VsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPNaOLMiJtUsOatuiJ+YvJs5Qm24MB8GA1UdIwQY MBaAFN1H7ViLqQaUV6KomPx6DLl30fgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1VmdFdJdXBCcFJYb3FpWV9Ib011WGZSLUI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NTgxYjctMzViYy00YmM4LTg1YjMt ZjQ1OTZlNzc2N2E4LzEvM1VmdFdJdXBCcFJYb3FpWV9Ib011WGZSLUI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny80NTgxYjctMzViYy00YmM4LTg1YjMtZjQ1OTZlNzc2N2E4 LzEvM1VmdFdJdXBCcFJYb3FpWV9Ib011WGZSLUI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOFG4ulOt OwMDTmo3x4d404mHpVhAoUE/bdfrcPTss0AOKPplLremlEjZyxcXAxT/BrKZP1gQ 5DKg8EiMnFd5SGAbVpECu5eNPME/MPbx2w4YyrcpDkO1lugs4dAW+SLDQFvPDlDq D6exgS7IEhdGvpNI3q80B3IBykVhhFWMPMCQuussvocAH8xLIlAsa6DR4CPsQ1li K+L269u/HFLlkl+iKlSU3emjdFzXFnAlZNKkuLsFwEr9SwI51tyN5i1LoL8e4WHH NzByA7dF7fCDvBxThvHbL0AuSox9llm9l1bEKzcW1v2FZlCXtVydazzBzMtGAL3e TvNbMAZ93ALlXA== -----END CERTIFICATE-----Generated at Fri Dec 19 13:10:13 2025 by rpki-client