This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft File: DW3GbMOENrasMel-cS0hlAfIPPQ.mft (raw, json) Hash identifier: LUnjAC6ETyqKmlPagrZ3wE7kkcIIXeEVQMHLEU82JIg= Subject key identifier: 3B:D7:31:70:6B:57:3B:3B:69:25:4F:D3:A3:E5:C8:A9:0C:2F:CE:62 Authority key identifier: 0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4 Certificate issuer: /CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4 Certificate serial: 019B476F967F5DEA50FC3DE5B659FD09B880 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft Manifest number: 0611 Signing time: Mon 22 Dec 2025 19:00:53 +0000 Manifest this update: Mon 22 Dec 2025 19:00:53 +0000 Manifest next update: Tue 23 Dec 2025 19:00:53 +0000 Files and hashes: 1: DW3GbMOENrasMel-cS0hlAfIPPQ.crl (hash: /edYSnDm2SC3orcxoIywg+fR2pSlidKc/oQQbUZFtEE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:6f:96:7f:5d:ea:50:fc:3d:e5:b6:59:fd:09:b8:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4 Validity Not Before: Dec 22 19:00:53 2025 GMT Not After : Dec 23 19:00:53 2025 GMT Subject: CN=3bd731706b573b3b69254fd3a3e5c8a90c2fce62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8c:2a:72:0d:22:d8:40:60:89:1f:04:69:a7: a4:e5:b5:7f:12:85:59:53:8a:4e:a0:57:ac:93:57: 06:8f:9b:4c:44:7c:43:cc:12:0e:82:af:1e:03:fa: 50:71:79:31:aa:cc:25:f5:b8:66:eb:80:3e:d5:3b: 48:ab:99:78:2a:51:ae:16:55:50:18:83:9e:40:f6: 04:49:df:61:cd:17:0c:2a:d6:91:27:87:a2:f4:59: e0:2b:f7:98:52:c8:e6:68:89:12:9d:64:d4:4e:ba: 80:b7:8b:f7:70:08:95:0f:94:9c:c7:73:6c:b7:0a: 85:14:71:90:31:d5:74:0f:ab:6f:d1:66:19:d2:7c: f5:81:19:ee:66:73:7a:fe:54:fa:84:da:5f:6b:ba: 98:36:3b:5c:47:9e:e6:95:3d:ef:6a:3b:f3:cc:b3: 30:98:42:00:07:07:bf:dd:eb:da:04:98:a5:c7:dd: 9c:a1:d1:53:05:b4:76:1b:83:1e:c8:7d:79:27:eb: 7e:9f:52:81:e9:73:d3:3d:40:5b:4b:dc:ee:93:a4: 2a:b5:f3:03:1e:ca:9e:2e:09:3a:ef:ae:48:7e:8e: 35:d9:ee:c5:df:26:8f:ca:a1:66:9b:6f:af:a6:4e: 9d:88:12:86:83:f4:f2:4a:0c:ec:22:d1:19:c8:fd: 64:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:D7:31:70:6B:57:3B:3B:69:25:4F:D3:A3:E5:C8:A9:0C:2F:CE:62 X509v3 Authority Key Identifier: keyid:0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:f4:1f:71:7a:fc:df:8f:44:dc:e1:12:78:68:1c:9c:b7:85: 7a:db:72:30:e8:64:1d:c2:16:2c:c5:f0:4d:8e:87:95:f6:40: 74:e5:fc:57:12:7e:4f:e1:2a:62:c9:d1:05:02:ab:e4:31:ad: 05:cd:98:2f:39:b4:1b:82:08:78:00:93:4c:62:93:0b:56:88: 13:23:9f:dd:fa:49:2a:47:45:64:01:5d:06:0a:59:4f:b8:72: 46:63:cc:ba:e2:72:3a:27:12:ce:da:97:fc:ad:b4:46:7b:f3: 42:06:4d:6c:d5:41:55:b5:be:f3:24:86:1a:a1:43:5b:81:02: f2:d0:f7:2e:e7:7b:62:f1:41:77:27:4e:59:0b:24:b9:04:8c: bf:21:78:46:71:81:e9:51:e3:6f:aa:bc:0f:0f:24:66:ef:1f: 01:b8:96:da:6e:ea:20:42:cb:ae:27:8c:41:fe:5d:cf:e5:8d: 31:b9:15:da:e0:f1:f2:3f:61:78:02:c0:4e:b5:ae:d3:d3:ae: e9:0a:bb:0c:c7:6d:d4:5b:dd:52:f5:63:33:13:4f:1a:88:5b: 73:cb:46:34:51:4f:80:b1:5d:64:5f:51:3f:93:05:98:8a:a6: 18:0e:ee:bb:df:da:42:2b:d8:37:f9:9d:83:c5:35:96:bc:33: b2:fc:f4:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHb5Z/XepQ/D3ltln9CbiAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNmRjNjZjYzM4NDM2YjZhYzMxZTk3ZTcxMmQyMTk0MDdj ODNjZjQwHhcNMjUxMjIyMTkwMDUzWhcNMjUxMjIzMTkwMDUzWjAzMTEwLwYDVQQD EygzYmQ3MzE3MDZiNTczYjNiNjkyNTRmZDNhM2U1YzhhOTBjMmZjZTYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Iwqcg0i2EBgiR8Eaaek5bV/EoVZ U4pOoFesk1cGj5tMRHxDzBIOgq8eA/pQcXkxqswl9bhm64A+1TtIq5l4KlGuFlVQ GIOeQPYESd9hzRcMKtaRJ4ei9FngK/eYUsjmaIkSnWTUTrqAt4v3cAiVD5Scx3Ns twqFFHGQMdV0D6tv0WYZ0nz1gRnuZnN6/lT6hNpfa7qYNjtcR57mlT3vajvzzLMw mEIABwe/3evaBJilx92codFTBbR2G4MeyH15J+t+n1KB6XPTPUBbS9zuk6QqtfMD HsqeLgk6765Ifo412e7F3yaPyqFmm2+vpk6diBKGg/TySgzsItEZyP1kEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDvXMXBrVzs7aSVP06PlyKkML85iMB8GA1UdIwQY MBaAFA1txmzDhDa2rDHpfnEtIZQHyDz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEt OWRkNTIzMTNhZTdjLzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEtOWRkNTIzMTNhZTdj LzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfQfcXr8 349E3OESeGgcnLeFettyMOhkHcIWLMXwTY6HlfZAdOX8VxJ+T+EqYsnRBQKr5DGt Bc2YLzm0G4IIeACTTGKTC1aIEyOf3fpJKkdFZAFdBgpZT7hyRmPMuuJyOicSztqX /K20RnvzQgZNbNVBVbW+8ySGGqFDW4EC8tD3Lud7YvFBdydOWQskuQSMvyF4RnGB 6VHjb6q8Dw8kZu8fAbiW2m7qIELLrieMQf5dz+WNMbkV2uDx8j9heALATrWu09Ou 6Qq7DMdt1FvdUvVjMxNPGohbc8tGNFFPgLFdZF9RP5MFmIqmGA7uu9/aQivYN/md g8U1lrwzsvz0Sw== -----END CERTIFICATE-----Generated at Mon Dec 22 20:31:48 2025 by rpki-client