This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft File: 3W2WGgYrcca_r9m6jqaf3R-mOAI.mft (raw, json) Hash identifier: 2Jz3cT4ynRVw+1y2g0++yrqii8FUBBfbg9arsuQWnZQ= Subject key identifier: EE:87:A7:A2:0B:D1:D5:20:AA:F5:94:85:43:D4:A7:52:F8:11:E3:BA Authority key identifier: DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02 Certificate issuer: /CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802 Certificate serial: 019B09DA2555F430C4DABDC3BDA9F2F05E95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft Manifest number: 0347 Signing time: Wed 10 Dec 2025 20:00:49 +0000 Manifest this update: Wed 10 Dec 2025 20:00:49 +0000 Manifest next update: Thu 11 Dec 2025 20:00:49 +0000 Files and hashes: 1: 3W2WGgYrcca_r9m6jqaf3R-mOAI.crl (hash: b6axIMWPU1Uy9VBmGodUFh+cRJA5J0XqonIbtM2mq2c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:09:da:25:55:f4:30:c4:da:bd:c3:bd:a9:f2:f0:5e:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd6d961a062b71c6bfafd9ba8ea69fdd1fa63802 Validity Not Before: Dec 10 20:00:49 2025 GMT Not After : Dec 11 20:00:49 2025 GMT Subject: CN=ee87a7a20bd1d520aaf5948543d4a752f811e3ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8a:74:c6:ec:fb:f0:08:60:c4:27:5c:08:72: 5b:f2:46:d4:53:77:d1:57:97:70:95:59:90:87:0a: 18:3c:3d:2b:3d:b6:75:f4:86:ed:c3:f4:d3:ca:94: 8a:d5:b3:7c:da:2b:d8:c8:22:c3:59:42:b9:69:fd: 76:dc:cc:1f:84:f8:8d:6d:7f:3b:28:ea:f8:ef:db: ea:0f:67:2c:9e:74:9b:c1:d6:ac:f2:66:1c:1d:75: 25:5a:d7:b2:c2:1e:81:56:4f:1d:41:35:cb:17:ff: 42:02:b4:3b:99:5c:e0:8e:8a:6e:6c:53:49:d1:55: 61:c3:03:d1:4c:4e:04:f6:f6:b0:8c:71:15:d7:b0: 8d:1a:d4:1e:76:e9:98:a2:48:b0:12:4d:90:5c:43: 87:d8:ac:6f:42:00:c5:7b:42:30:86:5e:fe:43:b4: 0f:f2:8e:7b:c5:18:bd:47:54:a3:d5:92:2c:d7:f9: 61:d8:c4:38:cf:b7:db:df:85:2a:7e:4f:b0:52:d1: dd:e6:2f:75:7c:91:01:0e:89:11:de:4b:52:35:1a: 9b:12:da:d4:ee:17:4b:5d:70:70:c1:21:fd:cf:be: af:cf:eb:6a:5e:c2:5e:56:7c:49:13:43:32:0f:80: 41:94:a9:97:ee:72:b4:68:91:0e:62:6f:f6:39:15: d7:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:87:A7:A2:0B:D1:D5:20:AA:F5:94:85:43:D4:A7:52:F8:11:E3:BA X509v3 Authority Key Identifier: keyid:DD:6D:96:1A:06:2B:71:C6:BF:AF:D9:BA:8E:A6:9F:DD:1F:A6:38:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2WGgYrcca_r9m6jqaf3R-mOAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5cc4d6-42fd-4406-84ae-480fd84a841f/1/3W2WGgYrcca_r9m6jqaf3R-mOAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:9b:64:31:7c:ee:6f:fa:df:4e:1b:f7:61:8e:da:ea:50:60: 4a:52:c5:f5:4b:f4:ea:c4:c2:cd:11:57:1c:00:92:08:c9:52: 46:f7:73:3e:53:da:aa:03:66:04:b0:0d:85:db:03:00:8d:03: 6a:82:d8:69:e7:43:12:79:eb:64:2b:14:9d:db:b6:0e:86:70: bc:91:de:b7:04:86:a2:5b:6f:5f:13:82:af:28:80:e5:0a:e5: 9a:07:4c:55:2f:9b:81:5f:9b:72:c7:4c:58:ed:f1:9f:c8:b5: 84:f7:05:8b:2e:b6:fb:43:65:0c:c8:84:0d:f0:4b:4a:d9:af: e1:21:88:6e:2a:7a:bc:32:9e:c3:85:33:47:f8:5b:14:db:8b: e6:87:58:09:bb:4d:a1:48:ad:8e:21:6e:98:56:85:e4:57:7d: 8c:51:2c:14:fb:bb:a8:75:46:41:a2:08:1e:ee:f3:47:d9:cf: 08:6b:0a:35:e5:5b:d1:07:f7:d0:db:d3:9d:34:5d:ea:95:e4: d6:56:78:dc:32:9e:ce:da:13:2d:7c:f0:83:4a:8e:e8:11:85: 47:7f:13:68:99:a6:b5:78:06:96:2a:c3:2c:e2:d7:01:ac:2c: 79:8b:40:4f:20:ed:0f:84:8b:98:d8:2c:5a:0c:45:32:bc:fd: 7a:dd:38:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsJ2iVV9DDE2r3Dvany8F6VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNmQ5NjFhMDYyYjcxYzZiZmFmZDliYThlYTY5ZmRkMWZh NjM4MDIwHhcNMjUxMjEwMjAwMDQ5WhcNMjUxMjExMjAwMDQ5WjAzMTEwLwYDVQQD EyhlZTg3YTdhMjBiZDFkNTIwYWFmNTk0ODU0M2Q0YTc1MmY4MTFlM2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtop0xuz78AhgxCdcCHJb8kbUU3fR V5dwlVmQhwoYPD0rPbZ19Ibtw/TTypSK1bN82ivYyCLDWUK5af123MwfhPiNbX87 KOr479vqD2csnnSbwdas8mYcHXUlWteywh6BVk8dQTXLF/9CArQ7mVzgjopubFNJ 0VVhwwPRTE4E9vawjHEV17CNGtQedumYokiwEk2QXEOH2KxvQgDFe0Iwhl7+Q7QP 8o57xRi9R1Sj1ZIs1/lh2MQ4z7fb34Uqfk+wUtHd5i91fJEBDokR3ktSNRqbEtrU 7hdLXXBwwSH9z76vz+tqXsJeVnxJE0MyD4BBlKmX7nK0aJEOYm/2ORXXSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO6Hp6IL0dUgqvWUhUPUp1L4EeO6MB8GA1UdIwQY MBaAFN1tlhoGK3HGv6/Zuo6mn90fpjgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUt NDgwZmQ4NGE4NDFmLzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS81Y2M0ZDYtNDJmZC00NDA2LTg0YWUtNDgwZmQ4NGE4NDFm LzEvM1cyV0dnWXJjY2FfcjltNmpxYWYzUi1tT0FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ5tkMXzu b/rfThv3YY7a6lBgSlLF9Uv06sTCzRFXHACSCMlSRvdzPlPaqgNmBLANhdsDAI0D aoLYaedDEnnrZCsUndu2DoZwvJHetwSGoltvXxOCryiA5QrlmgdMVS+bgV+bcsdM WO3xn8i1hPcFiy62+0NlDMiEDfBLStmv4SGIbip6vDKew4UzR/hbFNuL5odYCbtN oUitjiFumFaF5Fd9jFEsFPu7qHVGQaIIHu7zR9nPCGsKNeVb0Qf30NvTnTRd6pXk 1lZ43DKeztoTLXzwg0qO6BGFR38TaJmmtXgGlirDLOLXAawseYtATyDtD4SLmNgs WgxFMrz9et04mw== -----END CERTIFICATE-----Generated at Wed Dec 10 21:42:36 2025 by rpki-client