This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft File: 3KLzDk5paSsbT-zrrpH9VgS97JM.mft (raw, json) Hash identifier: zKyIFMQvlWySFQIhtZN6CZ5s15mMhY6pU5cxFrIPags= Subject key identifier: 6B:32:D6:EA:7B:34:92:2D:0B:D9:A2:87:20:13:F3:FC:E2:9C:ED:A9 Authority key identifier: DC:A2:F3:0E:4E:69:69:2B:1B:4F:EC:EB:AE:91:FD:56:04:BD:EC:93 Certificate issuer: /CN=dca2f30e4e69692b1b4fecebae91fd5604bdec93 Certificate serial: 019B1201999E2ECA8DEA6650F4CBD5431073 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KLzDk5paSsbT-zrrpH9VgS97JM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft Manifest number: 072B Signing time: Fri 12 Dec 2025 10:00:53 +0000 Manifest this update: Fri 12 Dec 2025 10:00:53 +0000 Manifest next update: Sat 13 Dec 2025 10:00:53 +0000 Files and hashes: 1: 3KLzDk5paSsbT-zrrpH9VgS97JM.crl (hash: S4ncs177yVp6u77Mo/sMI0LicyuawFp04V2pT0Aikds=) 2: AJoKV4qloK-gv346yQRe9jE_1Lc.roa (hash: cy9XY0oo3u/4Yi8UZQJSoFS5/DHP0ILoCjdTHcKoQDk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.crl rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft rsync://rpki.ripe.net/repository/DEFAULT/3KLzDk5paSsbT-zrrpH9VgS97JM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:01:99:9e:2e:ca:8d:ea:66:50:f4:cb:d5:43:10:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dca2f30e4e69692b1b4fecebae91fd5604bdec93 Validity Not Before: Dec 12 10:00:53 2025 GMT Not After : Dec 13 10:00:53 2025 GMT Subject: CN=6b32d6ea7b34922d0bd9a2872013f3fce29ceda9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:9c:05:a7:ef:f9:9a:fd:96:78:83:b2:de:f8: b5:2f:84:0a:9f:94:78:9b:bb:c2:a9:e7:94:cc:e3: b7:86:fa:de:7f:72:69:dc:b9:39:ec:d2:b6:dd:11: 19:16:cb:2c:6c:48:30:4e:35:df:0f:45:da:92:35: 1f:e0:da:10:5f:83:09:d9:8e:65:ec:70:ff:fc:1e: f0:7f:88:e4:ee:df:aa:1e:51:67:26:37:63:82:5b: 4f:34:86:6a:4d:23:d3:fa:bb:04:b8:d7:cc:e2:f8: 3d:f9:66:7c:2a:a1:54:9b:dd:f3:e2:f2:0a:9c:fc: d9:f8:32:e7:2d:bc:bb:48:bb:11:f2:56:37:3d:96: 49:7d:c4:ef:54:d2:ac:0d:f6:ba:a8:ea:0e:ea:6c: ce:bd:69:80:39:2d:88:5b:31:ac:b3:79:9d:98:b5: 40:3d:84:44:80:36:ee:f8:c9:12:55:75:23:d9:c8: be:00:61:54:53:63:1d:57:42:ac:91:c1:5e:22:c7: 26:c2:59:4d:3e:eb:66:6a:69:f3:fd:46:7c:e8:a4: 27:01:07:c0:38:d6:5d:84:71:24:7c:a9:f9:cc:01: 98:1e:05:30:dc:2e:03:d3:a4:5b:39:ac:af:e7:a2: 39:a8:cb:4f:94:2f:48:74:1c:22:5c:25:71:19:e7: 1a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:32:D6:EA:7B:34:92:2D:0B:D9:A2:87:20:13:F3:FC:E2:9C:ED:A9 X509v3 Authority Key Identifier: keyid:DC:A2:F3:0E:4E:69:69:2B:1B:4F:EC:EB:AE:91:FD:56:04:BD:EC:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KLzDk5paSsbT-zrrpH9VgS97JM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/036549-45d0-4565-828f-eb3e785d9097/1/3KLzDk5paSsbT-zrrpH9VgS97JM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:22:b3:01:53:80:69:20:fa:91:c2:ed:ec:3c:2f:0a:57:f2: b8:9b:0d:d7:d9:17:05:da:c2:b9:b7:77:94:79:50:2c:0f:6e: c2:d3:a4:35:25:b5:c6:d4:50:2b:e0:77:56:a4:bb:d0:e4:09: c8:d8:62:6d:1b:78:ec:55:3f:76:fa:8d:d1:7c:bb:60:ef:20: 03:bd:5b:22:b8:f2:e0:fa:1c:01:7b:d6:62:2c:5a:5a:82:de: a5:5d:43:47:03:0a:bc:35:4e:b6:5d:80:5b:5e:0c:93:ce:82: 29:96:93:8c:0d:f1:d9:b4:b0:d5:5a:10:6d:b0:2d:c7:56:b2: 6b:50:b8:8b:61:64:a9:77:f2:b8:5d:12:59:74:3d:a6:b6:83: f2:25:5b:d1:10:08:d6:49:49:63:c2:73:bb:d1:7a:3a:a1:a9: 0c:b4:45:c8:7a:3b:a4:b5:f4:4a:35:a7:9d:05:d8:7d:60:66: 7e:de:20:fa:90:c5:24:01:07:5b:be:ab:94:a5:6f:1f:cf:35: e5:0b:67:a4:a0:24:ea:48:fe:28:fe:f0:46:0d:92:ad:1e:9d: eb:21:c3:71:f5:78:f5:d4:3c:e5:eb:93:35:2b:15:e0:ee:2d: f9:38:ab:45:80:43:3a:0b:ff:68:c4:16:34:e0:c0:4c:45:e6: 58:76:65:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsSAZmeLsqN6mZQ9MvVQxBzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjYTJmMzBlNGU2OTY5MmIxYjRmZWNlYmFlOTFmZDU2MDRi ZGVjOTMwHhcNMjUxMjEyMTAwMDUzWhcNMjUxMjEzMTAwMDUzWjAzMTEwLwYDVQQD Eyg2YjMyZDZlYTdiMzQ5MjJkMGJkOWEyODcyMDEzZjNmY2UyOWNlZGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZwFp+/5mv2WeIOy3vi1L4QKn5R4 m7vCqeeUzOO3hvref3Jp3Lk57NK23REZFsssbEgwTjXfD0XakjUf4NoQX4MJ2Y5l 7HD//B7wf4jk7t+qHlFnJjdjgltPNIZqTSPT+rsEuNfM4vg9+WZ8KqFUm93z4vIK nPzZ+DLnLby7SLsR8lY3PZZJfcTvVNKsDfa6qOoO6mzOvWmAOS2IWzGss3mdmLVA PYREgDbu+MkSVXUj2ci+AGFUU2MdV0KskcFeIscmwllNPutmamnz/UZ86KQnAQfA ONZdhHEkfKn5zAGYHgUw3C4D06RbOayv56I5qMtPlC9IdBwiXCVxGecaWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGsy1up7NJItC9mihyAT8/zinO2pMB8GA1UdIwQY MBaAFNyi8w5OaWkrG0/s666R/VYEveyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0tMekRrNXBhU3NiVC16cnJwSDlWZ1M5N0pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8wMzY1NDktNDVkMC00NTY1LTgyOGYt ZWIzZTc4NWQ5MDk3LzEvM0tMekRrNXBhU3NiVC16cnJwSDlWZ1M5N0pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8wMzY1NDktNDVkMC00NTY1LTgyOGYtZWIzZTc4NWQ5MDk3 LzEvM0tMekRrNXBhU3NiVC16cnJwSDlWZ1M5N0pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcSKzAVOA aSD6kcLt7DwvClfyuJsN19kXBdrCubd3lHlQLA9uwtOkNSW1xtRQK+B3VqS70OQJ yNhibRt47FU/dvqN0Xy7YO8gA71bIrjy4PocAXvWYixaWoLepV1DRwMKvDVOtl2A W14Mk86CKZaTjA3x2bSw1VoQbbAtx1aya1C4i2FkqXfyuF0SWXQ9praD8iVb0RAI 1klJY8Jzu9F6OqGpDLRFyHo7pLX0SjWnnQXYfWBmft4g+pDFJAEHW76rlKVvH881 5QtnpKAk6kj+KP7wRg2SrR6d6yHDcfV49dQ85euTNSsV4O4t+TirRYBDOgv/aMQW NODATEXmWHZlGw== -----END CERTIFICATE-----Generated at Fri Dec 12 14:22:52 2025 by rpki-client