This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft File: 3k_14NZGWzwsc6LG4Q5WovpzFic.mft (raw, json) Hash identifier: C/bghfDRnoU3pu7cBaCUW3ldD6VqKoR2rm/hxmpXRro= Subject key identifier: A2:9E:4F:1B:CA:C2:5F:2E:34:2D:70:D8:F6:00:4E:F8:09:7A:E4:6E Authority key identifier: DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27 Certificate issuer: /CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627 Certificate serial: 019B4B4CA72BFFC16DF01EBBCC83797D5809 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft Manifest number: 0F28 Signing time: Tue 23 Dec 2025 13:01:13 +0000 Manifest this update: Tue 23 Dec 2025 13:01:13 +0000 Manifest next update: Wed 24 Dec 2025 13:01:13 +0000 Files and hashes: 1: 3k_14NZGWzwsc6LG4Q5WovpzFic.crl (hash: ahgKqmmNlLK/v4QzXkaEasH2QQNyKxqaFjxpm0aV8Wo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 13:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:4c:a7:2b:ff:c1:6d:f0:1e:bb:cc:83:79:7d:58:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de4ff5e0d6465b3c2c73a2c6e10e56a2fa731627 Validity Not Before: Dec 23 13:01:13 2025 GMT Not After : Dec 24 13:01:13 2025 GMT Subject: CN=a29e4f1bcac25f2e342d70d8f6004ef8097ae46e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:37:22:24:f6:03:a2:07:4d:9b:1f:8a:07:89: ee:0b:25:6e:f5:a1:9e:7e:4a:07:27:99:0c:38:84: d7:14:44:5a:71:c3:c8:b1:31:f1:94:69:51:0b:9b: 07:e0:2f:9a:99:ae:6b:73:f6:49:1e:c0:30:02:3f: 33:4e:35:4f:ca:cc:86:60:02:3d:db:eb:1c:6c:ef: f4:d3:f1:03:05:95:f9:87:fb:b6:eb:31:8d:aa:87: 2e:c8:40:9e:a6:e3:be:0e:b7:b2:03:68:ee:28:6e: 62:d8:96:33:90:0f:8c:32:4d:f4:bd:de:66:57:79: e1:81:68:a3:dc:a9:0c:e1:5a:10:43:b0:df:d1:4c: c0:15:05:ad:09:ae:bf:3a:fa:66:2b:24:56:9c:bf: 92:d9:05:e2:60:25:dd:7b:31:73:c2:03:e8:bd:59: 91:88:c8:73:60:75:3e:ea:05:3d:1e:be:b5:95:1a: 1a:47:87:a4:61:0a:40:0b:10:9e:c6:e6:48:e9:5f: 70:ab:c9:b1:56:84:12:7f:e0:de:89:a5:e7:66:1e: ec:c8:b6:95:08:b4:cd:dd:cd:16:40:20:cf:76:88: e1:bd:0c:82:69:02:f3:25:1e:d1:1f:5b:c6:a1:cf: 9e:61:61:f8:8b:08:b1:a2:aa:08:11:36:67:f2:a9: 58:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:9E:4F:1B:CA:C2:5F:2E:34:2D:70:D8:F6:00:4E:F8:09:7A:E4:6E X509v3 Authority Key Identifier: keyid:DE:4F:F5:E0:D6:46:5B:3C:2C:73:A2:C6:E1:0E:56:A2:FA:73:16:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3k_14NZGWzwsc6LG4Q5WovpzFic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d6a648-2286-429f-98fa-884e81a1786a/1/3k_14NZGWzwsc6LG4Q5WovpzFic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:f6:a1:c0:65:e5:2d:4e:1b:5a:b1:3d:8c:cf:9b:bb:ba:81: f3:18:34:89:7e:ce:3a:09:92:86:19:b5:25:60:db:d1:c0:34: c2:86:72:21:b7:f9:6b:3e:7f:c9:01:82:48:e8:d7:7d:7f:40: 21:a1:71:28:a7:9e:d4:d8:89:a0:e0:21:9b:74:36:ff:05:d9: f4:59:1c:6c:5e:31:22:93:f9:12:2c:c5:7a:ce:a2:2a:80:a6: 21:91:19:ba:4d:4f:ee:a2:88:f8:3d:46:6a:c5:7b:f9:19:81: f4:9e:90:df:ca:a2:1a:31:c6:25:5f:0e:77:a6:96:c1:12:a1: 3a:94:d0:d6:00:50:c2:3a:6e:17:94:46:9e:9a:27:f3:3c:7a: 2f:0c:00:54:18:35:d4:77:36:26:bc:62:5f:e9:5c:ae:31:fd: 4c:e0:a7:bf:c4:73:87:a4:35:58:30:d5:1d:d8:7e:46:b2:f8: 27:1e:c8:1e:77:82:69:78:2d:49:92:15:01:e5:1d:d2:20:43: 06:e5:5d:4f:1b:25:97:07:15:5d:04:22:5c:d2:25:f9:0a:c9: 3a:8a:f8:2c:6b:6e:48:4a:28:6c:b7:c9:61:fd:7f:9f:91:84: f9:98:40:86:12:be:e1:b8:57:21:e5:5a:1f:74:95:ba:e8:6f: 38:52:e5:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLTKcr/8Ft8B67zIN5fVgJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNGZmNWUwZDY0NjViM2MyYzczYTJjNmUxMGU1NmEyZmE3 MzE2MjcwHhcNMjUxMjIzMTMwMTEzWhcNMjUxMjI0MTMwMTEzWjAzMTEwLwYDVQQD EyhhMjllNGYxYmNhYzI1ZjJlMzQyZDcwZDhmNjAwNGVmODA5N2FlNDZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjciJPYDogdNmx+KB4nuCyVu9aGe fkoHJ5kMOITXFERaccPIsTHxlGlRC5sH4C+ama5rc/ZJHsAwAj8zTjVPysyGYAI9 2+scbO/00/EDBZX5h/u26zGNqocuyECepuO+DreyA2juKG5i2JYzkA+MMk30vd5m V3nhgWij3KkM4VoQQ7Df0UzAFQWtCa6/OvpmKyRWnL+S2QXiYCXdezFzwgPovVmR iMhzYHU+6gU9Hr61lRoaR4ekYQpACxCexuZI6V9wq8mxVoQSf+DeiaXnZh7syLaV CLTN3c0WQCDPdojhvQyCaQLzJR7RH1vGoc+eYWH4iwixoqoIETZn8qlYSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKKeTxvKwl8uNC1w2PYATvgJeuRuMB8GA1UdIwQY MBaAFN5P9eDWRls8LHOixuEOVqL6cxYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEt ODg0ZTgxYTE3ODZhLzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9kNmE2NDgtMjI4Ni00MjlmLTk4ZmEtODg0ZTgxYTE3ODZh LzEvM2tfMTROWkdXendzYzZMRzRRNVdvdnB6RmljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfahwGXl LU4bWrE9jM+bu7qB8xg0iX7OOgmShhm1JWDb0cA0woZyIbf5az5/yQGCSOjXfX9A IaFxKKee1NiJoOAhm3Q2/wXZ9FkcbF4xIpP5EizFes6iKoCmIZEZuk1P7qKI+D1G asV7+RmB9J6Q38qiGjHGJV8Od6aWwRKhOpTQ1gBQwjpuF5RGnpon8zx6LwwAVBg1 1Hc2JrxiX+lcrjH9TOCnv8Rzh6Q1WDDVHdh+RrL4Jx7IHneCaXgtSZIVAeUd0iBD BuVdTxsllwcVXQQiXNIl+QrJOor4LGtuSEoobLfJYf1/n5GE+ZhAhhK+4bhXIeVa H3SVuuhvOFLlnA== -----END CERTIFICATE-----Generated at Tue Dec 23 16:43:55 2025 by rpki-client