This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft File: 3OVg8OyFDainwPjW84JRAtTeSs4.mft (raw, json) Hash identifier: W3xXwzu8hXrHm5zU0MfALbhZTU0aAr7YWlFMZZ/8FH8= Subject key identifier: 56:42:06:72:20:DC:1B:96:7C:18:47:43:3F:15:4C:C6:AC:DD:E4:3C Authority key identifier: DC:E5:60:F0:EC:85:0D:A8:A7:C0:F8:D6:F3:82:51:02:D4:DE:4A:CE Certificate issuer: /CN=dce560f0ec850da8a7c0f8d6f3825102d4de4ace Certificate serial: 019B34C45A2A1585C0A32207C31057F67B32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft Manifest number: 1785 Signing time: Fri 19 Dec 2025 04:00:41 +0000 Manifest this update: Fri 19 Dec 2025 04:00:41 +0000 Manifest next update: Sat 20 Dec 2025 04:00:41 +0000 Files and hashes: 1: 3OVg8OyFDainwPjW84JRAtTeSs4.crl (hash: oo0FkLvl07ONE7A6zzCDmM6KHQeVEIs9DFKcyy1tg40=) 2: cvAMZ-azozJjAwqBJfc2rmmZkME.roa (hash: Gewk40CVQw5q21r2SfPnFc/pGMGpE0T4SZt3vyzVUaM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:5a:2a:15:85:c0:a3:22:07:c3:10:57:f6:7b:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dce560f0ec850da8a7c0f8d6f3825102d4de4ace Validity Not Before: Dec 19 04:00:41 2025 GMT Not After : Dec 20 04:00:41 2025 GMT Subject: CN=5642067220dc1b967c1847433f154cc6acdde43c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:98:39:17:23:79:29:2c:2b:e8:c8:c6:03:3d: 22:47:65:99:1e:99:54:37:46:11:bb:01:3b:16:48: c0:ad:19:66:67:d4:80:5f:ff:36:01:9c:a9:69:6e: 2c:f2:ee:5f:c8:81:bc:08:a6:f5:c2:15:45:00:db: 2f:b3:8d:59:05:e7:5e:12:71:07:f4:42:be:92:7c: af:d8:3d:40:64:29:e2:e2:cc:30:9b:fc:95:ec:3c: f4:90:ae:3d:08:a4:e4:cf:19:f0:f4:35:67:95:d2: d2:96:14:68:9d:98:32:21:ae:98:fc:91:1d:22:1c: 78:dd:74:8e:ef:ef:ca:4c:93:4f:6a:28:73:6f:91: eb:a3:66:65:38:be:8f:d7:50:9b:b3:3f:8b:da:aa: 09:3a:15:aa:78:8a:a7:29:d0:df:59:31:71:bc:cb: 3a:af:d3:2f:a9:4d:75:2a:14:e0:54:13:df:6b:68: ac:10:12:29:5a:56:8d:b4:df:46:bd:47:d5:ad:9c: 24:f1:22:72:46:09:31:56:d5:1a:3a:e5:79:59:d0: 41:ad:0c:77:80:9f:c9:c2:2d:c3:a6:eb:33:f1:ab: f4:79:1c:4c:f3:9f:11:b7:c0:db:60:bb:68:fa:fb: d1:8d:a3:25:0b:48:0c:0a:05:ab:b6:2b:30:6b:01: 1c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:42:06:72:20:DC:1B:96:7C:18:47:43:3F:15:4C:C6:AC:DD:E4:3C X509v3 Authority Key Identifier: keyid:DC:E5:60:F0:EC:85:0D:A8:A7:C0:F8:D6:F3:82:51:02:D4:DE:4A:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:e7:60:9a:9a:47:13:e2:4e:b8:3a:30:b1:c4:90:23:16:85: 03:ef:9c:4d:7f:5a:53:e8:19:5f:16:de:e3:d4:29:ca:f0:75: 62:36:17:93:2f:2f:f1:83:f6:ef:4f:2b:9c:bc:3c:86:6d:f8: ba:9a:1f:8a:69:a4:59:3e:70:24:2b:15:5b:02:27:fd:a3:ec: ca:fd:88:65:31:d6:a4:8c:48:91:66:f7:9c:97:1e:81:43:d2: e7:38:76:eb:4b:7e:b5:d4:d4:e7:09:79:b9:1c:00:b3:94:62: fa:32:75:87:4e:74:fa:03:1e:08:3e:ce:1b:b0:87:bb:92:c0: ed:86:6d:2f:48:21:56:56:11:99:45:84:31:10:03:bd:aa:2e: e9:02:cc:4d:0c:c2:b2:22:a1:31:a2:4c:a5:ba:58:2d:52:63: 63:04:13:72:1d:8b:7c:84:ae:e6:64:7a:46:89:23:35:9d:c9: 06:49:ff:6c:52:f8:89:f0:ab:8e:4b:f2:97:48:75:63:55:9f: a7:7a:8c:be:92:11:c5:b6:d0:f9:c1:c7:13:9d:c1:51:f3:76: a9:a4:7a:17:60:f2:c1:f4:ff:fe:99:8d:50:73:d8:75:93:ed: b1:e9:58:07:62:32:fc:01:df:f7:4b:00:81:21:79:15:c4:80: 6b:76:ce:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xFoqFYXAoyIHwxBX9nsyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZTU2MGYwZWM4NTBkYThhN2MwZjhkNmYzODI1MTAyZDRk ZTRhY2UwHhcNMjUxMjE5MDQwMDQxWhcNMjUxMjIwMDQwMDQxWjAzMTEwLwYDVQQD Eyg1NjQyMDY3MjIwZGMxYjk2N2MxODQ3NDMzZjE1NGNjNmFjZGRlNDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpg5FyN5KSwr6MjGAz0iR2WZHplU N0YRuwE7FkjArRlmZ9SAX/82AZypaW4s8u5fyIG8CKb1whVFANsvs41ZBedeEnEH 9EK+knyv2D1AZCni4swwm/yV7Dz0kK49CKTkzxnw9DVnldLSlhRonZgyIa6Y/JEd Ihx43XSO7+/KTJNPaihzb5Hro2ZlOL6P11Cbsz+L2qoJOhWqeIqnKdDfWTFxvMs6 r9MvqU11KhTgVBPfa2isEBIpWlaNtN9GvUfVrZwk8SJyRgkxVtUaOuV5WdBBrQx3 gJ/Jwi3Dpusz8av0eRxM858Rt8DbYLto+vvRjaMlC0gMCgWrtiswawEc7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFZCBnIg3BuWfBhHQz8VTMas3eQ8MB8GA1UdIwQY MBaAFNzlYPDshQ2op8D41vOCUQLU3krOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNTNkMzktMzc0Yy00Mzg3LTk5NDUt NDMxZjc1YmE4Njc1LzEvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8wNTNkMzktMzc0Yy00Mzg3LTk5NDUtNDMxZjc1YmE4Njc1 LzEvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeudgmppH E+JOuDowscSQIxaFA++cTX9aU+gZXxbe49QpyvB1YjYXky8v8YP2708rnLw8hm34 upofimmkWT5wJCsVWwIn/aPsyv2IZTHWpIxIkWb3nJcegUPS5zh260t+tdTU5wl5 uRwAs5Ri+jJ1h050+gMeCD7OG7CHu5LA7YZtL0ghVlYRmUWEMRADvaou6QLMTQzC siKhMaJMpbpYLVJjYwQTch2LfISu5mR6RokjNZ3JBkn/bFL4ifCrjkvyl0h1Y1Wf p3qMvpIRxbbQ+cHHE53BUfN2qaR6F2DywfT//pmNUHPYdZPtselYB2Iy/AHf90sA gSF5FcSAa3bOXA== -----END CERTIFICATE-----Generated at Fri Dec 19 09:23:33 2025 by rpki-client