This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft File: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft (raw, json) Hash identifier: VLYqwLGw4QrGrM0GZWmSy3501BUxYnMkLOoHpfbVTwQ= Subject key identifier: C7:0B:9C:AE:44:17:23:54:52:73:D0:F8:3F:1A:0E:62:C1:D0:42:13 Authority key identifier: DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4 Certificate issuer: /CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4 Certificate serial: 019B32D6E5A9EA4D5DE7F159A2C18DAF841F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft Manifest number: 0E75 Signing time: Thu 18 Dec 2025 19:01:42 +0000 Manifest this update: Thu 18 Dec 2025 19:01:42 +0000 Manifest next update: Fri 19 Dec 2025 19:01:42 +0000 Files and hashes: 1: 3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl (hash: opodIt1HkGH2HWM0bk96yNv5JsLfDzNEdEEJ+Ej6hkM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:e5:a9:ea:4d:5d:e7:f1:59:a2:c1:8d:af:84:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc75852eb3d5f4bfa7e44e80eea9881986403cd4 Validity Not Before: Dec 18 19:01:42 2025 GMT Not After : Dec 19 19:01:42 2025 GMT Subject: CN=c70b9cae441723545273d0f83f1a0e62c1d04213 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4b:22:92:ae:80:2f:5a:e8:46:98:eb:2c:91: c5:6c:b8:69:90:f5:f3:d9:18:8c:7a:82:de:cb:da: 94:76:b2:5e:66:ba:c4:9d:0a:80:30:3f:ef:b4:99: 68:e9:12:09:36:31:37:17:4f:e2:a6:74:7c:44:50: dd:73:5e:e3:ee:60:9b:40:d7:1f:17:27:5a:3f:61: 8f:c0:93:d6:ed:98:18:ee:5c:82:e8:84:46:84:bc: c8:62:41:e1:c9:45:13:ca:ef:dc:de:52:d5:d8:75: 48:8a:25:ca:7c:e1:ab:46:92:9e:fd:29:29:79:05: 71:33:d8:e2:d6:c2:01:d6:08:cf:2c:32:b5:56:3a: c7:87:58:c6:33:7a:d4:a4:08:11:1e:fd:a5:dc:c0: cc:32:c1:83:5f:da:f2:a7:da:d8:3e:d0:34:cf:8a: 16:fd:d8:66:35:8c:ab:6a:97:e3:b8:aa:b9:f9:ce: e7:8b:13:c5:b2:9d:7b:0f:26:b5:f4:30:b3:10:e5: 51:7c:01:8d:df:1d:88:d8:84:9c:da:41:75:9b:bf: 0f:7b:bf:55:ac:2e:4e:55:7d:17:41:97:c8:cb:d9: 67:a0:9d:eb:3b:0a:01:43:d9:d1:24:59:c0:c7:36: 19:25:7f:d2:45:23:7a:61:d6:e3:93:d5:b0:a4:37: ec:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:0B:9C:AE:44:17:23:54:52:73:D0:F8:3F:1A:0E:62:C1:D0:42:13 X509v3 Authority Key Identifier: keyid:DC:75:85:2E:B3:D5:F4:BF:A7:E4:4E:80:EE:A9:88:19:86:40:3C:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5b5975-14af-4f26-861d-9cfae8a7597e/1/3HWFLrPV9L-n5E6A7qmIGYZAPNQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:5f:fc:26:27:bb:fd:b7:18:5d:dd:a8:4c:37:76:c3:71:32: ff:0d:42:3e:10:2c:ae:57:c1:6e:28:57:c1:7e:bd:b3:b9:7e: 55:ba:62:19:77:22:ca:cd:98:5f:1c:bd:10:be:4f:d8:bb:c2: 14:93:a6:7d:46:7d:47:8a:a0:6d:83:1c:a6:89:87:0d:b6:e1: 91:3e:6a:be:08:7a:b3:69:99:f8:aa:33:49:12:3c:cd:8f:37: 34:85:0c:59:75:ae:85:7f:78:cb:ca:61:76:d1:0b:28:5a:39: 17:9d:ea:43:f7:69:7e:e1:6b:c3:f4:4d:3a:ca:fb:64:2c:05: 3f:81:37:d8:a5:e4:1f:20:52:88:4d:b2:a1:ec:7d:41:35:b7: d7:16:5a:44:38:6e:75:df:25:db:57:81:6e:6a:ed:48:09:79: aa:76:5a:a1:e0:b4:34:59:70:27:80:6c:a0:05:82:ed:5e:8e: cf:44:ea:74:05:27:ba:fe:f2:73:e6:03:d5:a1:d6:1c:a2:5d: 20:85:94:a7:34:13:80:74:d7:c0:8b:aa:5f:62:71:a6:94:5a: 8a:b7:d5:de:9d:74:fe:03:e4:d7:46:c1:ed:80:c9:89:4b:04: 97:8d:39:3e:72:ab:da:7b:d3:c0:ba:2c:6d:8d:8c:f9:cf:39: d6:9c:8e:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1uWp6k1d5/FZosGNr4QfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNzU4NTJlYjNkNWY0YmZhN2U0NGU4MGVlYTk4ODE5ODY0 MDNjZDQwHhcNMjUxMjE4MTkwMTQyWhcNMjUxMjE5MTkwMTQyWjAzMTEwLwYDVQQD EyhjNzBiOWNhZTQ0MTcyMzU0NTI3M2QwZjgzZjFhMGU2MmMxZDA0MjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEsikq6AL1roRpjrLJHFbLhpkPXz 2RiMeoLey9qUdrJeZrrEnQqAMD/vtJlo6RIJNjE3F0/ipnR8RFDdc17j7mCbQNcf FydaP2GPwJPW7ZgY7lyC6IRGhLzIYkHhyUUTyu/c3lLV2HVIiiXKfOGrRpKe/Skp eQVxM9ji1sIB1gjPLDK1VjrHh1jGM3rUpAgRHv2l3MDMMsGDX9ryp9rYPtA0z4oW /dhmNYyrapfjuKq5+c7nixPFsp17Dya19DCzEOVRfAGN3x2I2ISc2kF1m78Pe79V rC5OVX0XQZfIy9lnoJ3rOwoBQ9nRJFnAxzYZJX/SRSN6Ydbjk9WwpDfsVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMcLnK5EFyNUUnPQ+D8aDmLB0EITMB8GA1UdIwQY MBaAFNx1hS6z1fS/p+ROgO6piBmGQDzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQt OWNmYWU4YTc1OTdlLzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS81YjU5NzUtMTRhZi00ZjI2LTg2MWQtOWNmYWU4YTc1OTdl LzEvM0hXRkxyUFY5TC1uNUU2QTdxbUlHWVpBUE5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKl/8Jie7 /bcYXd2oTDd2w3Ey/w1CPhAsrlfBbihXwX69s7l+VbpiGXciys2YXxy9EL5P2LvC FJOmfUZ9R4qgbYMcpomHDbbhkT5qvgh6s2mZ+KozSRI8zY83NIUMWXWuhX94y8ph dtELKFo5F53qQ/dpfuFrw/RNOsr7ZCwFP4E32KXkHyBSiE2yoex9QTW31xZaRDhu dd8l21eBbmrtSAl5qnZaoeC0NFlwJ4BsoAWC7V6Oz0TqdAUnuv7yc+YD1aHWHKJd IIWUpzQTgHTXwIuqX2JxppRairfV3p10/gPk10bB7YDJiUsEl405PnKr2nvTwLos bY2M+c851pyORw== -----END CERTIFICATE-----Generated at Fri Dec 19 00:57:25 2025 by rpki-client