This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft File: db3TijiDJA5GxLGsi7-DF96P-IU.mft (raw, json) Hash identifier: AkAg/0RwYw54WiNdRcts7wnnBlA4PYMH/vh85ojCycg= Subject key identifier: 45:A4:E5:63:8C:DA:81:71:BC:0F:EA:16:E5:44:9B:DC:B0:62:02:BB Authority key identifier: 75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85 Certificate issuer: /CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885 Certificate serial: 019B5ABF12D061FF54F01EED51260978762C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft Manifest number: 14A4 Signing time: Fri 26 Dec 2025 13:00:30 +0000 Manifest this update: Fri 26 Dec 2025 13:00:30 +0000 Manifest next update: Sat 27 Dec 2025 13:00:30 +0000 Files and hashes: 1: db3TijiDJA5GxLGsi7-DF96P-IU.crl (hash: kQpJPeGPJFrMotyAvLqb7R6epqL6iPnt2UdlfF3whgs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:12:d0:61:ff:54:f0:1e:ed:51:26:09:78:76:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75bdd38a3883240e46c4b1ac8bbf8317de8ff885 Validity Not Before: Dec 26 13:00:30 2025 GMT Not After : Dec 27 13:00:30 2025 GMT Subject: CN=45a4e5638cda8171bc0fea16e5449bdcb06202bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:15:5f:67:56:d7:8a:c8:56:b0:37:26:95:39: 1b:1b:54:80:e9:21:ca:21:d2:17:23:30:dc:d8:9b: d4:33:3c:a0:34:b5:76:54:1a:69:fe:3f:91:db:a8: a9:7d:78:27:57:f1:86:70:4a:2d:d7:72:e9:a5:a3: ee:2c:6d:44:97:ce:89:8e:ed:01:2d:ed:9e:80:84: fb:81:cd:ca:37:ab:b0:10:b7:f9:d6:93:72:3b:34: fc:8a:82:02:76:37:cb:4b:5a:39:cf:f7:b9:ea:91: 00:7e:fb:4e:af:62:db:65:42:3c:28:a2:9c:9b:4f: cb:cc:d8:32:c8:af:84:ab:5a:1d:13:bd:34:5c:ef: 6b:44:72:2a:64:af:d2:34:b4:66:9c:45:18:a5:de: 51:e2:2e:29:a9:b5:0e:22:c7:be:63:b4:53:ce:0b: e0:f0:16:fa:d4:99:a3:d0:64:30:48:4b:d6:3c:4b: a1:ce:05:de:df:c9:29:ad:fb:60:0f:51:5e:00:f6: b9:1d:58:98:21:7f:c0:f2:98:37:7a:46:8d:86:b9: 11:4e:5a:41:a8:b5:2b:46:6a:03:73:ba:ad:2b:c6: af:64:1d:ca:be:4b:26:35:4a:47:b7:c2:4b:7c:a9: ec:cf:0f:12:ce:9a:df:6e:99:c0:d1:62:bf:df:11: 62:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:A4:E5:63:8C:DA:81:71:BC:0F:EA:16:E5:44:9B:DC:B0:62:02:BB X509v3 Authority Key Identifier: keyid:75:BD:D3:8A:38:83:24:0E:46:C4:B1:AC:8B:BF:83:17:DE:8F:F8:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/db3TijiDJA5GxLGsi7-DF96P-IU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c3a4f7-2d0a-4924-8cdb-8da60535e6a0/1/db3TijiDJA5GxLGsi7-DF96P-IU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:3a:b6:b0:c4:a9:e1:05:4c:56:35:7e:3b:ab:30:76:37:74: bb:2e:56:a1:5c:91:56:74:28:f0:bc:bf:66:0e:03:4a:9a:be: 51:42:c1:63:5a:ff:00:76:de:a1:dc:2d:47:16:31:90:c1:40: bf:bd:09:de:fc:59:9a:6c:a9:20:50:2f:8b:ab:f4:70:d2:5f: 17:80:89:84:77:ac:1e:ce:3e:3c:31:9c:ad:2f:bc:de:b1:7b: 70:73:45:54:08:0b:0b:c8:f9:17:26:25:e4:94:57:49:2a:46: 05:41:45:f8:d1:66:60:1c:23:da:6e:c7:59:79:18:c7:40:a6: 86:ed:d1:bf:ec:36:41:d7:d1:3e:03:4a:60:04:59:7f:42:d5: d9:8c:99:ae:99:7e:18:c3:59:99:1a:ad:c7:35:2d:79:22:ea: 85:c2:62:ae:47:d2:a0:2c:75:37:47:6e:03:e0:2d:d1:e4:c9: 18:41:06:3b:68:46:df:ee:d5:f3:95:6a:88:fd:6b:ac:3b:97: 33:89:45:9e:87:ff:21:a1:e8:86:72:0f:e3:70:7b:1f:a6:d8: 8e:22:36:f7:1f:50:a2:3e:0a:49:4c:dd:bc:b1:13:2f:71:9f: 9b:ee:ee:1a:b0:13:62:c1:fc:a9:3b:d7:eb:67:d8:74:28:a8: f8:5b:14:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtavxLQYf9U8B7tUSYJeHYsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1YmRkMzhhMzg4MzI0MGU0NmM0YjFhYzhiYmY4MzE3ZGU4 ZmY4ODUwHhcNMjUxMjI2MTMwMDMwWhcNMjUxMjI3MTMwMDMwWjAzMTEwLwYDVQQD Eyg0NWE0ZTU2MzhjZGE4MTcxYmMwZmVhMTZlNTQ0OWJkY2IwNjIwMmJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthVfZ1bXishWsDcmlTkbG1SA6SHK IdIXIzDc2JvUMzygNLV2VBpp/j+R26ipfXgnV/GGcEot13LppaPuLG1El86Jju0B Le2egIT7gc3KN6uwELf51pNyOzT8ioICdjfLS1o5z/e56pEAfvtOr2LbZUI8KKKc m0/LzNgyyK+Eq1odE700XO9rRHIqZK/SNLRmnEUYpd5R4i4pqbUOIse+Y7RTzgvg 8Bb61Jmj0GQwSEvWPEuhzgXe38kprftgD1FeAPa5HViYIX/A8pg3ekaNhrkRTlpB qLUrRmoDc7qtK8avZB3KvksmNUpHt8JLfKnszw8SzprfbpnA0WK/3xFiswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEWk5WOM2oFxvA/qFuVEm9ywYgK7MB8GA1UdIwQY MBaAFHW904o4gyQORsSxrIu/gxfej/iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGIt OGRhNjA1MzVlNmEwLzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9jM2E0ZjctMmQwYS00OTI0LThjZGItOGRhNjA1MzVlNmEw LzEvZGIzVGlqaURKQTVHeExHc2k3LURGOTZQLUlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjzq2sMSp 4QVMVjV+O6swdjd0uy5WoVyRVnQo8Ly/Zg4DSpq+UULBY1r/AHbeodwtRxYxkMFA v70J3vxZmmypIFAvi6v0cNJfF4CJhHesHs4+PDGcrS+83rF7cHNFVAgLC8j5FyYl 5JRXSSpGBUFF+NFmYBwj2m7HWXkYx0Cmhu3Rv+w2QdfRPgNKYARZf0LV2YyZrpl+ GMNZmRqtxzUteSLqhcJirkfSoCx1N0duA+At0eTJGEEGO2hG3+7V85VqiP1rrDuX M4lFnof/IaHohnIP43B7H6bYjiI29x9Qoj4KSUzdvLETL3Gfm+7uGrATYsH8qTvX 62fYdCio+FsUlQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:56 2025 by rpki-client