This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft File: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft (raw, json) Hash identifier: n41JcPPhL9bsOsPXvoonAq+Q/Ajiw1YS0ex8swzgx7w= Subject key identifier: FE:04:6D:8B:73:71:BE:D2:EE:93:AC:55:E9:49:30:7F:9F:57:59:E2 Authority key identifier: DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 Certificate issuer: /CN=de17fd66577b3ed358b3862a7dd980944a85d507 Certificate serial: 019B5A883EF42FD79A88B162E4D0810912F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft Manifest number: 0356 Signing time: Fri 26 Dec 2025 12:00:36 +0000 Manifest this update: Fri 26 Dec 2025 12:00:36 +0000 Manifest next update: Sat 27 Dec 2025 12:00:36 +0000 Files and hashes: 1: 3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl (hash: e5rcKnbdEm4jGi/xmBY+U7giYbQwPaMJx5f+ojAZTdM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:3e:f4:2f:d7:9a:88:b1:62:e4:d0:81:09:12:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de17fd66577b3ed358b3862a7dd980944a85d507 Validity Not Before: Dec 26 12:00:36 2025 GMT Not After : Dec 27 12:00:36 2025 GMT Subject: CN=fe046d8b7371bed2ee93ac55e949307f9f5759e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:8b:f8:a6:95:d8:c2:49:f2:f5:1e:41:58:eb: 03:c9:ba:c6:dd:5d:cf:08:0f:6b:86:a8:dd:a1:78: d6:08:77:29:d9:58:7f:ef:e0:dd:dd:c7:50:50:aa: 18:15:29:97:21:f0:57:d9:e2:f3:01:06:29:01:09: ac:a0:1f:0e:8a:a0:29:d6:8b:fb:47:3c:10:9d:a0: c8:87:63:df:21:e3:59:25:a4:1c:3c:30:4e:a7:c6: f3:a5:03:67:b4:30:dd:67:96:92:72:70:e4:52:8d: a5:77:98:b5:b6:d8:00:56:bd:43:02:6c:e8:bf:a0: 24:c2:3b:0f:e1:e4:00:23:18:36:ce:38:13:af:4e: fd:99:ed:62:4a:3d:35:31:56:20:4c:7a:fa:5b:c6: 44:78:f3:7f:1f:7f:c5:9d:8f:7f:27:63:c9:01:f6: df:98:21:53:7e:91:14:fa:02:c6:e5:1a:c7:3e:59: d9:ad:1e:6d:a0:cf:64:94:60:57:f1:10:14:85:a0: 61:f3:2f:78:82:e5:82:6c:0f:1a:25:d8:fa:ed:67: ba:8d:fd:79:ad:a4:84:5b:2a:40:9c:82:30:cf:d4: 5f:e8:df:1a:a5:44:93:12:fb:0c:a3:21:e8:11:3a: 8a:b0:ee:a2:6b:30:4a:f2:d3:d5:39:ac:08:b6:af: a0:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:04:6D:8B:73:71:BE:D2:EE:93:AC:55:E9:49:30:7F:9F:57:59:E2 X509v3 Authority Key Identifier: keyid:DE:17:FD:66:57:7B:3E:D3:58:B3:86:2A:7D:D9:80:94:4A:85:D5:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4e44c4-1a11-4b89-ada0-242c25c72012/1/3hf9Zld7PtNYs4YqfdmAlEqF1Qc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:01:6b:30:b5:46:bb:4c:6b:b0:8f:ae:90:97:9c:3e:ae:89: 8d:55:50:92:8c:7a:1a:d5:f0:07:cd:4a:ff:00:fe:fa:04:e2: 7e:d6:ae:74:38:fd:5f:9a:a4:e3:20:33:e8:2e:ab:6d:f5:7c: c0:43:2c:d4:01:9f:31:99:c5:a7:2f:55:81:6b:6d:14:f0:ea: 0e:22:83:a5:7f:71:9f:fe:62:2f:14:89:9d:a1:03:9e:28:8c: 62:85:df:67:04:00:2a:1e:5b:ed:2f:75:65:e7:01:44:4e:5a: 6e:c3:46:28:b1:e6:4a:62:ee:77:68:c3:84:44:0e:91:1e:49: 9a:2b:0c:a4:9c:eb:aa:97:b6:fb:93:05:6f:f9:d9:3b:8c:d4: 27:61:c2:db:bb:8a:5a:78:67:1f:47:0d:42:a5:1b:39:51:60: 52:f3:66:0f:64:ee:31:05:0a:82:7e:bd:80:b6:dc:17:e5:bb: 09:f5:1d:de:ae:33:bd:d8:79:c0:19:60:75:b2:29:dd:c9:1a: 26:f0:d7:49:5b:4b:d3:c5:6f:00:16:a7:d6:ce:68:67:80:0b: 6a:b6:8d:b0:d8:c6:96:9b:22:d9:6d:fd:7b:83:0e:c8:61:ff: d1:0f:ad:00:da:98:fd:0e:e0:2b:e3:5b:90:6d:22:44:d2:5f: 55:ed:a6:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiD70L9eaiLFi5NCBCRL5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTdmZDY2NTc3YjNlZDM1OGIzODYyYTdkZDk4MDk0NGE4 NWQ1MDcwHhcNMjUxMjI2MTIwMDM2WhcNMjUxMjI3MTIwMDM2WjAzMTEwLwYDVQQD EyhmZTA0NmQ4YjczNzFiZWQyZWU5M2FjNTVlOTQ5MzA3ZjlmNTc1OWUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIv4ppXYwkny9R5BWOsDybrG3V3P CA9rhqjdoXjWCHcp2Vh/7+Dd3cdQUKoYFSmXIfBX2eLzAQYpAQmsoB8OiqAp1ov7 RzwQnaDIh2PfIeNZJaQcPDBOp8bzpQNntDDdZ5aScnDkUo2ld5i1ttgAVr1DAmzo v6AkwjsP4eQAIxg2zjgTr079me1iSj01MVYgTHr6W8ZEePN/H3/FnY9/J2PJAfbf mCFTfpEU+gLG5RrHPlnZrR5toM9klGBX8RAUhaBh8y94guWCbA8aJdj67We6jf15 raSEWypAnIIwz9Rf6N8apUSTEvsMoyHoETqKsO6iazBK8tPVOawItq+gJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP4EbYtzcb7S7pOsVelJMH+fV1niMB8GA1UdIwQY MBaAFN4X/WZXez7TWLOGKn3ZgJRKhdUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAt MjQyYzI1YzcyMDEyLzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80ZTQ0YzQtMWExMS00Yjg5LWFkYTAtMjQyYzI1YzcyMDEy LzEvM2hmOVpsZDdQdE5ZczRZcWZkbUFsRXFGMVFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeAFrMLVG u0xrsI+ukJecPq6JjVVQkox6GtXwB81K/wD++gTiftaudDj9X5qk4yAz6C6rbfV8 wEMs1AGfMZnFpy9VgWttFPDqDiKDpX9xn/5iLxSJnaEDniiMYoXfZwQAKh5b7S91 ZecBRE5absNGKLHmSmLud2jDhEQOkR5JmisMpJzrqpe2+5MFb/nZO4zUJ2HC27uK WnhnH0cNQqUbOVFgUvNmD2TuMQUKgn69gLbcF+W7CfUd3q4zvdh5wBlgdbIp3cka JvDXSVtL08VvABan1s5oZ4ALaraNsNjGlpsi2W39e4MOyGH/0Q+tANqY/Q7gK+Nb kG0iRNJfVe2mcA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:21 2025 by rpki-client