This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft File: 3DU3KrVODfO_UU1fCMpS5De9kaQ.mft (raw, json) Hash identifier: imsOzCotJNB3EDI8kaWAfY53JxIsnc7lcXdns0Iwbvk= Subject key identifier: 81:45:95:A0:01:F9:A1:F3:14:59:07:05:EF:1E:35:36:EF:95:3C:BE Authority key identifier: DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4 Certificate issuer: /CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4 Certificate serial: 019B5AF637E6F9DF48B4CDB42B4025B018CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft Manifest number: 06E9 Signing time: Fri 26 Dec 2025 14:00:43 +0000 Manifest this update: Fri 26 Dec 2025 14:00:43 +0000 Manifest next update: Sat 27 Dec 2025 14:00:43 +0000 Files and hashes: 1: 3DU3KrVODfO_UU1fCMpS5De9kaQ.crl (hash: u1d0E5DirE1vk/sar7mnjiiwneLl/pk8iVpO0Sb/uLc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:37:e6:f9:df:48:b4:cd:b4:2b:40:25:b0:18:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc35372ab54e0df3bf514d5f08ca52e437bd91a4 Validity Not Before: Dec 26 14:00:43 2025 GMT Not After : Dec 27 14:00:43 2025 GMT Subject: CN=814595a001f9a1f314590705ef1e3536ef953cbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:be:d0:d9:7c:04:69:cc:09:f8:08:2b:3f:0a: 95:c6:d7:eb:67:12:0d:c2:36:a4:75:ac:5f:90:d1: a8:f4:d0:0e:ab:51:8f:b8:2b:3d:fc:94:c0:a5:5e: 7c:70:75:96:4a:39:77:87:d0:75:6d:04:68:74:73: 62:3b:a9:3e:54:1d:73:52:c0:78:a6:18:21:76:09: ac:ab:c9:c2:9d:8e:3d:d4:f1:29:65:f0:45:ed:16: 51:45:22:f8:d9:98:f8:97:12:8e:ef:d4:c8:78:b6: 55:ec:d8:6d:4f:88:ad:a2:62:61:54:53:ef:f8:c9: c7:6a:53:83:0f:46:30:96:3d:b2:1b:26:bf:3d:9d: e1:74:40:94:05:ec:aa:54:a0:07:39:95:c7:4b:24: 85:51:e1:8c:33:5e:8d:bb:de:66:e3:ab:1f:c6:8d: 7d:1a:2c:ad:6f:7a:0f:c5:8c:f1:8e:ba:0c:38:6c: a7:68:65:fd:85:95:02:58:5c:69:6f:6d:95:cf:0b: d2:ee:3d:ad:fa:52:4e:6a:bb:cb:4b:43:7f:6f:f9: a7:d4:9a:2d:d8:56:30:a6:30:0b:35:da:da:a4:f6: 3e:89:06:58:d7:38:58:57:5e:a6:61:80:ea:75:d2: 92:d1:8e:d3:ba:90:05:8d:cd:35:c4:8e:c4:d0:ff: 2a:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:45:95:A0:01:F9:A1:F3:14:59:07:05:EF:1E:35:36:EF:95:3C:BE X509v3 Authority Key Identifier: keyid:DC:35:37:2A:B5:4E:0D:F3:BF:51:4D:5F:08:CA:52:E4:37:BD:91:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DU3KrVODfO_UU1fCMpS5De9kaQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b1a34f-93a3-41b0-b096-1977ac24d211/1/3DU3KrVODfO_UU1fCMpS5De9kaQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:e8:68:9b:f7:a0:05:25:03:0c:e3:d4:cf:8d:7d:7d:f7:ea: a9:f1:8a:d0:6f:c9:15:27:00:7b:d8:11:a2:13:0b:05:84:fd: be:21:3c:cd:1e:05:78:24:4f:2e:e6:a6:95:c7:6e:45:dc:73: b3:04:ee:a0:21:b8:2b:59:4c:40:5b:de:72:27:b8:f5:59:e6: 19:dc:48:de:59:0a:f0:22:0b:37:90:af:29:eb:e0:d5:0e:d2: 82:93:29:ad:a0:25:53:96:25:5d:1f:aa:2e:ea:23:48:e1:32: e0:4a:fe:d6:df:ab:d7:f0:78:8f:ce:f2:4e:13:3b:49:2c:72: d6:58:42:30:9c:2a:e4:49:c1:2c:2c:f0:cd:aa:44:48:89:ab: 50:2a:1e:8f:f6:9c:7a:88:f5:70:ea:83:b8:08:e5:a1:c6:33: 75:8c:d2:25:54:e9:de:b7:fd:2d:7e:3c:12:69:59:af:0f:dd: 4e:a4:f1:8e:31:c6:90:f9:91:33:d9:b2:a5:d6:a9:6e:47:ce: 04:72:b6:1b:29:47:54:24:9f:18:99:0f:83:12:d1:25:e8:40: 60:58:96:87:83:a6:5e:6d:ee:e5:27:1c:8a:8b:17:82:24:5e: 1f:06:8e:56:23:82:9d:b2:71:74:bd:11:00:d6:b9:bc:92:e3: 3b:a8:0b:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9jfm+d9ItM20K0AlsBjLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMzUzNzJhYjU0ZTBkZjNiZjUxNGQ1ZjA4Y2E1MmU0Mzdi ZDkxYTQwHhcNMjUxMjI2MTQwMDQzWhcNMjUxMjI3MTQwMDQzWjAzMTEwLwYDVQQD Eyg4MTQ1OTVhMDAxZjlhMWYzMTQ1OTA3MDVlZjFlMzUzNmVmOTUzY2JlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b7Q2XwEacwJ+AgrPwqVxtfrZxIN wjakdaxfkNGo9NAOq1GPuCs9/JTApV58cHWWSjl3h9B1bQRodHNiO6k+VB1zUsB4 phghdgmsq8nCnY491PEpZfBF7RZRRSL42Zj4lxKO79TIeLZV7NhtT4itomJhVFPv +MnHalODD0Ywlj2yGya/PZ3hdECUBeyqVKAHOZXHSySFUeGMM16Nu95m46sfxo19 Giytb3oPxYzxjroMOGynaGX9hZUCWFxpb22VzwvS7j2t+lJOarvLS0N/b/mn1Jot 2FYwpjALNdrapPY+iQZY1zhYV16mYYDqddKS0Y7TupAFjc01xI7E0P8qJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIFFlaAB+aHzFFkHBe8eNTbvlTy+MB8GA1UdIwQY MBaAFNw1Nyq1Tg3zv1FNXwjKUuQ3vZGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYt MTk3N2FjMjRkMjExLzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9iMWEzNGYtOTNhMy00MWIwLWIwOTYtMTk3N2FjMjRkMjEx LzEvM0RVM0tyVk9EZk9fVVUxZkNNcFM1RGU5a2FRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtuhom/eg BSUDDOPUz419fffqqfGK0G/JFScAe9gRohMLBYT9viE8zR4FeCRPLuamlcduRdxz swTuoCG4K1lMQFvecie49VnmGdxI3lkK8CILN5CvKevg1Q7SgpMpraAlU5YlXR+q LuojSOEy4Er+1t+r1/B4j87yThM7SSxy1lhCMJwq5EnBLCzwzapESImrUCoej/ac eoj1cOqDuAjlocYzdYzSJVTp3rf9LX48EmlZrw/dTqTxjjHGkPmRM9mypdapbkfO BHK2GylHVCSfGJkPgxLRJehAYFiWh4OmXm3u5ScciosXgiReHwaOViOCnbJxdL0R ANa5vJLjO6gLUg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:35 2025 by rpki-client