This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft File: CaT39OTp5yw6M5P7XW6nQrwbTCg.mft (raw, json) Hash identifier: 1ru7YqxM3zuULRl89ZJ0G/ArNX7l8GWm51TYQSUQiK0= Subject key identifier: C9:A4:08:3D:95:3C:6D:E5:42:52:D5:2B:2A:78:07:52:3E:8E:56:FB Authority key identifier: 09:A4:F7:F4:E4:E9:E7:2C:3A:33:93:FB:5D:6E:A7:42:BC:1B:4C:28 Certificate issuer: /CN=09a4f7f4e4e9e72c3a3393fb5d6ea742bc1b4c28 Certificate serial: 019B5A1A717408136C320DF35CF322F8B11E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft Manifest number: 115A Signing time: Fri 26 Dec 2025 10:00:40 +0000 Manifest this update: Fri 26 Dec 2025 10:00:40 +0000 Manifest next update: Sat 27 Dec 2025 10:00:40 +0000 Files and hashes: 1: CaT39OTp5yw6M5P7XW6nQrwbTCg.crl (hash: OSvpB4ohsmN3MZpq6W5Oenbo33H0AdZRWiadPUjtj7E=) 2: JoXcYev6DySlst62DTDcDz1JN0Q.roa (hash: PRhyl4bdJivpbrgVw6w06UO6PZN+9+qwU0T6MPbrnFs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:71:74:08:13:6c:32:0d:f3:5c:f3:22:f8:b1:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09a4f7f4e4e9e72c3a3393fb5d6ea742bc1b4c28 Validity Not Before: Dec 26 10:00:40 2025 GMT Not After : Dec 27 10:00:40 2025 GMT Subject: CN=c9a4083d953c6de54252d52b2a7807523e8e56fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:4c:a8:6d:b4:12:96:18:ad:73:2f:1f:7d:78: 1c:fb:2e:e7:ad:70:b8:58:7b:55:40:24:4b:bb:de: cb:5a:cb:ea:88:f3:0d:0b:c7:02:b4:70:a7:4a:09: b5:aa:50:58:2c:50:4f:67:cf:f7:c8:0f:3a:aa:e3: dd:6f:d4:b7:4a:23:c8:92:e6:02:86:71:0b:c2:3a: 4f:66:3b:86:a9:af:92:e0:c0:3d:f1:b1:48:56:96: 43:3b:4d:14:33:8e:e2:47:67:4e:5f:af:57:87:49: ea:7b:3c:92:8a:b1:81:15:d5:1a:23:48:b4:e0:ac: d3:78:93:95:e1:b4:94:7e:7b:f8:e0:c6:7a:94:4a: 3a:e9:48:e8:04:0d:c7:29:6d:25:bb:7b:99:82:1c: 22:ae:cc:6a:cc:37:07:5c:9b:5a:69:32:0a:50:76: 57:16:03:02:82:4a:3f:fc:68:ed:c9:0a:f0:37:2b: c0:c3:eb:63:70:90:da:fe:39:56:a9:87:b6:d9:65: 46:80:4f:fd:4b:78:be:48:fc:f2:22:d2:7e:41:97: a6:e6:3e:9e:b0:ae:ea:10:13:42:49:0d:1d:4b:da: 81:b8:fc:80:e0:b1:28:fd:99:9f:bc:f2:e4:73:8f: e4:97:8f:52:76:69:3e:86:60:10:80:ac:b4:7c:b3: 23:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:A4:08:3D:95:3C:6D:E5:42:52:D5:2B:2A:78:07:52:3E:8E:56:FB X509v3 Authority Key Identifier: keyid:09:A4:F7:F4:E4:E9:E7:2C:3A:33:93:FB:5D:6E:A7:42:BC:1B:4C:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CaT39OTp5yw6M5P7XW6nQrwbTCg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3b48d5-28da-4385-9395-284c82dec7c6/1/CaT39OTp5yw6M5P7XW6nQrwbTCg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:51:fe:ef:c1:47:9f:2a:b1:d0:22:70:56:49:07:71:33:23: ce:82:2e:8a:2d:63:c4:67:a6:53:79:15:f3:f7:1b:3b:d3:fe: e4:d0:d4:a6:cd:30:d4:bf:9b:65:d5:18:ae:42:f1:ee:64:98: c1:f0:ba:18:d5:db:64:17:f1:54:32:36:5d:1f:a9:5f:f9:e9: 15:6f:22:70:aa:23:4b:c8:b4:d1:e7:06:bc:c4:98:42:84:5d: 94:ea:af:2e:63:38:7e:59:c9:86:f7:1a:eb:9c:30:40:7e:77: 97:7c:b3:5a:93:c3:26:7c:2d:d9:10:cb:31:f9:6a:30:52:7e: 2c:11:be:97:1a:ff:bb:9c:02:4f:f2:61:4b:7d:4a:63:9f:d6: f6:3b:f0:dd:6f:96:58:b2:25:76:8a:dd:44:8e:82:2d:15:72: 99:66:fe:91:20:da:51:a9:80:a6:86:74:dc:a7:c6:ab:e2:2d: a2:aa:5a:dd:f8:5e:60:32:08:a5:bd:84:95:aa:cd:6d:cd:91: be:7d:9a:b4:e4:dd:c0:ee:3c:5b:92:f1:ef:1a:63:32:ee:03: 1b:e6:ef:9f:c4:1e:18:b4:a8:53:39:2a:33:55:ae:66:7f:ff: 28:d9:37:7b:64:a1:2c:7b:9b:03:18:29:24:4c:2c:a2:d1:ea: e3:d3:c1:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGnF0CBNsMg3zXPMi+LEeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5YTRmN2Y0ZTRlOWU3MmMzYTMzOTNmYjVkNmVhNzQyYmMx YjRjMjgwHhcNMjUxMjI2MTAwMDQwWhcNMjUxMjI3MTAwMDQwWjAzMTEwLwYDVQQD EyhjOWE0MDgzZDk1M2M2ZGU1NDI1MmQ1MmIyYTc4MDc1MjNlOGU1NmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kyobbQSlhitcy8ffXgc+y7nrXC4 WHtVQCRLu97LWsvqiPMNC8cCtHCnSgm1qlBYLFBPZ8/3yA86quPdb9S3SiPIkuYC hnELwjpPZjuGqa+S4MA98bFIVpZDO00UM47iR2dOX69Xh0nqezySirGBFdUaI0i0 4KzTeJOV4bSUfnv44MZ6lEo66UjoBA3HKW0lu3uZghwirsxqzDcHXJtaaTIKUHZX FgMCgko//GjtyQrwNyvAw+tjcJDa/jlWqYe22WVGgE/9S3i+SPzyItJ+QZem5j6e sK7qEBNCSQ0dS9qBuPyA4LEo/ZmfvPLkc4/kl49Sdmk+hmAQgKy0fLMjjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMmkCD2VPG3lQlLVKyp4B1I+jlb7MB8GA1UdIwQY MBaAFAmk9/Tk6ecsOjOT+11up0K8G0woMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2FUMzlPVHA1eXc2TTVQN1hXNm5RcndiVENnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8zYjQ4ZDUtMjhkYS00Mzg1LTkzOTUt Mjg0YzgyZGVjN2M2LzEvQ2FUMzlPVHA1eXc2TTVQN1hXNm5RcndiVENnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy8zYjQ4ZDUtMjhkYS00Mzg1LTkzOTUtMjg0YzgyZGVjN2M2 LzEvQ2FUMzlPVHA1eXc2TTVQN1hXNm5RcndiVENnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGFH+78FH nyqx0CJwVkkHcTMjzoIuii1jxGemU3kV8/cbO9P+5NDUps0w1L+bZdUYrkLx7mSY wfC6GNXbZBfxVDI2XR+pX/npFW8icKojS8i00ecGvMSYQoRdlOqvLmM4flnJhvca 65wwQH53l3yzWpPDJnwt2RDLMflqMFJ+LBG+lxr/u5wCT/JhS31KY5/W9jvw3W+W WLIldordRI6CLRVymWb+kSDaUamApoZ03KfGq+Itoqpa3fheYDIIpb2ElarNbc2R vn2atOTdwO48W5Lx7xpjMu4DG+bvn8QeGLSoUzkqM1WuZn//KNk3e2ShLHubAxgp JEwsotHq49PBsQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:04 2025 by rpki-client