This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft File: 3ciCMsB94s3Llur551FVC6pmxYg.mft (raw, json) Hash identifier: 4413PVtZ4WIeJQMeGv7dBr9CW9lY8NmXPPgpcmyc83Y= Subject key identifier: 03:44:E4:87:F4:0E:ED:DE:72:2C:B9:F4:25:48:46:27:B8:C9:D9:B7 Authority key identifier: DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88 Certificate issuer: /CN=ddc88232c07de2cdcb96eaf9e751550baa66c588 Certificate serial: 019B194D1CA013FA27593C1AF4A32CD99F2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft Manifest number: 0ED8 Signing time: Sat 13 Dec 2025 20:00:42 +0000 Manifest this update: Sat 13 Dec 2025 20:00:42 +0000 Manifest next update: Sun 14 Dec 2025 20:00:42 +0000 Files and hashes: 1: 3ciCMsB94s3Llur551FVC6pmxYg.crl (hash: TrXNlDulykYlTnfQ7xtpGZdnZNQWH+/Un2NHb774wJY=) 2: OK60eEXoBVz15pEwVmX0yYULZbk.roa (hash: irOuBXNJpmhp7Bb40BZggz4rGVp00h/PvH1AyeAmbL8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:4d:1c:a0:13:fa:27:59:3c:1a:f4:a3:2c:d9:9f:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ddc88232c07de2cdcb96eaf9e751550baa66c588 Validity Not Before: Dec 13 20:00:42 2025 GMT Not After : Dec 14 20:00:42 2025 GMT Subject: CN=0344e487f40eedde722cb9f425484627b8c9d9b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f7:86:74:70:51:a7:8c:4c:07:59:44:c2:3b: 1b:c5:86:59:46:b0:1c:32:43:97:a8:ee:f6:48:ca: fe:f8:3f:ed:80:67:26:1d:e4:19:48:b6:c3:d9:79: 63:6a:88:1a:ac:9a:b7:de:42:82:c0:32:7b:49:02: e6:e9:27:3d:07:37:e6:9a:36:32:dc:a9:85:7d:51: 32:5f:16:7a:91:ad:eb:b8:9d:fb:ba:ea:34:35:68: a1:ec:f9:fd:b6:4c:a4:f3:8b:49:31:91:b9:30:13: bd:fb:19:84:85:b9:98:e9:c0:6d:45:1a:89:a3:1e: ce:9e:89:f7:21:c1:09:9d:60:28:58:76:ba:c9:7e: 46:a2:93:d6:aa:fb:fc:05:0e:4a:84:6d:53:06:ee: 27:51:f1:6c:e0:5a:d6:44:60:d0:b4:4e:ff:c6:11: 67:e1:dc:e1:da:5e:df:2e:09:66:1b:8e:6e:5b:0a: 00:6a:c8:aa:fd:50:76:4f:98:58:c7:50:ae:34:c8: c4:b9:f2:5b:5f:e4:c9:72:04:16:c5:7f:7e:0c:d8: e7:56:55:8f:09:ea:9a:d0:23:dc:88:00:89:43:0d: a2:c8:77:ad:8f:65:cb:3f:5e:94:2f:8d:0c:7e:b8: e7:54:e5:88:de:50:ea:20:45:1d:b0:95:28:c8:1f: e7:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:44:E4:87:F4:0E:ED:DE:72:2C:B9:F4:25:48:46:27:B8:C9:D9:B7 X509v3 Authority Key Identifier: keyid:DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:be:94:b5:1f:32:fc:b4:67:1b:70:35:57:22:94:56:d2:cf: c3:e5:27:23:8d:e2:11:e1:ad:f4:df:b4:8e:f3:7a:df:80:a1: 26:7a:aa:79:36:7d:09:60:be:2c:f1:56:0f:79:fa:39:35:b4: 16:3a:99:79:a1:72:08:f0:29:4c:ae:99:b3:d2:44:f4:66:7f: 89:1f:38:87:d1:61:c6:bd:44:1c:d1:4d:e4:18:1b:66:90:b6: 34:ba:0c:21:38:b3:56:0b:d9:19:b0:f3:c4:7c:74:d3:b4:9b: d2:b2:b1:cc:6e:4e:b3:f3:8f:c4:9a:c4:f6:b9:63:5e:45:5d: 57:d2:6a:0a:40:9f:c6:ee:67:12:e0:f9:77:37:ff:1e:f0:89: a4:cb:85:e1:20:be:cd:09:23:da:2d:de:93:c9:6e:a6:d0:a3: 74:d6:54:c8:01:5e:66:7d:39:29:d1:5b:76:55:e4:6a:44:af: 8f:16:51:d5:2b:88:ce:68:5d:95:e6:8f:47:ff:71:26:eb:d8: b8:9f:cf:21:57:af:b9:35:57:98:cc:90:df:c4:d6:ac:af:57: 49:fa:4c:8a:b0:32:80:5b:21:24:b6:c6:f6:37:ea:e2:ff:45: 28:cb:dc:3d:1a:78:68:c4:3a:29:15:ed:f6:0f:ef:50:ba:e2: 3a:46:01:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZTRygE/onWTwa9KMs2Z8rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkYzg4MjMyYzA3ZGUyY2RjYjk2ZWFmOWU3NTE1NTBiYWE2 NmM1ODgwHhcNMjUxMjEzMjAwMDQyWhcNMjUxMjE0MjAwMDQyWjAzMTEwLwYDVQQD EygwMzQ0ZTQ4N2Y0MGVlZGRlNzIyY2I5ZjQyNTQ4NDYyN2I4YzlkOWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPeGdHBRp4xMB1lEwjsbxYZZRrAc MkOXqO72SMr++D/tgGcmHeQZSLbD2XljaogarJq33kKCwDJ7SQLm6Sc9BzfmmjYy 3KmFfVEyXxZ6ka3ruJ37uuo0NWih7Pn9tkyk84tJMZG5MBO9+xmEhbmY6cBtRRqJ ox7Onon3IcEJnWAoWHa6yX5GopPWqvv8BQ5KhG1TBu4nUfFs4FrWRGDQtE7/xhFn 4dzh2l7fLglmG45uWwoAasiq/VB2T5hYx1CuNMjEufJbX+TJcgQWxX9+DNjnVlWP Ceqa0CPciACJQw2iyHetj2XLP16UL40MfrjnVOWI3lDqIEUdsJUoyB/npQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFANE5If0Du3eciy59CVIRie4ydm3MB8GA1UdIwQY MBaAFN3IgjLAfeLNy5bq+edRVQuqZsWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGIt NDJjNzliMDNiNGRmLzEvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGItNDJjNzliMDNiNGRm LzEvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcr6UtR8y /LRnG3A1VyKUVtLPw+UnI43iEeGt9N+0jvN634ChJnqqeTZ9CWC+LPFWD3n6OTW0 FjqZeaFyCPApTK6Zs9JE9GZ/iR84h9Fhxr1EHNFN5BgbZpC2NLoMITizVgvZGbDz xHx007Sb0rKxzG5Os/OPxJrE9rljXkVdV9JqCkCfxu5nEuD5dzf/HvCJpMuF4SC+ zQkj2i3ek8luptCjdNZUyAFeZn05KdFbdlXkakSvjxZR1SuIzmhdleaPR/9xJuvY uJ/PIVevuTVXmMyQ38TWrK9XSfpMirAygFshJLbG9jfq4v9FKMvcPRp4aMQ6KRXt 9g/vULriOkYBOg== -----END CERTIFICATE-----Generated at Sun Dec 14 00:00:58 2025 by rpki-client