This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft File: 3PhcNsaW1dssu0j9Q-ghc37jQic.mft (raw, json) Hash identifier: 6UJmute3ii3KL+0r9XZEl/04wqI4np0zFS2uPx0TQuU= Subject key identifier: 90:3A:BE:DF:1D:92:F5:A7:95:E2:BF:4C:58:F2:31:E1:48:3B:0A:A0 Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27 Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227 Certificate serial: 019B476FD2393BEC5E910B74DB8EFBC08C6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft Manifest number: 11C8 Signing time: Mon 22 Dec 2025 19:01:09 +0000 Manifest this update: Mon 22 Dec 2025 19:01:09 +0000 Manifest next update: Tue 23 Dec 2025 19:01:09 +0000 Files and hashes: 1: 3PhcNsaW1dssu0j9Q-ghc37jQic.crl (hash: jNeVP3N4kYLuj5rKqgUOy8cT2rbgOPg+Mdsm9BMTDxY=) 2: AuGSVrNkGgUtthLzU1YbunCRJmA.roa (hash: N+p3SVnY5s1RjPh5Td733eJn6W460syQCiw/MVZ+pqA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 19:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:6f:d2:39:3b:ec:5e:91:0b:74:db:8e:fb:c0:8c:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227 Validity Not Before: Dec 22 19:01:09 2025 GMT Not After : Dec 23 19:01:09 2025 GMT Subject: CN=903abedf1d92f5a795e2bf4c58f231e1483b0aa0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:bd:78:dc:24:e8:46:b3:12:41:c1:66:36:06: ed:48:33:76:75:2e:37:6c:db:e7:69:59:85:e1:8c: 66:a3:8d:29:c7:ad:c5:f5:46:1e:97:d2:8e:0e:1c: db:37:c8:39:8c:63:65:4b:e8:90:b7:83:d5:4f:ac: b5:4d:fc:6d:cf:21:62:e8:40:72:7e:47:81:67:0f: c3:66:db:73:16:ee:47:30:72:8a:56:c2:a2:30:52: 92:62:f8:8c:9b:8a:b3:22:b0:5b:04:d2:0b:8e:ab: bb:20:c7:d7:16:d7:ef:d9:a8:8f:08:0c:7f:b6:34: 7f:c5:30:07:62:15:96:eb:8b:37:1f:86:e9:71:23: 5b:9c:26:b2:ca:b8:34:c8:9b:c3:61:ab:eb:da:ee: 59:b7:29:8d:7b:c0:cc:be:75:d7:e8:aa:88:06:42: ea:1d:95:4d:ab:f5:56:4f:ea:01:d5:a8:59:08:c7: 75:93:36:7f:ae:2d:33:39:e4:57:6c:55:9d:8c:f1: 31:31:52:be:c6:be:5e:72:dd:35:b0:3b:e3:fc:dd: 17:3d:b8:23:8e:d9:b3:71:a1:76:f0:01:62:b9:7c: 02:45:e4:08:86:91:48:f9:02:3f:11:ed:31:a7:eb: 5c:ea:c7:f4:f8:82:0c:eb:91:e0:c5:05:c5:ea:c9: 63:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:3A:BE:DF:1D:92:F5:A7:95:E2:BF:4C:58:F2:31:E1:48:3B:0A:A0 X509v3 Authority Key Identifier: keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:4e:36:28:7c:af:d9:d1:83:2e:6a:45:08:f5:66:e2:df:50: 67:e1:c1:37:e6:05:59:7b:41:78:11:42:79:dc:fd:43:3f:7b: 06:41:ee:f1:4e:b2:79:95:5e:b8:fa:5b:50:a2:23:68:45:90: fa:e4:a4:93:18:34:20:d6:9a:a4:b0:b4:cb:fb:d4:85:19:52: b5:40:39:49:e2:5f:46:c8:f8:3b:4b:c0:92:be:3d:51:a8:41: f3:5e:13:07:d8:12:c3:9a:05:04:fa:ab:e6:69:13:10:cb:e4: e8:7f:29:58:d0:63:90:ef:6f:cd:f0:e1:94:57:4d:8e:24:1d: cf:ac:74:61:be:7a:e1:6d:00:7c:72:07:d8:8d:bd:9e:71:15: 12:36:cc:48:46:b6:a7:e2:64:48:71:0a:84:c3:dc:0b:5c:73: e0:19:25:c8:fa:a4:e5:5c:45:1e:48:f5:25:a2:21:7f:e3:d9: 7a:83:e8:4a:1d:59:e5:b0:85:90:4b:f3:9a:aa:6f:b1:ff:18: 20:98:6a:50:d1:2e:3a:8f:2c:6d:58:5f:7f:01:07:9c:bc:f1: 01:25:e9:72:ff:98:fa:64:c8:d4:de:a1:26:81:b9:93:c8:c2: 01:a1:00:f8:c0:f5:34:54:f3:90:9b:1d:1f:52:f8:54:ce:51: 6d:54:03:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHb9I5O+xekQt02477wIxrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl MzQyMjcwHhcNMjUxMjIyMTkwMTA5WhcNMjUxMjIzMTkwMTA5WjAzMTEwLwYDVQQD Eyg5MDNhYmVkZjFkOTJmNWE3OTVlMmJmNGM1OGYyMzFlMTQ4M2IwYWEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArr143CToRrMSQcFmNgbtSDN2dS43 bNvnaVmF4Yxmo40px63F9UYel9KODhzbN8g5jGNlS+iQt4PVT6y1TfxtzyFi6EBy fkeBZw/DZttzFu5HMHKKVsKiMFKSYviMm4qzIrBbBNILjqu7IMfXFtfv2aiPCAx/ tjR/xTAHYhWW64s3H4bpcSNbnCayyrg0yJvDYavr2u5ZtymNe8DMvnXX6KqIBkLq HZVNq/VWT+oB1ahZCMd1kzZ/ri0zOeRXbFWdjPExMVK+xr5ect01sDvj/N0XPbgj jtmzcaF28AFiuXwCReQIhpFI+QI/Ee0xp+tc6sf0+IIM65HgxQXF6slj0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJA6vt8dkvWnleK/TFjyMeFIOwqgMB8GA1UdIwQY MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt MGY1MmY4NjcxNzhkLzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVk42KHyv 2dGDLmpFCPVm4t9QZ+HBN+YFWXtBeBFCedz9Qz97BkHu8U6yeZVeuPpbUKIjaEWQ +uSkkxg0INaapLC0y/vUhRlStUA5SeJfRsj4O0vAkr49UahB814TB9gSw5oFBPqr 5mkTEMvk6H8pWNBjkO9vzfDhlFdNjiQdz6x0Yb564W0AfHIH2I29nnEVEjbMSEa2 p+JkSHEKhMPcC1xz4BklyPqk5VxFHkj1JaIhf+PZeoPoSh1Z5bCFkEvzmqpvsf8Y IJhqUNEuOo8sbVhffwEHnLzxASXpcv+Y+mTI1N6hJoG5k8jCAaEA+MD1NFTzkJsd H1L4VM5RbVQDXA== -----END CERTIFICATE-----Generated at Tue Dec 23 05:03:47 2025 by rpki-client