This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft File: 3PhcNsaW1dssu0j9Q-ghc37jQic.mft (raw, json) Hash identifier: AOM5P/fxoTT4XUv49EBPBcg9gyaOh8gkIYxED8YAqbk= Subject key identifier: 67:D9:D4:7D:AE:23:22:88:DE:D9:76:88:B5:C5:7E:76:9D:01:B5:9E Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27 Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227 Certificate serial: 019B269BD5853BF97432077D0C78F47FBE50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft Manifest number: 11B7 Signing time: Tue 16 Dec 2025 10:01:45 +0000 Manifest this update: Tue 16 Dec 2025 10:01:45 +0000 Manifest next update: Wed 17 Dec 2025 10:01:45 +0000 Files and hashes: 1: 3PhcNsaW1dssu0j9Q-ghc37jQic.crl (hash: sy8OCMuXjGUaz1mmfrsa3Q3/5B6129eEJYjV/zbrCpY=) 2: AuGSVrNkGgUtthLzU1YbunCRJmA.roa (hash: N+p3SVnY5s1RjPh5Td733eJn6W460syQCiw/MVZ+pqA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 09:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:9b:d5:85:3b:f9:74:32:07:7d:0c:78:f4:7f:be:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227 Validity Not Before: Dec 16 10:01:45 2025 GMT Not After : Dec 17 10:01:45 2025 GMT Subject: CN=67d9d47dae232288ded97688b5c57e769d01b59e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7b:bf:51:ba:d7:d2:a9:3d:a8:03:ea:aa:28: 3b:6b:bd:fa:50:08:fa:03:b2:4f:aa:51:74:8a:45: 23:23:69:ed:0e:09:a8:01:0e:62:d8:11:69:45:8b: 16:44:04:51:62:be:74:b1:59:4f:ba:1a:d3:1e:46: 2b:b2:98:0d:37:f3:31:c9:f0:60:61:5c:1e:32:4f: 03:12:d1:05:c4:38:92:4d:d5:da:7a:84:50:40:83: ec:97:7c:5c:77:68:25:50:8d:74:9b:e1:e6:ef:70: e8:4f:16:bd:47:71:2b:c0:6d:46:c9:78:20:9a:f5: 8d:bd:b8:59:0e:4a:4e:26:ba:a9:d6:19:20:7a:a4: d4:b8:de:5e:62:4f:4a:18:22:64:8c:0b:38:84:3b: f2:c9:6e:21:8c:83:bb:42:99:e7:c1:b8:47:be:e7: 66:6a:03:5b:55:6a:86:83:27:f4:8d:92:5f:62:55: 62:9b:2f:5b:33:67:14:35:af:64:a6:cb:95:2f:2b: f2:a1:c2:0b:28:9c:33:6a:a4:54:2c:cc:f8:ac:de: 7d:62:53:68:bb:22:9c:9f:89:0d:0d:75:65:98:f4: b0:4a:1b:07:2a:04:3b:76:a2:50:2a:c8:3e:98:00: 8e:b3:86:84:27:af:7c:14:85:34:54:e2:4e:e1:b4: 67:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:D9:D4:7D:AE:23:22:88:DE:D9:76:88:B5:C5:7E:76:9D:01:B5:9E X509v3 Authority Key Identifier: keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:7f:80:dd:ff:89:b2:01:8f:db:f4:51:de:82:63:af:7f:72: 7b:96:7f:76:d9:03:4b:c6:f6:3e:ad:78:bb:4c:ed:6f:25:b1: f7:36:93:3c:87:30:5d:fc:94:5a:11:4d:e0:13:95:62:c0:47: 28:88:29:27:5e:07:c7:81:9f:f2:d9:39:b7:f0:65:db:9b:cf: 77:85:02:e3:7c:29:81:8b:c5:25:38:ac:0d:a0:88:1f:20:fc: 68:3c:00:bc:69:40:81:18:3a:b8:19:0e:17:64:1a:1c:a1:10: c5:40:10:51:ae:c0:ea:05:7f:95:bf:f9:72:5d:8c:17:d2:0f: e3:5e:39:cf:12:c7:70:5b:a8:2f:c1:a0:74:6c:4d:df:9c:37: 90:53:3f:b2:f1:80:2b:67:dc:4e:0c:e0:44:5f:f8:04:26:4c: 4d:18:90:5a:57:72:68:8b:72:ea:79:be:22:c7:9a:6d:85:70: be:9c:4e:7e:0a:7c:05:b9:8b:52:cf:71:f1:e6:04:c3:fe:11: 47:13:9c:e7:48:c7:bc:c4:8d:e2:66:80:7c:d2:c9:c0:13:c7: 4f:b4:95:d2:14:70:ce:02:65:8f:c2:50:cf:44:24:74:b6:d5: 2b:e9:ea:c1:8d:7d:44:d2:94:a4:cf:91:ab:6b:4b:d3:79:ba: 54:31:34:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmm9WFO/l0Mgd9DHj0f75QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl MzQyMjcwHhcNMjUxMjE2MTAwMTQ1WhcNMjUxMjE3MTAwMTQ1WjAzMTEwLwYDVQQD Eyg2N2Q5ZDQ3ZGFlMjMyMjg4ZGVkOTc2ODhiNWM1N2U3NjlkMDFiNTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunu/UbrX0qk9qAPqqig7a736UAj6 A7JPqlF0ikUjI2ntDgmoAQ5i2BFpRYsWRARRYr50sVlPuhrTHkYrspgNN/MxyfBg YVweMk8DEtEFxDiSTdXaeoRQQIPsl3xcd2glUI10m+Hm73DoTxa9R3ErwG1GyXgg mvWNvbhZDkpOJrqp1hkgeqTUuN5eYk9KGCJkjAs4hDvyyW4hjIO7QpnnwbhHvudm agNbVWqGgyf0jZJfYlVimy9bM2cUNa9kpsuVLyvyocILKJwzaqRULMz4rN59YlNo uyKcn4kNDXVlmPSwShsHKgQ7dqJQKsg+mACOs4aEJ698FIU0VOJO4bRnPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGfZ1H2uIyKI3tl2iLXFfnadAbWeMB8GA1UdIwQY MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt MGY1MmY4NjcxNzhkLzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALH+A3f+J sgGP2/RR3oJjr39ye5Z/dtkDS8b2Pq14u0ztbyWx9zaTPIcwXfyUWhFN4BOVYsBH KIgpJ14Hx4Gf8tk5t/Bl25vPd4UC43wpgYvFJTisDaCIHyD8aDwAvGlAgRg6uBkO F2QaHKEQxUAQUa7A6gV/lb/5cl2MF9IP4145zxLHcFuoL8GgdGxN35w3kFM/svGA K2fcTgzgRF/4BCZMTRiQWldyaIty6nm+IseabYVwvpxOfgp8BbmLUs9x8eYEw/4R RxOc50jHvMSN4maAfNLJwBPHT7SV0hRwzgJlj8JQz0QkdLbVK+nqwY19RNKUpM+R q2tL03m6VDE0Hg== -----END CERTIFICATE-----Generated at Tue Dec 16 14:25:52 2025 by rpki-client