This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft File: 3hgnB8REwxBksYmcWX6e_XNDj5I.mft (raw, json) Hash identifier: IG8hXsCgREx+Qa8bPC0SKzhVxHi3N1R31jKrzElCpe8= Subject key identifier: 46:4E:58:8C:B3:87:E0:31:A4:D5:49:25:E9:F0:2F:FD:19:DD:69:DC Authority key identifier: DE:18:27:07:C4:44:C3:10:64:B1:89:9C:59:7E:9E:FD:73:43:8F:92 Certificate issuer: /CN=de182707c444c31064b1899c597e9efd73438f92 Certificate serial: 019B5A887A05B67F3CECEC80E19245B79B38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hgnB8REwxBksYmcWX6e_XNDj5I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft Manifest number: 06FF Signing time: Fri 26 Dec 2025 12:00:52 +0000 Manifest this update: Fri 26 Dec 2025 12:00:52 +0000 Manifest next update: Sat 27 Dec 2025 12:00:52 +0000 Files and hashes: 1: 3hgnB8REwxBksYmcWX6e_XNDj5I.crl (hash: /pq8m58Ws2o6O75xDJdvV9jAkOET0D9/nauw8Ax6Hh0=) 2: S2et9u3-k4c1RbSQYpZyfZKneKE.roa (hash: Ha/+fD6TOAGH3fDS11rGJPIxFiX3z4IR9RxVgbeKPDM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft rsync://rpki.ripe.net/repository/DEFAULT/3hgnB8REwxBksYmcWX6e_XNDj5I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:7a:05:b6:7f:3c:ec:ec:80:e1:92:45:b7:9b:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de182707c444c31064b1899c597e9efd73438f92 Validity Not Before: Dec 26 12:00:52 2025 GMT Not After : Dec 27 12:00:52 2025 GMT Subject: CN=464e588cb387e031a4d54925e9f02ffd19dd69dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2d:64:a6:ec:c8:77:0c:da:5a:aa:f4:51:88: ee:f3:fb:f5:7d:4d:8d:68:0d:67:38:a6:2f:14:81: 0e:8a:f8:06:15:55:22:5f:b8:3e:7d:1b:ae:83:bd: 5f:27:73:56:f0:0b:8f:5e:83:6e:19:77:6d:a6:62: 8a:59:b3:9e:66:38:b3:41:d9:8a:ba:6b:1e:16:e4: 95:f3:1b:98:f0:7a:3d:26:4c:1a:6b:7a:a0:7f:9d: 7d:aa:1a:ac:f7:8e:e9:5e:0a:fb:87:31:25:6c:0e: d7:c5:cf:67:a0:e9:4c:91:cf:53:4d:b2:2c:5f:75: 62:f7:4c:9f:c8:b8:0e:39:2d:2e:5d:dd:f7:80:80: 1f:4e:c3:75:9a:a9:8d:3c:f7:79:fe:32:cf:ec:cd: d7:15:30:65:0f:35:22:0b:81:21:54:5c:7b:e4:6b: f6:7a:68:28:11:21:2c:ae:bd:a2:54:90:a6:e9:62: 7d:f2:19:30:d0:f2:c6:f0:e9:f8:53:2a:e9:f3:d7: 1b:22:e2:a0:e6:7b:df:8e:dd:cd:48:31:75:dc:2f: 7c:16:c1:0b:36:d7:c3:e8:3b:c0:79:14:03:a6:ad: 24:27:45:21:a1:6c:83:65:c4:c0:25:26:8d:99:e8: f3:e1:06:be:09:d3:89:32:26:44:f8:d2:a3:83:6a: 9b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:4E:58:8C:B3:87:E0:31:A4:D5:49:25:E9:F0:2F:FD:19:DD:69:DC X509v3 Authority Key Identifier: keyid:DE:18:27:07:C4:44:C3:10:64:B1:89:9C:59:7E:9E:FD:73:43:8F:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hgnB8REwxBksYmcWX6e_XNDj5I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3bf301-d189-475d-95dc-eaae3de8ab58/1/3hgnB8REwxBksYmcWX6e_XNDj5I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:84:a4:04:9d:8c:90:42:72:b6:97:30:e6:31:22:92:4d:cb: 08:1b:87:a7:82:76:22:96:da:75:cf:d3:00:45:20:85:73:ef: 32:d2:54:a4:56:33:f3:5b:d5:c2:7d:23:4b:95:e7:c7:1c:db: 24:4e:9e:29:16:aa:45:5d:10:6f:5c:98:b4:de:47:19:38:06: e0:9e:c2:b9:39:d5:8f:97:c7:bd:90:48:40:76:e7:0e:eb:64: 31:91:c4:6e:f0:c0:b9:d5:fd:6f:3d:92:ed:a5:95:49:cd:b8: 99:fc:9a:8d:15:8a:a9:92:e5:16:3f:7d:b2:6d:b2:5f:b1:80: b8:c6:7e:28:94:48:22:8e:a9:36:b3:96:db:07:41:2d:96:ef: 2b:d5:c6:37:bf:03:4b:e5:2b:94:cd:a7:90:cc:4c:20:ab:06: a3:bb:15:e3:7a:ab:f7:4d:b7:5f:c4:68:43:c3:e5:bc:cc:27: f8:10:63:dc:51:23:22:21:11:a0:89:de:e5:5d:a6:1b:76:8e: a8:a0:2e:73:1a:ee:29:20:38:19:87:5e:9f:9f:6c:c0:bc:36: 57:90:4f:bf:a1:b8:46:30:e5:46:3e:43:28:17:55:71:ae:1d: af:97:08:97:86:e7:0e:9e:65:cc:4b:53:89:0d:2a:01:c1:62: 42:4e:6e:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiHoFtn887OyA4ZJFt5s4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMTgyNzA3YzQ0NGMzMTA2NGIxODk5YzU5N2U5ZWZkNzM0 MzhmOTIwHhcNMjUxMjI2MTIwMDUyWhcNMjUxMjI3MTIwMDUyWjAzMTEwLwYDVQQD Eyg0NjRlNTg4Y2IzODdlMDMxYTRkNTQ5MjVlOWYwMmZmZDE5ZGQ2OWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi1kpuzIdwzaWqr0UYju8/v1fU2N aA1nOKYvFIEOivgGFVUiX7g+fRuug71fJ3NW8AuPXoNuGXdtpmKKWbOeZjizQdmK umseFuSV8xuY8Ho9Jkwaa3qgf519qhqs947pXgr7hzElbA7Xxc9noOlMkc9TTbIs X3Vi90yfyLgOOS0uXd33gIAfTsN1mqmNPPd5/jLP7M3XFTBlDzUiC4EhVFx75Gv2 emgoESEsrr2iVJCm6WJ98hkw0PLG8On4Uyrp89cbIuKg5nvfjt3NSDF13C98FsEL NtfD6DvAeRQDpq0kJ0UhoWyDZcTAJSaNmejz4Qa+CdOJMiZE+NKjg2qbzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEZOWIyzh+AxpNVJJenwL/0Z3WncMB8GA1UdIwQY MBaAFN4YJwfERMMQZLGJnFl+nv1zQ4+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2hnbkI4UkV3eEJrc1ltY1dYNmVfWE5EajVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zYmYzMDEtZDE4OS00NzVkLTk1ZGMt ZWFhZTNkZThhYjU4LzEvM2hnbkI4UkV3eEJrc1ltY1dYNmVfWE5EajVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi8zYmYzMDEtZDE4OS00NzVkLTk1ZGMtZWFhZTNkZThhYjU4 LzEvM2hnbkI4UkV3eEJrc1ltY1dYNmVfWE5EajVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJoSkBJ2M kEJytpcw5jEikk3LCBuHp4J2Ipbadc/TAEUghXPvMtJUpFYz81vVwn0jS5Xnxxzb JE6eKRaqRV0Qb1yYtN5HGTgG4J7CuTnVj5fHvZBIQHbnDutkMZHEbvDAudX9bz2S 7aWVSc24mfyajRWKqZLlFj99sm2yX7GAuMZ+KJRIIo6pNrOW2wdBLZbvK9XGN78D S+UrlM2nkMxMIKsGo7sV43qr9023X8RoQ8PlvMwn+BBj3FEjIiERoIne5V2mG3aO qKAucxruKSA4GYden59swLw2V5BPv6G4RjDlRj5DKBdVca4dr5cIl4bnDp5lzEtT iQ0qAcFiQk5uDw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:02 2025 by rpki-client