This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft File: 2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft (raw, json) Hash identifier: 4VfAUuPLrll71tXKmrYTz26FuCFWlZ7M4QQsTBSkvvI= Subject key identifier: C6:73:FB:6F:33:E7:F2:60:1E:40:14:A3:25:43:5C:30:25:C6:94:C1 Authority key identifier: D8:76:63:C5:E1:4F:13:74:6C:80:F6:0B:A3:63:49:3D:9A:49:34:CC Certificate issuer: /CN=d87663c5e14f13746c80f60ba363493d9a4934cc Certificate serial: 019AF0F5DD406806C14B337142CF4943B486 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HZjxeFPE3RsgPYLo2NJPZpJNMw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft Manifest number: 07FB Signing time: Sat 06 Dec 2025 00:00:36 +0000 Manifest this update: Sat 06 Dec 2025 00:00:36 +0000 Manifest next update: Sun 07 Dec 2025 00:00:36 +0000 Files and hashes: 1: 2HZjxeFPE3RsgPYLo2NJPZpJNMw.crl (hash: XUsa/aBhdZ31/+y5Z5fZIa+j4cM442Ijw9YLuNnnFak=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.crl rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft rsync://rpki.ripe.net/repository/DEFAULT/2HZjxeFPE3RsgPYLo2NJPZpJNMw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:dd:40:68:06:c1:4b:33:71:42:cf:49:43:b4:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d87663c5e14f13746c80f60ba363493d9a4934cc Validity Not Before: Dec 6 00:00:36 2025 GMT Not After : Dec 7 00:00:36 2025 GMT Subject: CN=c673fb6f33e7f2601e4014a325435c3025c694c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:53:21:2a:89:d8:d4:c5:f6:4f:13:1d:20:7e: f0:75:5c:3d:3e:3c:87:94:45:4b:bb:34:43:27:16: 99:cb:78:87:0e:26:96:cc:e2:15:d7:4c:77:f8:ff: 11:f7:91:24:47:79:a4:be:9b:22:d5:35:bf:f4:f0: 95:4e:f5:03:e4:82:a3:a7:cd:54:98:c1:40:e3:9b: 47:3e:e2:28:44:0e:1b:49:0d:19:1d:85:5c:51:92: ee:0b:72:cc:b1:cc:25:7b:b7:01:43:b6:6a:d0:73: a5:e1:9c:b7:29:5b:64:55:f7:6b:5b:e1:ce:0c:5f: 99:06:d9:50:1f:fd:9b:0d:19:39:38:1a:eb:cd:3c: 89:45:35:fe:b7:c1:c3:0d:1a:be:69:4e:f7:3b:13: f3:90:1a:16:fe:f0:1d:c6:09:69:24:b3:43:1e:fe: 24:83:c9:99:73:f6:09:45:37:51:7c:14:8f:80:73: 5d:e2:b8:4c:03:97:24:3f:33:27:8f:4e:23:7c:03: ad:71:87:a6:b8:1c:32:0c:c9:a2:2d:67:04:ad:89: 8f:bf:6f:1e:13:11:67:3d:e0:be:d7:9b:5a:74:2d: 3e:e5:d8:8d:b1:04:42:77:fd:1a:16:5c:2e:07:2c: 33:fd:11:39:db:ad:c4:69:8c:04:36:77:90:08:b7: 58:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:73:FB:6F:33:E7:F2:60:1E:40:14:A3:25:43:5C:30:25:C6:94:C1 X509v3 Authority Key Identifier: keyid:D8:76:63:C5:E1:4F:13:74:6C:80:F6:0B:A3:63:49:3D:9A:49:34:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HZjxeFPE3RsgPYLo2NJPZpJNMw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:7c:cf:82:b4:f2:95:c2:3e:bd:f2:3e:f8:ce:4e:5c:66:54: de:df:17:3e:49:a8:a5:0e:89:1e:64:c0:b8:e6:68:4e:2d:e5: c6:46:45:5a:85:5d:a4:73:7e:86:ac:e3:af:c2:d0:e4:9b:a0: 24:3a:94:5d:24:8d:c3:d2:e5:c4:eb:04:a5:5b:8d:b8:71:36: 8b:c4:11:a0:11:79:50:18:5d:f9:9f:b3:43:d6:07:3d:17:4a: c8:e2:ab:5b:04:6d:f3:d7:8d:6d:34:1c:6c:a1:ec:44:5f:57: 9d:4a:18:65:c2:91:3c:eb:d1:a4:5b:70:ef:5e:a4:21:4d:6b: 38:fe:24:e6:6d:f0:c7:c5:ce:38:e2:8c:5c:45:76:5b:e4:78: 71:96:5a:6f:f5:e1:a6:04:0e:48:a2:5f:3e:2a:f6:1b:02:58: 17:be:95:e9:09:ae:fa:25:13:aa:17:a0:ac:51:d9:40:95:eb: 77:8a:5b:f6:03:50:81:29:98:8f:a8:88:d6:05:5a:d7:44:06: 6c:ca:e6:c4:36:25:f7:c6:39:8b:96:da:f9:13:77:12:7b:98: 15:c0:18:7d:83:02:a5:52:21:7b:64:a3:a5:4b:dc:a6:5f:8f: db:e7:18:1d:90:28:67:91:68:3b:a4:a6:9e:a8:e4:ba:42:d4: 71:01:4b:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9d1AaAbBSzNxQs9JQ7SGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NzY2M2M1ZTE0ZjEzNzQ2YzgwZjYwYmEzNjM0OTNkOWE0 OTM0Y2MwHhcNMjUxMjA2MDAwMDM2WhcNMjUxMjA3MDAwMDM2WjAzMTEwLwYDVQQD EyhjNjczZmI2ZjMzZTdmMjYwMWU0MDE0YTMyNTQzNWMzMDI1YzY5NGMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81MhKonY1MX2TxMdIH7wdVw9PjyH lEVLuzRDJxaZy3iHDiaWzOIV10x3+P8R95EkR3mkvpsi1TW/9PCVTvUD5IKjp81U mMFA45tHPuIoRA4bSQ0ZHYVcUZLuC3LMscwle7cBQ7Zq0HOl4Zy3KVtkVfdrW+HO DF+ZBtlQH/2bDRk5OBrrzTyJRTX+t8HDDRq+aU73OxPzkBoW/vAdxglpJLNDHv4k g8mZc/YJRTdRfBSPgHNd4rhMA5ckPzMnj04jfAOtcYemuBwyDMmiLWcErYmPv28e ExFnPeC+15tadC0+5diNsQRCd/0aFlwuBywz/RE5263EaYwENneQCLdYrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMZz+28z5/JgHkAUoyVDXDAlxpTBMB8GA1UdIwQY MBaAFNh2Y8XhTxN0bID2C6NjST2aSTTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkhaanhlRlBFM1JzZ1BZTG8yTkpQWnBKTk13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xMGVmMTctZTEwNy00OWRhLTgxOTAt ZDk5ZGE5NzBmZmEyLzEvMkhaanhlRlBFM1JzZ1BZTG8yTkpQWnBKTk13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC8xMGVmMTctZTEwNy00OWRhLTgxOTAtZDk5ZGE5NzBmZmEy LzEvMkhaanhlRlBFM1JzZ1BZTG8yTkpQWnBKTk13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnzPgrTy lcI+vfI++M5OXGZU3t8XPkmopQ6JHmTAuOZoTi3lxkZFWoVdpHN+hqzjr8LQ5Jug JDqUXSSNw9LlxOsEpVuNuHE2i8QRoBF5UBhd+Z+zQ9YHPRdKyOKrWwRt89eNbTQc bKHsRF9XnUoYZcKRPOvRpFtw716kIU1rOP4k5m3wx8XOOOKMXEV2W+R4cZZab/Xh pgQOSKJfPir2GwJYF76V6Qmu+iUTqhegrFHZQJXrd4pb9gNQgSmYj6iI1gVa10QG bMrmxDYl98Y5i5ba+RN3EnuYFcAYfYMCpVIhe2SjpUvcpl+P2+cYHZAoZ5FoO6Sm nqjkukLUcQFLJw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:04:53 2025 by rpki-client