This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft File: 2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json) Hash identifier: uoJJMLnxb+1sEIRRnZ83wVb4EzNh/L/pvpTQ70N9LE0= Subject key identifier: 70:91:0E:9F:70:4A:E9:71:B6:FA:83:E9:4A:92:B1:D2:D9:13:5A:09 Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB Certificate issuer: /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb Certificate serial: 019AF12E448F6C93056C158202C507A684B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:02:12 +0000 Manifest this update: Sat 06 Dec 2025 01:02:12 +0000 Manifest next update: Sun 07 Dec 2025 01:02:12 +0000 Files and hashes: 1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: kDYdWdixQRMPGjhxJRyB8ddmUu2poDvDVKTDvqNxMwE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:44:8f:6c:93:05:6c:15:82:02:c5:07:a6:84:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb Validity Not Before: Dec 6 01:02:12 2025 GMT Not After : Dec 7 01:02:12 2025 GMT Subject: CN=70910e9f704ae971b6fa83e94a92b1d2d9135a09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:2d:da:b5:61:f8:8f:cf:af:53:c8:a9:34:03: cc:11:c3:e3:b1:7b:0d:87:e9:b0:9e:0a:7e:d4:a4: 4f:3e:07:b9:7e:e6:50:f9:70:bf:af:c0:18:ec:84: ff:ca:92:2a:df:7b:db:28:95:0a:6c:c3:12:af:ab: 9f:29:3c:95:a3:d3:c5:42:8c:05:02:ff:92:70:b8: 8d:57:e2:35:36:88:19:2b:44:67:9b:9b:16:7d:50: 6c:3a:b6:38:4d:73:6c:a3:95:43:58:17:91:cd:42: b5:b8:11:9d:36:b0:99:ca:53:2e:b4:63:8c:3f:f7: a4:5b:cd:74:c8:00:72:f5:f7:d9:8e:70:cf:5a:52: 11:d3:63:f6:15:ee:b7:b7:a0:61:1b:38:ad:dd:f7: 3e:82:ab:ff:fb:95:67:47:4a:06:4e:8c:d2:a4:30: ca:fb:89:1f:ea:34:18:44:df:18:f9:65:f7:be:f6: ce:2f:f9:2a:61:5c:39:7f:24:28:7d:ae:0f:52:83: 6b:e5:b7:a3:64:1d:14:e2:6c:a5:47:6c:98:9e:7b: bf:ce:53:0a:36:e9:05:a4:73:db:e0:f1:c2:f8:62: 46:ee:ba:d6:94:3d:21:29:74:64:6b:cf:23:c4:29: c1:3e:2a:e9:0e:16:22:7f:61:47:6f:ba:19:6c:38: 21:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:91:0E:9F:70:4A:E9:71:B6:FA:83:E9:4A:92:B1:D2:D9:13:5A:09 X509v3 Authority Key Identifier: keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:06:69:de:bd:53:37:80:6c:bf:7f:07:99:d7:f5:4a:d6:61: 1f:58:99:55:b9:15:ba:cb:0f:1f:8c:9a:b6:83:63:e8:25:34: 4f:cd:01:dd:ff:cd:ab:e3:ec:89:9a:ae:df:89:90:98:a0:c2: 2c:d5:40:a1:1b:85:01:8a:c3:09:10:54:10:29:d9:2a:a5:25: 9e:9c:d2:12:8a:83:a4:98:d7:09:46:50:dc:2a:bc:3e:46:0a: 49:06:d1:0d:17:7d:3a:30:e3:6a:27:66:ef:7c:d3:7e:5d:8b: 08:6a:74:f2:3c:f3:1b:21:e6:43:4d:51:9b:bd:c2:a1:34:0e: d5:8c:8e:e8:5d:6e:58:18:d6:da:1d:53:07:76:ca:f8:81:58: 32:41:a4:1c:a2:d9:e2:cc:d6:57:03:5e:52:c4:cc:81:a8:b0: 65:1c:3b:9c:56:32:e7:07:10:7e:35:b7:2c:1c:b6:e2:83:40: 89:d5:77:b5:a1:2c:f8:5d:90:4f:11:be:e9:a6:5e:4a:3c:01: 7b:2e:34:00:aa:4d:b1:8a:2b:07:5a:82:8e:46:57:8d:40:79: ab:c3:d8:cd:95:99:32:f3:80:4a:c5:59:95:f4:56:1c:fa:2c: 1c:b9:23:c4:c3:48:b0:c7:0b:c9:f5:5a:b6:62:3c:90:f8:4c: 22:6c:ef:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLkSPbJMFbBWCAsUHpoS1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi Y2I2YmIwHhcNMjUxMjA2MDEwMjEyWhcNMjUxMjA3MDEwMjEyWjAzMTEwLwYDVQQD Eyg3MDkxMGU5ZjcwNGFlOTcxYjZmYTgzZTk0YTkyYjFkMmQ5MTM1YTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny3atWH4j8+vU8ipNAPMEcPjsXsN h+mwngp+1KRPPge5fuZQ+XC/r8AY7IT/ypIq33vbKJUKbMMSr6ufKTyVo9PFQowF Av+ScLiNV+I1NogZK0Rnm5sWfVBsOrY4TXNso5VDWBeRzUK1uBGdNrCZylMutGOM P/ekW810yABy9ffZjnDPWlIR02P2Fe63t6BhGzit3fc+gqv/+5VnR0oGTozSpDDK +4kf6jQYRN8Y+WX3vvbOL/kqYVw5fyQofa4PUoNr5bejZB0U4mylR2yYnnu/zlMK NukFpHPb4PHC+GJG7rrWlD0hKXRka88jxCnBPirpDhYif2FHb7oZbDghzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHCRDp9wSulxtvqD6UqSsdLZE1oJMB8GA1UdIwQY MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjQZp3r1T N4Bsv38Hmdf1StZhH1iZVbkVussPH4yatoNj6CU0T80B3f/Nq+PsiZqu34mQmKDC LNVAoRuFAYrDCRBUECnZKqUlnpzSEoqDpJjXCUZQ3Cq8PkYKSQbRDRd9OjDjaidm 73zTfl2LCGp08jzzGyHmQ01Rm73CoTQO1YyO6F1uWBjW2h1TB3bK+IFYMkGkHKLZ 4szWVwNeUsTMgaiwZRw7nFYy5wcQfjW3LBy24oNAidV3taEs+F2QTxG+6aZeSjwB ey40AKpNsYorB1qCjkZXjUB5q8PYzZWZMvOASsVZlfRWHPosHLkjxMNIsMcLyfVa tmI8kPhMImzvQw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:05:21 2025 by rpki-client