This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft File: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json) Hash identifier: TNYO8lP/pOQ04z7GG69QhcC7e4ZvdRqx0O1bqar7JhA= Subject key identifier: C8:2A:2B:8B:55:92:41:97:E6:9C:4A:F8:4A:3C:FB:58:EC:59:53:51 Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C Certificate issuer: /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c Certificate serial: 019AF3F7E9BFEBE3E315A4DB872C67CE9120 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft Manifest number: 05A4 Signing time: Sat 06 Dec 2025 14:01:41 +0000 Manifest this update: Sat 06 Dec 2025 14:01:41 +0000 Manifest next update: Sun 07 Dec 2025 14:01:41 +0000 Files and hashes: 1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: lJiLLG43UQM2S1SC0U2NjtTYve8mEtw4/gyJ/XSugnM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:e9:bf:eb:e3:e3:15:a4:db:87:2c:67:ce:91:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c Validity Not Before: Dec 6 14:01:41 2025 GMT Not After : Dec 7 14:01:41 2025 GMT Subject: CN=c82a2b8b55924197e69c4af84a3cfb58ec595351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:c7:90:b8:15:c4:94:83:5c:88:3e:10:a6:8c: 69:ea:81:02:e3:73:5f:fd:55:1d:dd:64:11:23:04: 04:09:ad:b9:32:ef:c9:b4:bd:34:93:61:eb:76:e3: fd:5e:d2:16:64:7a:55:12:6d:05:a5:76:1d:d3:4b: c4:57:18:a6:f6:2c:bb:c4:81:ce:a8:dc:44:54:88: ac:71:b7:32:8c:1c:b1:2e:51:d2:d2:31:6b:d3:d2: 1e:9d:56:c9:29:4c:ba:63:54:dc:d9:88:7a:18:60: b5:4b:e3:e4:ac:58:f3:a2:ce:7d:11:43:50:8c:f1: 07:af:e5:57:80:14:23:27:c0:6a:dd:30:7f:3a:98: 51:40:4c:d4:ba:62:c9:fa:aa:88:d6:bc:16:2a:81: ae:3c:20:95:10:c9:5e:e4:e7:4d:f6:22:e6:6f:d7: db:19:bd:c6:71:b6:ea:53:a1:de:91:15:fc:e3:54: 0a:97:99:24:aa:85:5d:cc:b6:34:4a:2f:cb:08:d6: 30:85:c3:ec:d8:c9:e4:0f:c7:62:79:c0:1b:ca:42: 88:eb:a5:26:15:a5:83:43:8f:26:de:5b:5c:47:1a: 62:c3:5d:7f:6b:ca:0c:9e:e7:e2:a8:99:86:50:18: 7d:5c:fd:87:df:05:58:a7:61:09:07:2b:1d:89:9a: 6b:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:2A:2B:8B:55:92:41:97:E6:9C:4A:F8:4A:3C:FB:58:EC:59:53:51 X509v3 Authority Key Identifier: keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:e4:f4:49:de:3d:31:0b:01:ca:f2:1f:52:cb:8f:80:1e:13: ae:eb:da:a7:50:e9:58:39:1b:1c:02:b3:e2:c8:5c:0f:5b:61: 4c:94:a6:05:1b:05:c3:80:ee:1a:bd:12:18:a8:b3:8d:cc:e4: af:46:f9:2a:0d:04:fa:49:14:fa:41:aa:a7:5d:d3:e0:5c:96: c1:fb:6f:48:c2:7a:e3:30:e2:09:97:00:96:87:da:07:8a:06: 2c:b1:90:f6:15:23:9e:28:3f:0a:e8:94:f5:7c:03:36:90:4e: e4:7a:bf:cd:e1:95:b1:2a:0e:0d:66:22:ed:b0:9c:b1:84:a0: 63:1d:85:d4:fd:23:1f:7b:bf:18:77:8a:9b:05:a7:af:0c:50: 9c:dc:eb:60:fb:92:5b:f0:7b:65:e4:4c:bb:58:07:48:47:f0: c8:a1:8c:c4:12:b4:5d:21:24:3a:6b:95:fa:ef:d0:9b:9f:d4: f7:c0:81:e8:fe:5a:b8:c9:98:ea:24:3d:f6:f7:75:23:ca:da: d4:02:4c:ba:4b:71:a1:55:97:c2:50:09:48:a7:ea:8f:c2:ec: fe:52:3a:27:fa:7c:2f:e7:0c:5d:70:c1:ef:e8:2c:8b:0d:ac: 5e:ee:08:30:4b:3b:0b:37:df:e3:60:b6:af:02:17:31:e6:b8: e8:7f:4d:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9+m/6+PjFaTbhyxnzpEgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh OWE2MmMwHhcNMjUxMjA2MTQwMTQxWhcNMjUxMjA3MTQwMTQxWjAzMTEwLwYDVQQD EyhjODJhMmI4YjU1OTI0MTk3ZTY5YzRhZjg0YTNjZmI1OGVjNTk1MzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkceQuBXElINciD4Qpoxp6oEC43Nf /VUd3WQRIwQECa25Mu/JtL00k2HrduP9XtIWZHpVEm0FpXYd00vEVxim9iy7xIHO qNxEVIiscbcyjByxLlHS0jFr09IenVbJKUy6Y1Tc2Yh6GGC1S+PkrFjzos59EUNQ jPEHr+VXgBQjJ8Bq3TB/OphRQEzUumLJ+qqI1rwWKoGuPCCVEMle5OdN9iLmb9fb Gb3GcbbqU6HekRX841QKl5kkqoVdzLY0Si/LCNYwhcPs2MnkD8diecAbykKI66Um FaWDQ48m3ltcRxpiw11/a8oMnufiqJmGUBh9XP2H3wVYp2EJBysdiZpr9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMgqK4tVkkGX5pxK+Eo8+1jsWVNRMB8GA1UdIwQY MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOOT0Sd49 MQsByvIfUsuPgB4Truvap1DpWDkbHAKz4shcD1thTJSmBRsFw4DuGr0SGKizjczk r0b5Kg0E+kkU+kGqp13T4FyWwftvSMJ64zDiCZcAlofaB4oGLLGQ9hUjnig/CuiU 9XwDNpBO5Hq/zeGVsSoODWYi7bCcsYSgYx2F1P0jH3u/GHeKmwWnrwxQnNzrYPuS W/B7ZeRMu1gHSEfwyKGMxBK0XSEkOmuV+u/Qm5/U98CB6P5auMmY6iQ99vd1I8ra 1AJMuktxoVWXwlAJSKfqj8Ls/lI6J/p8L+cMXXDB7+gsiw2sXu4IMEs7Czff42C2 rwIXMea46H9NQQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:40:35 2025 by rpki-client