This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft File: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json) Hash identifier: Yi2mbnfInRmQiFVESJVnnwVzOtF92yCkdYQ1aSRMUgk= Subject key identifier: B5:56:E9:34:98:A2:EC:DE:16:99:EC:66:30:48:E4:7E:E4:BC:B4:35 Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7 Certificate issuer: /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7 Certificate serial: 019AF50A05013B5DD756710634E7A6142ACF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft Manifest number: 0E44 Signing time: Sat 06 Dec 2025 19:01:05 +0000 Manifest this update: Sat 06 Dec 2025 19:01:05 +0000 Manifest next update: Sun 07 Dec 2025 19:01:05 +0000 Files and hashes: 1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: ncIk9NgWpQW7AKUckc/a2I1UtrtS0ArLYNBcaEQGuD4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:05:01:3b:5d:d7:56:71:06:34:e7:a6:14:2a:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7 Validity Not Before: Dec 6 19:01:05 2025 GMT Not After : Dec 7 19:01:05 2025 GMT Subject: CN=b556e93498a2ecde1699ec663048e47ee4bcb435 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:59:d5:40:c1:67:e3:3e:47:64:73:67:77:a2: 87:32:e6:3e:03:15:c2:42:71:54:00:d3:9a:88:f4: 02:7e:03:00:73:b4:2f:8f:82:4e:fd:cb:14:4f:d6: d8:ee:f7:69:7e:8c:fa:a2:04:e9:e7:4c:a3:e4:f6: 19:38:68:e9:e0:d9:2f:d1:17:09:b7:c1:1a:20:d4: c9:96:c8:39:7d:40:07:49:8f:a2:c4:0c:43:85:58: c0:d5:29:1a:69:4d:f4:ff:72:07:af:24:71:d0:1d: d7:d4:8b:06:48:75:43:02:24:1e:e0:89:dc:74:15: 6b:26:07:26:6d:1c:34:79:b5:9c:e8:bf:72:22:cc: 04:64:ea:28:aa:27:16:cf:fb:c6:b4:c9:1a:82:6a: 7a:e5:59:ea:7e:5f:16:9f:f8:e5:df:30:18:f9:ed: 02:ea:ae:e9:22:fa:ac:f4:dc:54:b7:d8:3c:60:f8: 24:5e:ae:79:d8:cf:d8:d1:95:49:a8:3c:85:07:89: 11:1c:a0:d5:c7:a9:4c:26:80:9f:90:1c:0c:f1:e1: 3f:e8:11:de:14:07:dc:0b:0a:60:1e:e8:ea:b9:a1: b1:3c:17:ba:c2:a9:de:4c:1e:10:42:84:8a:5b:3e: c4:e6:a6:20:44:fc:68:19:a5:2a:b9:58:e3:d6:06: 82:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:56:E9:34:98:A2:EC:DE:16:99:EC:66:30:48:E4:7E:E4:BC:B4:35 X509v3 Authority Key Identifier: keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:5f:7f:35:24:7e:72:30:7d:cf:39:fd:9a:5b:b5:2d:71:30: da:45:02:ef:08:ad:ff:b6:02:23:5b:bc:6f:42:8d:73:5d:fe: 63:be:4b:e9:64:76:6c:1d:d7:5a:7f:ba:b6:60:28:aa:5d:19: e4:c3:f2:1c:2a:04:15:05:84:8d:d1:22:f8:90:99:30:f8:7c: e4:35:8c:2b:d9:ef:f1:1d:18:e0:bd:c0:e9:87:74:df:21:9f: 93:72:2d:7f:4b:2e:89:5c:fd:f7:be:5c:ad:17:7f:9b:3f:06: 7e:26:b6:8f:08:45:ec:09:15:81:fd:38:3d:fc:64:48:af:47: c9:63:b8:92:98:9a:ad:21:ef:f8:30:e9:c0:5c:5c:40:eb:2b: 0e:4d:55:32:6c:4b:cc:19:c8:fe:cd:cf:c5:e5:83:f9:b4:99: 09:4c:f7:42:db:85:03:ca:6a:9f:f8:23:81:20:6a:5e:50:7e: 2f:1f:21:e3:e9:26:c5:b2:d9:44:c2:2e:0e:a8:2c:c3:9a:7e: 09:a6:17:2a:33:b3:4b:7c:54:93:77:5f:be:f9:95:4a:ec:ba: e7:ac:94:6f:f2:4d:ca:f6:23:56:a7:bd:02:16:a8:5a:2e:0b: aa:0e:9e:48:df:e6:62:48:97:2d:fe:2f:31:6d:fe:a0:b1:5e: 42:86:d2:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CgUBO13XVnEGNOemFCrPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2 ZWNkZDcwHhcNMjUxMjA2MTkwMTA1WhcNMjUxMjA3MTkwMTA1WjAzMTEwLwYDVQQD EyhiNTU2ZTkzNDk4YTJlY2RlMTY5OWVjNjYzMDQ4ZTQ3ZWU0YmNiNDM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFnVQMFn4z5HZHNnd6KHMuY+AxXC QnFUANOaiPQCfgMAc7Qvj4JO/csUT9bY7vdpfoz6ogTp50yj5PYZOGjp4Nkv0RcJ t8EaINTJlsg5fUAHSY+ixAxDhVjA1SkaaU30/3IHryRx0B3X1IsGSHVDAiQe4Inc dBVrJgcmbRw0ebWc6L9yIswEZOooqicWz/vGtMkagmp65Vnqfl8Wn/jl3zAY+e0C 6q7pIvqs9NxUt9g8YPgkXq552M/Y0ZVJqDyFB4kRHKDVx6lMJoCfkBwM8eE/6BHe FAfcCwpgHujquaGxPBe6wqneTB4QQoSKWz7E5qYgRPxoGaUquVjj1gaCjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLVW6TSYouzeFpnsZjBI5H7kvLQ1MB8GA1UdIwQY MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0 LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU19/NSR+ cjB9zzn9mlu1LXEw2kUC7wit/7YCI1u8b0KNc13+Y75L6WR2bB3XWn+6tmAoql0Z 5MPyHCoEFQWEjdEi+JCZMPh85DWMK9nv8R0Y4L3A6Yd03yGfk3Itf0suiVz9975c rRd/mz8Gfia2jwhF7AkVgf04PfxkSK9HyWO4kpiarSHv+DDpwFxcQOsrDk1VMmxL zBnI/s3PxeWD+bSZCUz3QtuFA8pqn/gjgSBqXlB+Lx8h4+kmxbLZRMIuDqgsw5p+ CaYXKjOzS3xUk3dfvvmVSuy656yUb/JNyvYjVqe9AhaoWi4Lqg6eSN/mYkiXLf4v MW3+oLFeQobSaA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:53:23 2025 by rpki-client