This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft File: 2yNWAARVt7WJTO0UaYWgqIifnkw.mft (raw, json) Hash identifier: yLDMuDtBwap23PS1AztMgfvhOvKviirF72euLXchOg4= Subject key identifier: 1A:81:E3:F1:85:68:29:D3:4F:E8:76:BF:0E:EF:D8:F3:AC:EF:37:69 Authority key identifier: DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C Certificate issuer: /CN=db2356000455b7b5894ced146985a0a8889f9e4c Certificate serial: 019AF1D23384AB525CCF48386F55F344C18F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft Manifest number: 157C Signing time: Sat 06 Dec 2025 04:01:16 +0000 Manifest this update: Sat 06 Dec 2025 04:01:16 +0000 Manifest next update: Sun 07 Dec 2025 04:01:16 +0000 Files and hashes: 1: 2yNWAARVt7WJTO0UaYWgqIifnkw.crl (hash: idv0eEoQL1iqU5VlI1CzXlC/a5DnE4IzrNok91mf078=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:33:84:ab:52:5c:cf:48:38:6f:55:f3:44:c1:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db2356000455b7b5894ced146985a0a8889f9e4c Validity Not Before: Dec 6 04:01:16 2025 GMT Not After : Dec 7 04:01:16 2025 GMT Subject: CN=1a81e3f1856829d34fe876bf0eefd8f3acef3769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:46:0e:2c:5c:6c:b0:cc:4f:30:e6:97:1d:ae: 32:f3:6d:d8:3e:86:fd:76:d2:d1:00:a3:ee:47:08: 81:8f:ec:16:b4:96:96:b5:15:f7:f6:7e:c3:ad:f8: b7:88:ee:2c:d5:c5:c0:86:71:56:66:12:71:e1:ae: e1:a9:6e:24:53:8a:e7:74:3c:5f:08:c6:78:cb:99: af:49:b8:d1:12:32:46:a0:f2:46:84:25:c6:63:d5: 6d:52:5b:18:40:9b:49:6e:08:c1:9e:50:15:c4:29: e3:9b:fc:8d:84:67:4d:5a:bc:17:9c:64:3b:cc:c3: f5:70:30:76:4c:d1:27:80:67:05:95:19:b2:32:3a: 14:f2:14:cf:b3:ef:f3:fa:93:2d:ad:4d:e0:d1:83: 45:8f:65:b4:ae:9b:55:dc:0a:ee:f3:d3:16:9f:15: 2b:d1:07:7b:9e:fe:0d:30:f1:51:d2:06:14:8a:18: 86:58:54:a2:c6:bd:bd:87:ec:cf:57:d9:46:72:8f: 05:ca:fd:df:e2:85:13:81:4a:54:e7:ea:af:a1:5e: c5:35:96:8a:e5:bd:06:d5:a6:3c:12:76:be:e7:95: 17:c9:4c:3f:ac:fc:ee:a4:ec:f7:4f:d3:b4:93:47: 41:46:a7:ea:c1:33:ae:e7:07:42:fc:30:91:f5:1d: 9f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:81:E3:F1:85:68:29:D3:4F:E8:76:BF:0E:EF:D8:F3:AC:EF:37:69 X509v3 Authority Key Identifier: keyid:DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:32:00:bb:ef:fb:9b:cb:d2:b0:5c:f0:3d:72:61:be:74:62: 3c:de:5a:0e:32:37:66:3c:f6:c9:10:b0:3e:fe:a5:44:a0:a1: 55:87:f3:28:b1:83:26:90:d1:9e:6e:b6:9a:37:dd:3d:0c:f9: de:85:1c:c8:d3:45:5d:06:25:14:eb:69:04:18:13:2a:05:d4: 16:ff:e6:a7:88:45:14:93:95:b6:3c:7e:e6:64:ed:48:ac:47: f2:bb:76:00:4b:9f:bf:6f:86:c8:f0:a8:a7:8e:8a:66:44:22: 56:78:4b:ff:56:74:ef:05:ef:0f:0a:1d:d8:3b:1f:a1:82:25: 88:a0:7f:f5:2e:34:08:aa:7a:fd:25:79:61:7d:64:06:2d:ea: 69:96:a5:7f:58:a4:9c:9f:3c:95:b6:8d:51:aa:08:d4:6a:e4: 64:10:d3:00:72:c8:f5:5b:6f:ed:5e:c0:de:66:38:91:a9:c8: 5b:c8:b2:44:8f:e3:2d:34:8a:fe:79:2e:4b:c9:cb:17:f8:0a: e5:fb:c5:74:0c:cd:dc:71:00:04:e1:b5:7c:dd:09:5e:99:f7: 18:07:8d:07:85:ee:3b:12:38:10:8a:a3:74:55:b6:13:e0:d8: 13:fd:25:d4:ca:c2:bd:7c:57:3d:ea:ef:10:ae:92:ec:79:51: 3f:06:a6:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0jOEq1Jcz0g4b1XzRMGPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMjM1NjAwMDQ1NWI3YjU4OTRjZWQxNDY5ODVhMGE4ODg5 ZjllNGMwHhcNMjUxMjA2MDQwMTE2WhcNMjUxMjA3MDQwMTE2WjAzMTEwLwYDVQQD EygxYTgxZTNmMTg1NjgyOWQzNGZlODc2YmYwZWVmZDhmM2FjZWYzNzY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUYOLFxssMxPMOaXHa4y823YPob9 dtLRAKPuRwiBj+wWtJaWtRX39n7Drfi3iO4s1cXAhnFWZhJx4a7hqW4kU4rndDxf CMZ4y5mvSbjREjJGoPJGhCXGY9VtUlsYQJtJbgjBnlAVxCnjm/yNhGdNWrwXnGQ7 zMP1cDB2TNEngGcFlRmyMjoU8hTPs+/z+pMtrU3g0YNFj2W0rptV3Aru89MWnxUr 0Qd7nv4NMPFR0gYUihiGWFSixr29h+zPV9lGco8Fyv3f4oUTgUpU5+qvoV7FNZaK 5b0G1aY8Ena+55UXyUw/rPzupOz3T9O0k0dBRqfqwTOu5wdC/DCR9R2fdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBqB4/GFaCnTT+h2vw7v2POs7zdpMB8GA1UdIwQY MBaAFNsjVgAEVbe1iUztFGmFoKiIn55MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEt NDg2MzkxMTQxMmZhLzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEtNDg2MzkxMTQxMmZh LzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVDIAu+/7 m8vSsFzwPXJhvnRiPN5aDjI3Zjz2yRCwPv6lRKChVYfzKLGDJpDRnm62mjfdPQz5 3oUcyNNFXQYlFOtpBBgTKgXUFv/mp4hFFJOVtjx+5mTtSKxH8rt2AEufv2+GyPCo p46KZkQiVnhL/1Z07wXvDwod2DsfoYIliKB/9S40CKp6/SV5YX1kBi3qaZalf1ik nJ88lbaNUaoI1GrkZBDTAHLI9Vtv7V7A3mY4kanIW8iyRI/jLTSK/nkuS8nLF/gK 5fvFdAzN3HEABOG1fN0JXpn3GAeNB4XuOxI4EIqjdFW2E+DYE/0l1MrCvXxXPerv EK6S7HlRPwamDw== -----END CERTIFICATE-----Generated at Sat Dec 6 14:51:09 2025 by rpki-client