This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft File: 2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json) Hash identifier: EKbbH5uGiJEBecSGMhYuTRx6e1n9hdErvi9Q9epaEEw= Subject key identifier: E4:78:37:1B:5D:6E:A6:3E:EA:69:A7:21:93:64:D6:09:47:23:A9:5F Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D Certificate issuer: /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Certificate serial: 019B3D59A34EB8CE2CFD7721702AEDDD07AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft Manifest number: 0B95 Signing time: Sat 20 Dec 2025 20:00:43 +0000 Manifest this update: Sat 20 Dec 2025 20:00:43 +0000 Manifest next update: Sun 21 Dec 2025 20:00:43 +0000 Files and hashes: 1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: VQV4axhnqjCfjhgCzNW4eUzX2P6e7aSUvtqlt2SUOFM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:a3:4e:b8:ce:2c:fd:77:21:70:2a:ed:dd:07:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d Validity Not Before: Dec 20 20:00:43 2025 GMT Not After : Dec 21 20:00:43 2025 GMT Subject: CN=e478371b5d6ea63eea69a7219364d6094723a95f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6b:a6:96:d3:ce:2a:ed:31:6a:0b:0f:b5:18: c6:52:17:ef:ad:0f:02:e2:5e:ae:49:15:ed:14:92: 51:5c:1f:3d:43:4a:77:4c:b3:58:58:59:eb:d1:37: 0a:0c:50:1c:60:6a:39:8f:7f:4e:87:eb:e7:86:4d: a5:2e:ce:2d:4f:a2:ae:5f:4a:54:57:76:df:f9:72: 77:9c:3d:65:2d:d8:70:fb:1b:8d:8c:91:c1:82:67: 1a:94:be:fc:a0:c8:46:53:39:c4:ff:90:83:8f:ef: 5c:a8:58:ad:a3:03:26:00:d7:77:0f:b1:c2:6f:15: 1d:14:a0:13:3a:99:4b:19:a0:de:62:bd:5f:40:e4: 17:85:ce:20:03:d0:81:1f:58:56:27:59:4b:e4:69: 06:74:52:83:66:49:91:63:cb:60:86:a8:48:42:12: 1d:f4:6d:ae:41:0f:68:88:29:36:9f:f4:bf:5a:1a: bf:65:ff:25:5b:31:5b:15:fa:04:69:9d:4d:36:03: e2:2f:00:50:3f:74:cc:42:cb:fc:f2:34:28:6b:2f: 18:76:0f:f9:dc:3a:ee:e7:51:1e:05:7d:7d:48:f3: 3f:d8:45:c0:a6:a6:c1:e0:b0:02:a6:46:87:f0:b8: 39:65:85:69:1f:34:7c:c0:69:99:70:c0:7a:a1:67: 04:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:78:37:1B:5D:6E:A6:3E:EA:69:A7:21:93:64:D6:09:47:23:A9:5F X509v3 Authority Key Identifier: keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:92:a3:69:9c:ff:50:5c:8c:9b:fa:4c:6f:7b:36:27:7b:ad: 24:28:ff:0f:1d:b7:c0:14:dd:a4:46:29:6a:c2:a6:8f:9d:5e: 09:e7:28:38:fd:b9:fa:fc:44:6a:24:be:02:3c:2f:92:34:67: 74:2f:56:33:83:61:8f:bc:81:24:fb:cb:31:cf:14:2d:db:9c: b1:d3:3a:9f:07:f6:41:43:db:7c:3e:32:17:18:b9:17:4a:64: fb:bd:b6:12:13:7e:3a:a7:ec:c5:99:60:15:a3:58:fe:cf:20: 12:90:1b:93:a2:af:e8:54:7e:a5:61:c7:72:de:d0:3f:8b:b3: c2:3f:c0:c6:31:ad:4e:48:3d:38:9f:42:ec:98:02:b1:74:c1: 68:bb:41:7a:2f:d0:34:22:74:56:c7:91:b4:33:cb:17:c5:56: 46:7a:aa:a8:fd:b8:43:af:32:85:6b:04:cc:19:ae:67:6e:13: 2b:b1:2b:d9:79:13:f2:91:88:61:b1:0c:cd:e6:f8:8b:cd:2f: 12:03:bc:73:f4:4c:f8:d6:d8:07:5a:1c:31:47:53:58:b5:99: 2b:84:77:f5:9b:5d:5e:bc:10:27:01:6a:a1:1c:bf:36:0e:b6: 9c:06:52:22:e0:a3:95:d7:ac:80:59:10:60:e5:3d:c5:f3:9e: 27:22:a8:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WaNOuM4s/XchcCrt3QevMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx MjZkMGQwHhcNMjUxMjIwMjAwMDQzWhcNMjUxMjIxMjAwMDQzWjAzMTEwLwYDVQQD EyhlNDc4MzcxYjVkNmVhNjNlZWE2OWE3MjE5MzY0ZDYwOTQ3MjNhOTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWumltPOKu0xagsPtRjGUhfvrQ8C 4l6uSRXtFJJRXB89Q0p3TLNYWFnr0TcKDFAcYGo5j39Oh+vnhk2lLs4tT6KuX0pU V3bf+XJ3nD1lLdhw+xuNjJHBgmcalL78oMhGUznE/5CDj+9cqFitowMmANd3D7HC bxUdFKATOplLGaDeYr1fQOQXhc4gA9CBH1hWJ1lL5GkGdFKDZkmRY8tghqhIQhId 9G2uQQ9oiCk2n/S/Whq/Zf8lWzFbFfoEaZ1NNgPiLwBQP3TMQsv88jQoay8Ydg/5 3Dru51EeBX19SPM/2EXApqbB4LACpkaH8Lg5ZYVpHzR8wGmZcMB6oWcEKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOR4NxtdbqY+6mmnIZNk1glHI6lfMB8GA1UdIwQY MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALpKjaZz/ UFyMm/pMb3s2J3utJCj/Dx23wBTdpEYpasKmj51eCecoOP25+vxEaiS+AjwvkjRn dC9WM4Nhj7yBJPvLMc8ULducsdM6nwf2QUPbfD4yFxi5F0pk+722EhN+OqfsxZlg FaNY/s8gEpAbk6Kv6FR+pWHHct7QP4uzwj/AxjGtTkg9OJ9C7JgCsXTBaLtBei/Q NCJ0VseRtDPLF8VWRnqqqP24Q68yhWsEzBmuZ24TK7Er2XkT8pGIYbEMzeb4i80v EgO8c/RM+NbYB1ocMUdTWLWZK4R39ZtdXrwQJwFqoRy/Ng62nAZSIuCjldesgFkQ YOU9xfOeJyKovg== -----END CERTIFICATE-----Generated at Sun Dec 21 00:13:46 2025 by rpki-client