This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft File: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json) Hash identifier: j5wRj/xNqHD0FldwnxeqDrio5PYPo9aVExBZFib9h6A= Subject key identifier: A7:69:17:74:36:38:E5:B4:46:81:EA:4F:60:2B:8D:8C:0B:73:B8:17 Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43 Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43 Certificate serial: 019AF1D1A9590211AF2610CFEFB337E18FC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft Manifest number: 1779 Signing time: Sat 06 Dec 2025 04:00:40 +0000 Manifest this update: Sat 06 Dec 2025 04:00:40 +0000 Manifest next update: Sun 07 Dec 2025 04:00:40 +0000 Files and hashes: 1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: uOwkXXJ7KUi1jo+mxSV5SbJjHE55x76HGCRukPoPt74=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a9:59:02:11:af:26:10:cf:ef:b3:37:e1:8f:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43 Validity Not Before: Dec 6 04:00:40 2025 GMT Not After : Dec 7 04:00:40 2025 GMT Subject: CN=a76917743638e5b44681ea4f602b8d8c0b73b817 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:80:9d:e2:e0:e0:4a:11:32:33:06:b5:cc:7e: 4d:e1:99:1b:21:e6:ad:0e:3c:1d:a3:ec:62:9e:de: da:e1:ef:e8:f1:22:41:6a:a1:5e:00:66:2d:20:ac: ac:81:fd:46:6e:15:71:2a:9b:c3:a2:2e:85:bc:82: 25:11:ef:2e:d1:17:61:2b:8f:06:7a:cb:ed:54:4e: 44:67:ea:5c:39:00:a1:9b:34:7c:b6:d7:82:d9:56: 05:bb:db:94:3f:f6:6e:68:4d:eb:9d:3b:a4:27:fa: 5e:95:ef:10:ae:d6:1c:1f:14:17:f4:7f:93:0f:e3: 05:c4:99:66:99:1b:9c:25:22:c1:d0:55:53:91:f3: 8c:a4:a7:b9:a5:2a:97:ee:4b:65:25:86:88:35:7f: fc:ea:80:2e:a7:c2:a7:f2:ac:e0:b8:1e:fb:08:aa: 55:9b:05:48:d1:12:8c:f1:bd:51:84:d9:73:f4:bc: 2f:b1:90:f9:3d:e1:92:75:4c:78:9d:1d:4f:0b:48: 8c:9c:a5:80:a2:17:0a:74:d2:8e:aa:bb:e8:f4:b0: 66:ae:ee:2d:ac:d8:31:8d:18:d5:f0:f0:84:c9:00: 7a:92:e8:28:b2:05:98:ec:ef:92:2a:37:0e:d0:a0: 92:dc:76:c2:80:9e:a5:48:70:74:70:23:bc:76:2a: c4:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:69:17:74:36:38:E5:B4:46:81:EA:4F:60:2B:8D:8C:0B:73:B8:17 X509v3 Authority Key Identifier: keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:1c:c9:be:11:00:f5:54:18:0b:ce:f1:b9:9e:de:16:3e:af: c6:9f:20:d0:0b:f7:f2:67:bc:62:df:64:bd:1f:2c:8f:a9:5d: 9b:9a:53:a4:da:44:39:87:42:74:0a:1d:09:05:c9:29:89:ce: 50:f8:01:10:d1:bc:00:9d:4f:4b:21:a4:39:73:7e:d9:13:c1: a9:b8:3e:e9:36:86:c5:ed:a1:a9:50:0f:89:44:80:f4:11:a9: f3:88:42:cd:da:0d:01:bf:4c:4d:fb:0a:86:55:65:ba:2b:8b: 54:48:0a:74:6f:16:94:72:c7:ff:f4:3d:76:c2:30:d3:d5:9c: 34:9a:e7:a5:c6:74:2d:84:f8:08:82:2f:9e:39:35:7f:30:7d: 3a:2d:30:52:09:46:99:db:9f:9d:e2:9a:3c:96:f1:34:13:7f: 58:0c:a7:67:97:78:c0:49:b4:01:45:22:8e:6c:5b:bf:2e:f5: 4d:d4:d6:59:5d:91:a4:71:bf:53:c8:80:17:f9:91:97:10:79: aa:9c:35:c1:43:ae:c0:58:bc:0b:48:de:cc:3c:5f:a9:88:08: 13:c3:1c:af:61:c0:b6:48:62:3a:48:de:cb:4e:8d:d6:6b:2b: fc:85:3e:35:be:a7:8a:11:43:e0:bb:4f:b3:85:c8:04:7e:f1: 4d:81:f0:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0alZAhGvJhDP77M34Y/EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl YmFhNDMwHhcNMjUxMjA2MDQwMDQwWhcNMjUxMjA3MDQwMDQwWjAzMTEwLwYDVQQD EyhhNzY5MTc3NDM2MzhlNWI0NDY4MWVhNGY2MDJiOGQ4YzBiNzNiODE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArICd4uDgShEyMwa1zH5N4ZkbIeat Djwdo+xint7a4e/o8SJBaqFeAGYtIKysgf1GbhVxKpvDoi6FvIIlEe8u0RdhK48G esvtVE5EZ+pcOQChmzR8tteC2VYFu9uUP/ZuaE3rnTukJ/pele8QrtYcHxQX9H+T D+MFxJlmmRucJSLB0FVTkfOMpKe5pSqX7ktlJYaINX/86oAup8Kn8qzguB77CKpV mwVI0RKM8b1RhNlz9LwvsZD5PeGSdUx4nR1PC0iMnKWAohcKdNKOqrvo9LBmru4t rNgxjRjV8PCEyQB6kugosgWY7O+SKjcO0KCS3HbCgJ6lSHB0cCO8dirE/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKdpF3Q2OOW0RoHqT2ArjYwLc7gXMB8GA1UdIwQY MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBzJvhEA 9VQYC87xuZ7eFj6vxp8g0Av38me8Yt9kvR8sj6ldm5pTpNpEOYdCdAodCQXJKYnO UPgBENG8AJ1PSyGkOXN+2RPBqbg+6TaGxe2hqVAPiUSA9BGp84hCzdoNAb9MTfsK hlVluiuLVEgKdG8WlHLH//Q9dsIw09WcNJrnpcZ0LYT4CIIvnjk1fzB9Oi0wUglG mdufneKaPJbxNBN/WAynZ5d4wEm0AUUijmxbvy71TdTWWV2RpHG/U8iAF/mRlxB5 qpw1wUOuwFi8C0jezDxfqYgIE8Mcr2HAtkhiOkjey06N1msr/IU+Nb6nihFD4LtP s4XIBH7xTYHwDg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:13:34 2025 by rpki-client