This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.mft File: 2huf6PGjORf-5-Tb6fq5JeuGJak.mft (raw, json) Hash identifier: OAUA0RzQNlnaQDr0ltkM2TsQT2A32mlhFYpnCpP3ylI= Subject key identifier: B7:CE:55:D4:50:00:7E:64:C5:6E:DD:76:75:AC:46:FF:02:C4:5D:FA Authority key identifier: DA:1B:9F:E8:F1:A3:39:17:FE:E7:E4:DB:E9:FA:B9:25:EB:86:25:A9 Certificate issuer: /CN=da1b9fe8f1a33917fee7e4dbe9fab925eb8625a9 Certificate serial: 019AF23FB825B4B15CD63BE0E5D910B141ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2huf6PGjORf-5-Tb6fq5JeuGJak.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.mft Manifest number: 0813 Signing time: Sat 06 Dec 2025 06:00:53 +0000 Manifest this update: Sat 06 Dec 2025 06:00:53 +0000 Manifest next update: Sun 07 Dec 2025 06:00:53 +0000 Files and hashes: 1: 2huf6PGjORf-5-Tb6fq5JeuGJak.crl (hash: c5G+8kf1sJkCbU3/0aXJ/z86HlvqxRsXS+G+OpLxnBk=) 2: qARNDLbWZGpXclqzpXtzfvYP72c.roa (hash: yeRNjTwXDaIWE/tdw8m2d67pmit4bLUSMZLje7zj8IA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.mft rsync://rpki.ripe.net/repository/DEFAULT/2huf6PGjORf-5-Tb6fq5JeuGJak.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:b8:25:b4:b1:5c:d6:3b:e0:e5:d9:10:b1:41:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da1b9fe8f1a33917fee7e4dbe9fab925eb8625a9 Validity Not Before: Dec 6 06:00:53 2025 GMT Not After : Dec 7 06:00:53 2025 GMT Subject: CN=b7ce55d450007e64c56edd7675ac46ff02c45dfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e0:d1:7a:47:b7:21:a1:8c:64:6e:76:39:9b: 5f:fe:da:7f:e7:3f:57:6d:a1:00:4b:c9:48:9c:66: 13:64:e3:11:fa:28:3a:27:70:0f:b1:f8:c5:f3:b2: 24:bf:3d:8f:83:61:bb:14:a9:20:f9:bc:6f:5b:05: 2c:92:94:c9:eb:e2:a2:24:f8:e6:4a:0c:9d:91:5a: 24:4b:1c:95:fd:02:3a:87:6b:3f:42:04:af:ac:8e: bb:f3:26:bb:11:d9:1d:2a:08:d9:8f:b9:d4:93:ba: 76:8e:f0:aa:aa:40:5c:92:52:47:69:c3:1a:04:3c: 21:32:2b:ab:c7:c2:bf:57:cd:f0:3d:bb:8b:34:71: f8:d8:a2:ed:9d:44:81:dc:0c:6b:2e:c9:d7:29:f2: 0e:44:fe:b7:7a:c0:ab:fa:8a:d9:08:dd:5b:61:15: b4:f1:7a:21:77:2c:db:84:8c:e5:c0:b0:ea:7a:2f: 3e:6d:28:77:4f:a0:ac:fe:09:47:25:8a:2e:dc:dd: d0:91:e4:45:38:b2:29:a1:d1:32:b5:fb:59:cf:39: c0:aa:21:d4:14:be:d3:03:9b:9c:0e:58:44:52:ed: c5:fe:34:16:71:dc:60:bf:e5:0d:57:be:c2:e2:89: 07:63:04:2d:0f:fc:c4:fb:e0:c6:7f:96:99:d5:16: f6:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:CE:55:D4:50:00:7E:64:C5:6E:DD:76:75:AC:46:FF:02:C4:5D:FA X509v3 Authority Key Identifier: keyid:DA:1B:9F:E8:F1:A3:39:17:FE:E7:E4:DB:E9:FA:B9:25:EB:86:25:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2huf6PGjORf-5-Tb6fq5JeuGJak.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/42a166-8a86-48da-bb96-79fd5023de36/1/2huf6PGjORf-5-Tb6fq5JeuGJak.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:0e:d3:f7:2a:96:96:0d:b4:06:42:c7:1c:f5:83:21:18:f1: 4f:ab:f5:a6:9a:5d:0e:07:cc:85:fd:a4:40:87:d0:66:02:17: ea:a9:bf:57:bc:31:39:82:97:35:43:9d:3d:98:da:3f:55:7e: f1:e6:f8:27:82:59:9b:b9:c8:1b:96:94:ba:7d:3b:6c:ba:dd: 1e:29:34:ba:92:18:96:c5:8a:f1:68:50:ca:51:74:75:b3:bc: f3:98:62:af:eb:7e:9d:f3:1b:22:7f:62:64:51:35:48:12:dc: b6:7c:83:d5:93:71:4b:2d:0e:6b:66:d1:89:9b:ab:d1:2a:b0: b8:7e:ac:7a:7d:15:e0:74:74:ba:f7:f3:ff:6b:17:75:e8:9f: 61:ff:0b:1f:8d:ce:46:00:3f:74:76:09:23:43:d3:9c:29:3e: 9a:91:32:58:01:82:7c:ac:73:05:1c:25:1e:6b:4e:7d:61:63: 3b:1e:97:f8:9d:f8:9b:f5:11:84:eb:a7:ab:ff:1c:a4:a1:9a: c5:20:22:d2:59:d8:d5:2e:d8:4a:ff:0c:c9:69:55:a7:f9:ba: 97:af:a4:84:f2:f6:f8:3b:7a:bc:31:d3:f7:2e:bb:a6:ca:ee: 98:69:24:1c:db:bd:da:e2:8c:8b:30:41:44:92:9c:ba:7d:ed: 78:3f:52:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP7gltLFc1jvg5dkQsUHtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMWI5ZmU4ZjFhMzM5MTdmZWU3ZTRkYmU5ZmFiOTI1ZWI4 NjI1YTkwHhcNMjUxMjA2MDYwMDUzWhcNMjUxMjA3MDYwMDUzWjAzMTEwLwYDVQQD EyhiN2NlNTVkNDUwMDA3ZTY0YzU2ZWRkNzY3NWFjNDZmZjAyYzQ1ZGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuDReke3IaGMZG52OZtf/tp/5z9X baEAS8lInGYTZOMR+ig6J3APsfjF87Ikvz2Pg2G7FKkg+bxvWwUskpTJ6+KiJPjm SgydkVokSxyV/QI6h2s/QgSvrI678ya7EdkdKgjZj7nUk7p2jvCqqkBcklJHacMa BDwhMiurx8K/V83wPbuLNHH42KLtnUSB3AxrLsnXKfIORP63esCr+orZCN1bYRW0 8XohdyzbhIzlwLDqei8+bSh3T6Cs/glHJYou3N3QkeRFOLIpodEytftZzznAqiHU FL7TA5ucDlhEUu3F/jQWcdxgv+UNV77C4okHYwQtD/zE++DGf5aZ1Rb2IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLfOVdRQAH5kxW7ddnWsRv8CxF36MB8GA1UdIwQY MBaAFNobn+jxozkX/ufk2+n6uSXrhiWpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmh1ZjZQR2pPUmYtNS1UYjZmcTVKZXVHSmFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80MmExNjYtOGE4Ni00OGRhLWJiOTYt NzlmZDUwMjNkZTM2LzEvMmh1ZjZQR2pPUmYtNS1UYjZmcTVKZXVHSmFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy80MmExNjYtOGE4Ni00OGRhLWJiOTYtNzlmZDUwMjNkZTM2 LzEvMmh1ZjZQR2pPUmYtNS1UYjZmcTVKZXVHSmFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkg7T9yqW lg20BkLHHPWDIRjxT6v1pppdDgfMhf2kQIfQZgIX6qm/V7wxOYKXNUOdPZjaP1V+ 8eb4J4JZm7nIG5aUun07bLrdHik0upIYlsWK8WhQylF0dbO885hir+t+nfMbIn9i ZFE1SBLctnyD1ZNxSy0Oa2bRiZur0SqwuH6sen0V4HR0uvfz/2sXdeifYf8LH43O RgA/dHYJI0PTnCk+mpEyWAGCfKxzBRwlHmtOfWFjOx6X+J34m/URhOunq/8cpKGa xSAi0lnY1S7YSv8MyWlVp/m6l6+khPL2+Dt6vDHT9y67psrumGkkHNu92uKMizBB RJKcun3teD9Sxg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:25:19 2025 by rpki-client