This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft File: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json) Hash identifier: yTb9lbSIeF/e/w4zfkvlPEGlGCo28zqF9YUxj0z6Lsc= Subject key identifier: AB:13:D6:54:64:30:8D:92:1C:67:EE:D1:00:03:9D:75:A2:36:BC:0E Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4 Certificate issuer: /CN=d9a23485fed8c850745232e3dc51ccead47254a4 Certificate serial: 019AF31BD9DAAD20F9634E84DFA812536F70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft Manifest number: 0B70 Signing time: Sat 06 Dec 2025 10:01:19 +0000 Manifest this update: Sat 06 Dec 2025 10:01:19 +0000 Manifest next update: Sun 07 Dec 2025 10:01:19 +0000 Files and hashes: 1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: eon7SIvfYh0siNSvNX5fgzjIdQ7F1EqpV1PeFTP2H1k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:d9:da:ad:20:f9:63:4e:84:df:a8:12:53:6f:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4 Validity Not Before: Dec 6 10:01:19 2025 GMT Not After : Dec 7 10:01:19 2025 GMT Subject: CN=ab13d65464308d921c67eed100039d75a236bc0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:42:28:66:80:55:ee:7f:67:c8:40:79:b6:ad: 32:44:ad:ab:5d:89:26:60:9f:27:f2:94:8e:ec:22: 8b:4a:c8:3b:7f:39:e6:3b:a1:4c:42:a2:9d:e2:24: 4d:b9:aa:5a:77:15:3c:7c:32:dc:f0:3e:1d:08:3c: 0a:35:21:5a:0e:62:a1:1c:18:be:97:0d:f5:d8:66: 22:18:52:a9:35:aa:78:d2:33:e6:91:5a:34:ce:e0: 46:7c:f1:07:a0:3e:91:4e:fe:75:69:f0:eb:4c:a8: ad:fb:eb:ab:18:a2:c8:43:bd:3d:b8:5e:2d:57:30: 83:b1:f7:6e:f7:39:ab:31:03:f1:a9:84:ef:64:45: 32:5f:20:08:38:5e:af:29:a9:2d:7c:53:3e:72:a7: 81:07:54:6e:f0:48:28:6d:09:c1:5a:fc:d2:6a:79: 66:9b:bd:a3:93:e3:be:55:67:03:86:0c:67:37:37: d5:75:35:79:52:ca:b2:68:9d:bd:b5:e2:a0:13:f1: d8:ea:e3:2d:d3:cd:f6:89:db:9e:21:b2:09:34:33: 1e:e2:69:63:b7:42:5d:1c:ec:8f:77:c1:dd:ea:1c: bd:82:ce:59:4f:a8:b6:5e:c0:b2:f8:e9:7e:fe:b5: f4:25:94:b4:5e:ce:03:62:88:35:27:7b:d2:3b:dd: bb:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:13:D6:54:64:30:8D:92:1C:67:EE:D1:00:03:9D:75:A2:36:BC:0E X509v3 Authority Key Identifier: keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:1d:9f:58:10:89:79:bf:a0:c8:a4:53:ac:22:88:2e:d8:d8: a7:5e:4e:f2:35:c0:90:2f:21:4a:da:a0:05:ff:0f:de:05:69: 10:94:ec:cd:66:2b:0d:53:79:9d:0a:c0:21:d9:4f:0f:53:61: e1:44:aa:65:c9:bd:32:c6:1e:e8:e3:60:de:56:55:68:9e:08: e5:51:27:88:9d:c5:b3:33:03:e7:3e:68:fa:38:c4:77:2e:9a: 3c:99:fd:1c:4c:c2:90:2d:9f:93:2e:9d:d4:ed:90:4f:9e:c1: ad:38:53:ea:53:37:8b:ef:c8:42:d1:60:98:2b:c2:9f:8f:b7: 0d:0b:81:5b:7e:7e:0f:ec:f5:97:18:0a:8e:56:49:03:15:be: bc:de:87:9f:c4:2f:cc:50:22:09:28:cb:36:8f:ee:90:e2:ba: b7:1d:48:3c:b0:ee:87:97:05:6b:bf:d9:ea:e6:25:f7:5d:d7: 45:a0:0b:25:43:71:31:eb:9f:13:54:9a:22:08:30:1a:e4:5b: 22:5e:e8:1a:45:57:10:d0:8d:d2:69:9f:fe:89:6c:2a:af:ef: 6c:6c:60:a1:ac:43:5c:62:78:e8:77:c3:83:5e:8d:f2:f0:69: 5e:45:83:09:3e:79:dd:cc:c8:9c:39:c5:dd:25:7c:00:12:4d: 64:c9:ee:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG9narSD5Y06E36gSU29wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3 MjU0YTQwHhcNMjUxMjA2MTAwMTE5WhcNMjUxMjA3MTAwMTE5WjAzMTEwLwYDVQQD EyhhYjEzZDY1NDY0MzA4ZDkyMWM2N2VlZDEwMDAzOWQ3NWEyMzZiYzBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UIoZoBV7n9nyEB5tq0yRK2rXYkm YJ8n8pSO7CKLSsg7fznmO6FMQqKd4iRNuapadxU8fDLc8D4dCDwKNSFaDmKhHBi+ lw312GYiGFKpNap40jPmkVo0zuBGfPEHoD6RTv51afDrTKit++urGKLIQ709uF4t VzCDsfdu9zmrMQPxqYTvZEUyXyAIOF6vKaktfFM+cqeBB1Ru8EgobQnBWvzSanlm m72jk+O+VWcDhgxnNzfVdTV5UsqyaJ29teKgE/HY6uMt0832idueIbIJNDMe4mlj t0JdHOyPd8Hd6hy9gs5ZT6i2XsCy+Ol+/rX0JZS0Xs4DYog1J3vSO9270wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKsT1lRkMI2SHGfu0QADnXWiNrwOMB8GA1UdIwQY MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0 LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASx2fWBCJ eb+gyKRTrCKILtjYp15O8jXAkC8hStqgBf8P3gVpEJTszWYrDVN5nQrAIdlPD1Nh 4USqZcm9MsYe6ONg3lZVaJ4I5VEniJ3FszMD5z5o+jjEdy6aPJn9HEzCkC2fky6d 1O2QT57BrThT6lM3i+/IQtFgmCvCn4+3DQuBW35+D+z1lxgKjlZJAxW+vN6Hn8Qv zFAiCSjLNo/ukOK6tx1IPLDuh5cFa7/Z6uYl913XRaALJUNxMeufE1SaIggwGuRb Il7oGkVXENCN0mmf/olsKq/vbGxgoaxDXGJ46HfDg16N8vBpXkWDCT553czInDnF 3SV8ABJNZMnuPw== -----END CERTIFICATE-----Generated at Sat Dec 6 19:20:04 2025 by rpki-client