This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/23c57c-b8a7-49a5-9c05-eef70aab035e/1/2m3EGSZFyEKk-i-II08uWhhMdmQ.mft File: 2m3EGSZFyEKk-i-II08uWhhMdmQ.mft (raw, json) Hash identifier: 5WuPJF0u1PqPI59d9wRHPa78pYwhUkVv8cRYBtkLtKw= Subject key identifier: FD:2F:AC:21:DF:09:28:60:D1:55:45:AE:33:85:3D:1A:B7:6E:37:85 Authority key identifier: DA:6D:C4:19:26:45:C8:42:A4:FA:2F:88:23:4F:2E:5A:18:4C:76:64 Certificate issuer: /CN=da6dc4192645c842a4fa2f88234f2e5a184c7664 Certificate serial: 019AF12F23208142A4C348D827BAA211034B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2m3EGSZFyEKk-i-II08uWhhMdmQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/23c57c-b8a7-49a5-9c05-eef70aab035e/1/2m3EGSZFyEKk-i-II08uWhhMdmQ.mft Manifest number: 08BE Signing time: Sat 06 Dec 2025 01:03:09 +0000 Manifest this update: Sat 06 Dec 2025 01:03:09 +0000 Manifest next update: Sun 07 Dec 2025 01:03:09 +0000 Files and hashes: 1: 2m3EGSZFyEKk-i-II08uWhhMdmQ.crl (hash: Gzgo1H0pY33hgAoRM7u6ET+4qYAf2CtVjcwb3veRq8g=) 2: JwOlXzHs1rdGVXlkVOqZWuxz-yI.roa (hash: PGrtrfZNHqKpdplaHtlzlb/8zTI8cEQQrTdbVPKqLz0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/23c57c-b8a7-49a5-9c05-eef70aab035e/1/2m3EGSZFyEKk-i-II08uWhhMdmQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/23c57c-b8a7-49a5-9c05-eef70aab035e/1/2m3EGSZFyEKk-i-II08uWhhMdmQ.mft rsync://rpki.ripe.net/repository/DEFAULT/2m3EGSZFyEKk-i-II08uWhhMdmQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:03:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2f:23:20:81:42:a4:c3:48:d8:27:ba:a2:11:03:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da6dc4192645c842a4fa2f88234f2e5a184c7664 Validity Not Before: Dec 6 01:03:09 2025 GMT Not After : Dec 7 01:03:09 2025 GMT Subject: CN=fd2fac21df092860d15545ae33853d1ab76e3785 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a8:42:ec:bb:95:ff:72:71:12:a6:16:47:a0: bd:6c:af:8f:de:15:50:35:91:52:82:27:8b:e0:d6: 60:5c:b2:ea:7c:71:90:09:74:b4:db:c2:bc:57:6b: a3:d0:ca:74:f0:09:45:54:ee:c3:bf:50:8f:e7:04: e5:04:e0:f7:ce:d8:73:0f:ee:98:9f:4c:88:5e:b5: 70:23:b8:5f:bc:58:22:2a:57:a3:6b:49:fa:a9:b9: f4:28:cd:0b:04:b0:8e:63:f2:58:d4:33:e3:aa:50: 84:84:a2:dd:b1:b5:fb:cf:8a:22:9b:12:b0:96:06: 36:7e:6d:83:11:d7:a8:89:a1:55:c9:56:76:6e:ff: 4d:77:da:ad:15:f1:a3:fa:c9:b1:a5:6f:b6:83:f3: cf:4c:31:00:4e:b7:f2:d0:81:62:cc:91:76:c6:11: b8:48:71:19:8f:c9:19:e0:39:51:36:b1:e6:ca:6a: 15:12:4e:89:91:b9:43:b5:2e:b0:2e:14:b3:75:d7: 38:3c:03:58:a8:2e:7a:da:7c:ff:08:0e:de:2d:53: 40:bb:7f:a1:20:1d:50:5a:82:a0:b1:75:90:c1:d7: 1a:af:40:93:9b:40:68:57:6a:11:2a:d6:b0:2b:08: 96:56:0d:a3:3f:62:8b:a0:a3:70:97:8b:48:9e:a3: 5e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:2F:AC:21:DF:09:28:60:D1:55:45:AE:33:85:3D:1A:B7:6E:37:85 X509v3 Authority Key Identifier: keyid:DA:6D:C4:19:26:45:C8:42:A4:FA:2F:88:23:4F:2E:5A:18:4C:76:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2m3EGSZFyEKk-i-II08uWhhMdmQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/23c57c-b8a7-49a5-9c05-eef70aab035e/1/2m3EGSZFyEKk-i-II08uWhhMdmQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/23c57c-b8a7-49a5-9c05-eef70aab035e/1/2m3EGSZFyEKk-i-II08uWhhMdmQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:45:34:b9:58:5c:04:a1:93:92:b5:47:b0:61:54:42:3f:19: 95:e9:74:c9:b7:8c:29:1f:d8:1f:81:ca:dd:15:44:c2:08:c7: 28:ab:6d:3e:8f:06:40:44:9c:56:b0:c4:a5:8f:b4:b2:ab:9d: cf:46:76:55:4a:92:58:21:38:b0:25:c8:65:3e:3f:f5:af:b4: 7b:6b:41:67:57:db:0d:57:0a:4e:22:b7:e2:b4:6a:4b:0d:2b: 4f:45:4c:2f:27:81:aa:78:d7:77:a9:af:d2:84:3d:a7:7c:66: 54:a3:23:f7:e5:51:67:5c:97:d8:74:b6:d6:f6:3b:27:b0:22: b3:c1:b6:ff:ab:50:fa:42:6d:01:c2:21:a6:7c:d6:3f:81:d1: 68:ed:d0:2a:92:f9:7c:58:11:ce:88:3c:d8:e0:a6:56:cf:9e: d1:ad:1a:f8:5d:9a:bb:eb:42:16:cf:96:bd:56:36:ac:81:b5: ff:d3:b8:af:fa:2a:78:c3:0b:9d:8f:4e:ed:5b:81:7f:ec:4c: 3b:5e:cb:bb:70:d7:0c:1e:a2:6e:6c:b3:8f:af:1f:91:e3:4f: 28:84:06:9f:3a:28:2d:ba:7f:d9:69:ee:57:cb:b4:bb:fe:8a: 69:56:db:ac:67:cd:90:b4:1b:2a:99:3f:91:ab:b6:0b:63:2e: d1:85:a2:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLyMggUKkw0jYJ7qiEQNLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNmRjNDE5MjY0NWM4NDJhNGZhMmY4ODIzNGYyZTVhMTg0 Yzc2NjQwHhcNMjUxMjA2MDEwMzA5WhcNMjUxMjA3MDEwMzA5WjAzMTEwLwYDVQQD EyhmZDJmYWMyMWRmMDkyODYwZDE1NTQ1YWUzMzg1M2QxYWI3NmUzNzg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6hC7LuV/3JxEqYWR6C9bK+P3hVQ NZFSgieL4NZgXLLqfHGQCXS028K8V2uj0Mp08AlFVO7Dv1CP5wTlBOD3zthzD+6Y n0yIXrVwI7hfvFgiKleja0n6qbn0KM0LBLCOY/JY1DPjqlCEhKLdsbX7z4oimxKw lgY2fm2DEdeoiaFVyVZ2bv9Nd9qtFfGj+smxpW+2g/PPTDEATrfy0IFizJF2xhG4 SHEZj8kZ4DlRNrHmymoVEk6JkblDtS6wLhSzddc4PANYqC562nz/CA7eLVNAu3+h IB1QWoKgsXWQwdcar0CTm0BoV2oRKtawKwiWVg2jP2KLoKNwl4tInqNesQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP0vrCHfCShg0VVFrjOFPRq3bjeFMB8GA1UdIwQY MBaAFNptxBkmRchCpPoviCNPLloYTHZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm0zRUdTWkZ5RUtrLWktSUkwOHVXaGhNZG1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yM2M1N2MtYjhhNy00OWE1LTljMDUt ZWVmNzBhYWIwMzVlLzEvMm0zRUdTWkZ5RUtrLWktSUkwOHVXaGhNZG1RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8yM2M1N2MtYjhhNy00OWE1LTljMDUtZWVmNzBhYWIwMzVl LzEvMm0zRUdTWkZ5RUtrLWktSUkwOHVXaGhNZG1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0U0uVhc BKGTkrVHsGFUQj8Zlel0ybeMKR/YH4HK3RVEwgjHKKttPo8GQEScVrDEpY+0squd z0Z2VUqSWCE4sCXIZT4/9a+0e2tBZ1fbDVcKTiK34rRqSw0rT0VMLyeBqnjXd6mv 0oQ9p3xmVKMj9+VRZ1yX2HS21vY7J7Ais8G2/6tQ+kJtAcIhpnzWP4HRaO3QKpL5 fFgRzog82OCmVs+e0a0a+F2au+tCFs+WvVY2rIG1/9O4r/oqeMMLnY9O7VuBf+xM O17Lu3DXDB6ibmyzj68fkeNPKIQGnzooLbp/2WnuV8u0u/6KaVbbrGfNkLQbKpk/ kau2C2Mu0YWi1A== -----END CERTIFICATE-----Generated at Sat Dec 6 08:26:05 2025 by rpki-client