This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft File: 2J8W9XSSQzePgUyUskA010s5J98.mft (raw, json) Hash identifier: ZGucfRvh9XypCq+FQGCGbb1ui6861OKJYvZrQdSgA4U= Subject key identifier: 8D:44:80:25:03:B9:D6:C3:E9:62:8E:DA:87:BB:38:25:B7:7A:98:25 Authority key identifier: D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF Certificate issuer: /CN=d89f16f5749243378f814c94b24034d74b3927df Certificate serial: 019AF19B9606EAD97CACE7757C4DF68227BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft Manifest number: 040F Signing time: Sat 06 Dec 2025 03:01:36 +0000 Manifest this update: Sat 06 Dec 2025 03:01:36 +0000 Manifest next update: Sun 07 Dec 2025 03:01:36 +0000 Files and hashes: 1: 2J8W9XSSQzePgUyUskA010s5J98.crl (hash: 2q2DzDiugC0CXz66zZ8y0RjPw3MyFGTtHkvkV2kHk1c=) 2: S9_pIBHq75Wq7oGW-jAli5gxMaE.roa (hash: cpq5fUvjVAhKKLO06wh9HRGgk0x/xpun3Cli9g36l8w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:96:06:ea:d9:7c:ac:e7:75:7c:4d:f6:82:27:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d89f16f5749243378f814c94b24034d74b3927df Validity Not Before: Dec 6 03:01:36 2025 GMT Not After : Dec 7 03:01:36 2025 GMT Subject: CN=8d44802503b9d6c3e9628eda87bb3825b77a9825 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:af:df:d7:b8:70:85:98:9d:e6:8e:c3:68:d7: 0b:be:83:f2:84:69:3d:7a:7f:04:b1:d4:75:b6:ce: ec:ba:f6:9c:95:37:13:a3:40:63:e0:72:ed:81:63: c6:b7:3e:23:33:f2:2b:b2:6b:6a:ca:1b:f5:1e:6a: 85:40:f0:74:8f:bf:5b:ab:9d:62:e1:85:70:70:86: 80:b4:cc:9b:48:8c:8a:73:83:e2:ef:ba:2e:20:4f: 46:49:70:1d:43:78:b8:2e:9c:08:28:17:0a:6f:8a: c1:c7:01:fd:03:49:3b:9e:f2:0f:4b:53:05:53:08: b2:8b:aa:d1:ea:33:60:9f:21:fd:f0:79:bc:fd:be: ac:c9:5a:98:2c:ea:cd:88:bd:c5:5d:07:51:af:53: 5b:6a:12:2c:54:63:21:80:52:b6:2c:08:25:c8:6c: 3d:ce:9c:36:96:b2:de:04:c5:85:87:fa:c0:07:31: f5:c2:5e:fa:c4:d1:a2:e5:7c:9f:91:44:96:48:cb: 4b:32:69:83:e6:36:c7:f4:1f:a0:2c:50:c4:56:74: 47:17:a4:8a:58:f0:d4:7b:2a:d7:b3:45:c4:2d:f8: 20:62:99:eb:5c:4f:1e:24:87:95:d9:b1:84:e3:87: 08:db:39:f4:c3:ec:d9:ae:6f:0b:37:77:58:9c:6a: 52:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:44:80:25:03:B9:D6:C3:E9:62:8E:DA:87:BB:38:25:B7:7A:98:25 X509v3 Authority Key Identifier: keyid:D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:54:81:9a:b5:bb:2c:91:09:7e:bb:06:a4:d7:28:50:ea:ec: 42:28:64:42:5c:ba:7f:96:a3:56:4c:99:a0:0a:ed:80:02:f7: 2c:ba:10:f6:e3:3f:d2:a1:34:c5:8f:e3:80:f6:79:b6:8e:a8: 9c:f7:1d:c4:34:10:fb:d3:4d:6c:01:0b:e3:c1:0b:18:1f:ea: c7:04:6a:57:83:9b:21:c0:48:1d:27:7a:45:74:8b:d3:e5:3d: c3:b7:22:46:ad:69:76:71:4c:f8:e2:32:cd:e7:f2:53:bc:49: 0f:0e:d4:f3:f9:24:f8:54:c8:45:f9:9d:2e:5c:30:ad:d1:d6: 35:c5:aa:fe:41:ae:ee:d1:39:73:1b:e8:9e:31:24:44:bc:91: 8d:5d:20:cc:b8:b9:e7:9c:92:5c:ca:c4:1a:72:51:eb:73:29: 50:5d:ea:30:6a:cf:a6:ce:c1:3f:14:71:cf:3b:25:18:19:d0: b1:89:e1:54:2b:a9:28:e8:a6:ec:7c:7b:9b:67:eb:7c:5c:87: 4c:1c:c7:26:13:b9:2e:22:26:08:6c:44:9d:d8:20:be:70:79: f4:ab:43:51:cb:ec:a5:a6:d9:cd:9a:29:d9:7f:3e:75:22:99: 6b:ad:d2:97:69:7a:dc:34:dc:1c:d4:76:c7:41:f5:63:11:9f: 21:97:64:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm5YG6tl8rOd1fE32gie+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OWYxNmY1NzQ5MjQzMzc4ZjgxNGM5NGIyNDAzNGQ3NGIz OTI3ZGYwHhcNMjUxMjA2MDMwMTM2WhcNMjUxMjA3MDMwMTM2WjAzMTEwLwYDVQQD Eyg4ZDQ0ODAyNTAzYjlkNmMzZTk2MjhlZGE4N2JiMzgyNWI3N2E5ODI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya/f17hwhZid5o7DaNcLvoPyhGk9 en8EsdR1ts7suvaclTcTo0Bj4HLtgWPGtz4jM/Irsmtqyhv1HmqFQPB0j79bq51i 4YVwcIaAtMybSIyKc4Pi77ouIE9GSXAdQ3i4LpwIKBcKb4rBxwH9A0k7nvIPS1MF Uwiyi6rR6jNgnyH98Hm8/b6syVqYLOrNiL3FXQdRr1NbahIsVGMhgFK2LAglyGw9 zpw2lrLeBMWFh/rABzH1wl76xNGi5XyfkUSWSMtLMmmD5jbH9B+gLFDEVnRHF6SK WPDUeyrXs0XELfggYpnrXE8eJIeV2bGE44cI2zn0w+zZrm8LN3dYnGpSewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI1EgCUDudbD6WKO2oe7OCW3epglMB8GA1UdIwQY MBaAFNifFvV0kkM3j4FMlLJANNdLOSffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUt MzQ2YmQ5NzNjODQzLzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUtMzQ2YmQ5NzNjODQz LzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1SBmrW7 LJEJfrsGpNcoUOrsQihkQly6f5ajVkyZoArtgAL3LLoQ9uM/0qE0xY/jgPZ5to6o nPcdxDQQ+9NNbAEL48ELGB/qxwRqV4ObIcBIHSd6RXSL0+U9w7ciRq1pdnFM+OIy zefyU7xJDw7U8/kk+FTIRfmdLlwwrdHWNcWq/kGu7tE5cxvonjEkRLyRjV0gzLi5 55ySXMrEGnJR63MpUF3qMGrPps7BPxRxzzslGBnQsYnhVCupKOim7Hx7m2frfFyH TBzHJhO5LiImCGxEndggvnB59KtDUcvspabZzZop2X8+dSKZa63Sl2l63DTcHNR2 x0H1YxGfIZdkHg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:11 2025 by rpki-client