This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft File: 2f-H9S43t2bsv0s_nLJlWN0wiCA.mft (raw, json) Hash identifier: HKlP+Pm2DJQ39zTJeR8dq0NcxdEeyNjp3LJFZdHsgHg= Subject key identifier: 0C:2B:3C:8F:BE:E7:9C:83:97:97:EB:1C:3C:88:AE:4A:06:92:DF:F9 Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20 Certificate issuer: /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820 Certificate serial: 019AF42DF81E480D6500A614AE68D9730552 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft Manifest number: 0D31 Signing time: Sat 06 Dec 2025 15:00:44 +0000 Manifest this update: Sat 06 Dec 2025 15:00:44 +0000 Manifest next update: Sun 07 Dec 2025 15:00:44 +0000 Files and hashes: 1: 2f-H9S43t2bsv0s_nLJlWN0wiCA.crl (hash: DoI2U2mZACYkbEOLkF4sNNKcKxPXviGqopBmIVgK11o=) 2: nyss7FejNtDGTUXRBz8EpK-bUtQ.roa (hash: 1YbJTbv2jhWedSFo8tfV4w9Efzyk/as9DY0FQwn+kas=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2d:f8:1e:48:0d:65:00:a6:14:ae:68:d9:73:05:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820 Validity Not Before: Dec 6 15:00:44 2025 GMT Not After : Dec 7 15:00:44 2025 GMT Subject: CN=0c2b3c8fbee79c839797eb1c3c88ae4a0692dff9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:15:7b:d8:d7:3e:6d:3a:f2:fc:57:31:7c:30: cf:0a:d6:c2:0f:6c:71:11:35:cc:c9:ff:53:cd:0e: e1:f7:cd:d8:63:78:58:f3:9c:0b:07:46:41:2c:a9: cb:de:30:66:31:75:1b:b9:df:f4:91:d8:3a:b0:df: bd:2e:b2:5e:b1:4a:bf:1e:3a:64:95:b6:92:a3:59: ef:08:6b:d4:cc:9e:b8:d8:79:56:35:36:53:f8:20: a8:85:05:69:b8:e9:3a:d8:05:25:81:7b:4c:8c:ef: bc:0d:c6:2c:a8:0a:85:8d:54:05:e3:80:36:92:95: 8c:7a:04:bc:22:7e:df:79:de:3e:56:40:67:6e:7c: c2:4d:4e:00:8e:a9:32:2f:3a:56:98:7d:63:ba:f2: 6a:38:d7:db:a0:4f:ed:e1:90:dc:b3:1d:cc:5a:07: 83:0a:0a:96:94:08:1e:23:c5:5c:27:a4:d6:fc:bb: 4e:6c:6b:06:85:6a:35:ff:32:51:50:26:5e:72:88: 77:7e:25:62:74:dd:ed:09:d5:c0:b7:82:68:86:22: 39:1f:b7:e9:47:81:c2:bb:c8:bb:d2:cf:4a:75:6e: 29:f6:fc:c3:cb:58:c2:e3:d2:b6:b9:75:e5:1e:5e: 08:99:5a:c6:04:9a:82:81:c4:c1:16:37:17:32:2e: 4f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:2B:3C:8F:BE:E7:9C:83:97:97:EB:1C:3C:88:AE:4A:06:92:DF:F9 X509v3 Authority Key Identifier: keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:9e:c4:68:10:39:b7:94:1c:52:ec:fd:4c:12:8b:a3:58:6a: 35:63:6b:de:29:94:1d:fe:bf:75:23:c2:f1:80:f2:c6:41:8d: c1:4c:a3:7c:f0:80:27:b0:c9:03:bf:ed:5a:2a:a7:22:6f:fb: fc:75:28:6d:bd:f1:e0:2e:ea:4e:cc:e9:1c:02:f1:91:4d:94: ff:fe:98:fc:4f:e4:85:1e:4c:b0:55:09:1d:16:64:60:de:8b: 0f:c9:37:58:4d:9d:13:fe:19:ce:26:5c:7a:78:81:8a:17:d8: 9a:1b:85:58:89:ab:3b:e4:7a:28:08:21:62:08:66:f3:73:58: 87:78:7c:8c:30:d0:6c:fa:f0:34:b1:c2:ab:7d:c7:0b:ea:e3: 76:b1:71:0d:c8:bd:ef:44:5d:98:2a:94:b0:b0:89:28:c7:b5: b7:22:8f:9c:2d:2b:92:35:fb:9b:54:ed:53:73:6e:7e:0d:a5: 53:f6:79:cb:58:03:79:ad:2f:4c:de:dc:3d:60:40:96:0f:17: f6:0b:f3:ab:5a:59:8c:5f:d8:34:4f:25:da:86:59:59:47:33: e3:7a:88:68:d3:41:55:2f:44:ba:6c:08:cb:17:cf:41:e0:39: 8e:97:a1:e6:46:90:0b:7f:a2:c7:82:5a:0b:21:fa:7d:0e:7a: 2b:41:c9:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0LfgeSA1lAKYUrmjZcwVSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz MDg4MjAwHhcNMjUxMjA2MTUwMDQ0WhcNMjUxMjA3MTUwMDQ0WjAzMTEwLwYDVQQD EygwYzJiM2M4ZmJlZTc5YzgzOTc5N2ViMWMzYzg4YWU0YTA2OTJkZmY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxV72Nc+bTry/FcxfDDPCtbCD2xx ETXMyf9TzQ7h983YY3hY85wLB0ZBLKnL3jBmMXUbud/0kdg6sN+9LrJesUq/Hjpk lbaSo1nvCGvUzJ642HlWNTZT+CCohQVpuOk62AUlgXtMjO+8DcYsqAqFjVQF44A2 kpWMegS8In7fed4+VkBnbnzCTU4AjqkyLzpWmH1juvJqONfboE/t4ZDcsx3MWgeD CgqWlAgeI8VcJ6TW/LtObGsGhWo1/zJRUCZecoh3fiVidN3tCdXAt4JohiI5H7fp R4HCu8i70s9KdW4p9vzDy1jC49K2uXXlHl4ImVrGBJqCgcTBFjcXMi5PAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAwrPI++55yDl5frHDyIrkoGkt/5MB8GA1UdIwQY MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt MWU3MzAwY2NkYTM2LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2 LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtJ7EaBA5 t5QcUuz9TBKLo1hqNWNr3imUHf6/dSPC8YDyxkGNwUyjfPCAJ7DJA7/tWiqnIm/7 /HUobb3x4C7qTszpHALxkU2U//6Y/E/khR5MsFUJHRZkYN6LD8k3WE2dE/4ZziZc eniBihfYmhuFWImrO+R6KAghYghm83NYh3h8jDDQbPrwNLHCq33HC+rjdrFxDci9 70RdmCqUsLCJKMe1tyKPnC0rkjX7m1TtU3Nufg2lU/Z5y1gDea0vTN7cPWBAlg8X 9gvzq1pZjF/YNE8l2oZZWUcz43qIaNNBVS9EumwIyxfPQeA5jpeh5kaQC3+ix4Ja CyH6fQ56K0HJUA== -----END CERTIFICATE-----Generated at Sat Dec 6 18:36:36 2025 by rpki-client