This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json) Hash identifier: Is1XjR+8IUBVC9VO1xjGh4ixbgqOkedJmDhUqG5AnNU= Subject key identifier: 34:59:8B:91:6A:D2:4E:F0:A0:05:50:6E:F6:05:55:78:E2:5F:56:D5 Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Certificate serial: 019AF31D3A3285BAEC1F5E28C5F0086FEE83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft Manifest number: 0CBA Signing time: Sat 06 Dec 2025 10:02:50 +0000 Manifest this update: Sat 06 Dec 2025 10:02:50 +0000 Manifest next update: Sun 07 Dec 2025 10:02:50 +0000 Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: VTm5GpgPF205MHO96pS2a5xs6JHHARaOv1DQvQEZzlM=) 2: YfAgsC_cdxTTdTc3lRuKLUA9Ek4.roa (hash: 6JxCw6QKy553BkYrq5SFqTFyUQePShSh+1QhYyHxmes=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:3a:32:85:ba:ec:1f:5e:28:c5:f0:08:6f:ee:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955 Validity Not Before: Dec 6 10:02:50 2025 GMT Not After : Dec 7 10:02:50 2025 GMT Subject: CN=34598b916ad24ef0a005506ef6055578e25f56d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c7:82:34:e6:fc:f1:06:dd:d4:e0:68:6a:5f: 57:fe:db:f9:01:24:a2:83:52:6d:8a:0e:bf:08:97: 45:b9:78:6c:56:dd:6e:d3:77:6d:e7:3e:0d:00:2e: d8:46:11:15:b9:e2:cf:82:f7:d4:a4:ce:87:2e:31: 09:9f:67:34:3f:8e:79:ec:1d:3f:8c:e2:d7:de:4a: eb:d7:40:fb:dd:a7:09:e9:5e:eb:d4:b5:da:c0:e8: 5e:0b:6a:1c:c9:e2:c1:47:c1:a0:ea:eb:ad:92:7d: ae:1e:fd:bf:93:8f:a4:57:dd:d2:d4:c8:58:5f:7f: eb:b9:b4:13:c1:df:3f:c3:dc:3b:b4:b6:bc:20:76: 46:a8:59:86:55:96:03:f5:aa:61:0e:b1:b7:8c:76: 99:31:1d:d7:f8:cd:56:2b:d5:5b:6a:81:c8:78:3f: 05:68:bd:4e:f1:68:90:ba:3e:a5:7d:c0:86:e8:4b: 58:ea:70:db:53:ea:38:33:c5:be:55:de:08:0c:c0: 3b:b0:f5:27:b3:bf:bc:ea:90:1a:b6:8c:d1:59:d2: c9:8c:44:27:ab:5c:b8:94:29:8d:fe:d9:c0:5b:8a: a0:8b:64:6c:a2:bf:90:5c:c6:d7:79:be:93:40:de: 55:e6:0c:b9:14:77:bd:11:c4:1d:36:33:4a:59:79: c2:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:59:8B:91:6A:D2:4E:F0:A0:05:50:6E:F6:05:55:78:E2:5F:56:D5 X509v3 Authority Key Identifier: keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:17:08:9c:33:15:18:76:3b:21:6f:ea:e1:e5:87:21:9f:e2: 48:36:47:b3:04:92:7a:e2:22:d4:f5:cc:51:4d:f2:cb:5e:f7: 65:f3:8a:4d:ba:91:fd:15:19:43:b9:83:cd:f6:26:51:ff:25: c9:80:ff:f1:11:50:1f:b3:a1:d4:dc:83:27:49:e6:77:ea:58: 3d:c1:ca:af:cd:4b:4b:fd:fa:25:cf:7e:5f:07:74:7c:3e:b7: 83:0b:58:5e:81:a3:a5:a0:ed:bd:dc:c2:7c:7b:54:dd:ad:e6: 6b:94:d4:56:a0:a4:b9:24:1c:a9:9b:78:6c:05:03:ab:fc:21: cc:aa:d0:dd:ed:e6:9f:73:79:e4:fc:91:7d:54:0e:9f:b1:82: 6e:d6:22:f5:d2:51:a6:3d:ad:6e:2d:2a:e0:33:26:a0:a9:a2: 1e:79:94:e0:d7:8d:4c:77:9e:79:1d:a6:d4:91:ae:36:63:16: a6:83:68:94:bc:0a:62:eb:16:a3:76:a4:48:84:31:02:6c:d3: 8d:43:5a:a9:c5:83:83:a0:24:90:32:95:26:fa:53:a4:db:e7: 98:a3:7e:20:fc:87:b4:6b:84:02:11:dd:a9:98:1a:0d:ae:e7: da:76:78:07:d1:18:f4:a4:4d:fb:80:bd:da:e5:ed:8d:9f:82: d6:19:83:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHToyhbrsH14oxfAIb+6DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3 NWU5NTUwHhcNMjUxMjA2MTAwMjUwWhcNMjUxMjA3MTAwMjUwWjAzMTEwLwYDVQQD EygzNDU5OGI5MTZhZDI0ZWYwYTAwNTUwNmVmNjA1NTU3OGUyNWY1NmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuceCNOb88Qbd1OBoal9X/tv5ASSi g1Jtig6/CJdFuXhsVt1u03dt5z4NAC7YRhEVueLPgvfUpM6HLjEJn2c0P4557B0/ jOLX3krr10D73acJ6V7r1LXawOheC2ocyeLBR8Gg6uutkn2uHv2/k4+kV93S1MhY X3/rubQTwd8/w9w7tLa8IHZGqFmGVZYD9aphDrG3jHaZMR3X+M1WK9VbaoHIeD8F aL1O8WiQuj6lfcCG6EtY6nDbU+o4M8W+Vd4IDMA7sPUns7+86pAatozRWdLJjEQn q1y4lCmN/tnAW4qgi2Rsor+QXMbXeb6TQN5V5gy5FHe9EcQdNjNKWXnCkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDRZi5Fq0k7woAVQbvYFVXjiX1bVMB8GA1UdIwQY MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5 LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKBcInDMV GHY7IW/q4eWHIZ/iSDZHswSSeuIi1PXMUU3yy173ZfOKTbqR/RUZQ7mDzfYmUf8l yYD/8RFQH7Oh1NyDJ0nmd+pYPcHKr81LS/36Jc9+Xwd0fD63gwtYXoGjpaDtvdzC fHtU3a3ma5TUVqCkuSQcqZt4bAUDq/whzKrQ3e3mn3N55PyRfVQOn7GCbtYi9dJR pj2tbi0q4DMmoKmiHnmU4NeNTHeeeR2m1JGuNmMWpoNolLwKYusWo3akSIQxAmzT jUNaqcWDg6AkkDKVJvpTpNvnmKN+IPyHtGuEAhHdqZgaDa7n2nZ4B9EY9KRN+4C9 2uXtjZ+C1hmDaA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:58:56 2025 by rpki-client