This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft File: _2szYaGioA284xkBmCf-u3Fb0EQ.mft (raw, json) Hash identifier: xcimqjTa6GIPiE+DNlZFJOqC5CQ+1li7vCv3MQCowyE= Subject key identifier: A6:C8:31:64:58:61:F3:25:BF:C8:35:D5:B3:91:7C:EE:87:DC:A9:36 Authority key identifier: FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 Certificate issuer: /CN=ff6b3361a1a2a00dbce319019827febb715bd044 Certificate serial: 019AF1D23A3EE6357831176F829C909381B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft Manifest number: 16C4 Signing time: Sat 06 Dec 2025 04:01:17 +0000 Manifest this update: Sat 06 Dec 2025 04:01:17 +0000 Manifest next update: Sun 07 Dec 2025 04:01:17 +0000 Files and hashes: 1: WWNEma98vqvt3aWub4KvZrisRPY.roa (hash: 8ej/FxtmoHvT2+4JYPncO9OF+5JwUWMEm2sRynTw/0U=) 2: _2szYaGioA284xkBmCf-u3Fb0EQ.crl (hash: cY/kV5heN6wguuj7W6o7e7EtPwL1ShN/9RPz2MOEU3c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:3a:3e:e6:35:78:31:17:6f:82:9c:90:93:81:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff6b3361a1a2a00dbce319019827febb715bd044 Validity Not Before: Dec 6 04:01:17 2025 GMT Not After : Dec 7 04:01:17 2025 GMT Subject: CN=a6c831645861f325bfc835d5b3917cee87dca936 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6d:b9:d4:a9:06:70:75:89:f9:ad:02:31:b9: 81:c0:20:80:b3:dc:c1:71:3d:48:79:06:62:7a:d5: 33:89:47:83:a9:1e:bf:98:01:33:c4:fb:9b:bc:be: e4:ce:ef:df:93:dc:4b:b8:5f:20:4c:47:fc:6a:8c: e8:20:2f:bc:30:31:ce:2d:57:5b:3e:0b:26:8f:1c: 99:83:ae:2d:fd:84:b0:73:99:40:7a:c6:8e:37:de: ce:50:12:ed:6d:0a:13:d0:0b:46:74:50:04:73:9c: 8b:55:bf:b4:2f:e6:a1:b0:5e:e3:c3:8d:c5:b5:3d: 8d:f9:de:6b:6b:74:9c:17:a5:ad:93:17:f5:61:da: 57:f6:fd:d6:c8:7e:8d:7b:41:6d:93:38:a5:4d:ad: d7:a9:8b:02:df:6a:81:ed:2a:4e:5d:90:3b:03:d0: aa:f5:6b:56:77:c6:74:50:47:3a:05:76:7b:c7:c3: 2c:a9:4f:c3:c8:11:e4:bd:63:03:7a:d7:f0:76:b2: 76:c4:c1:22:db:f6:74:60:0f:3f:5c:29:dc:42:4b: 02:02:f4:25:b3:74:f6:17:6b:6e:ba:7a:fc:7b:bb: 88:ed:2c:dd:47:c5:c4:ec:90:72:2f:62:f6:30:45: d3:be:96:51:e2:79:6d:88:b6:fa:51:2b:95:73:5c: 70:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:C8:31:64:58:61:F3:25:BF:C8:35:D5:B3:91:7C:EE:87:DC:A9:36 X509v3 Authority Key Identifier: keyid:FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:8d:a4:87:7c:ad:8c:f8:98:a9:1d:5c:dc:9a:3d:2b:de:9f: 34:df:a2:36:52:71:70:41:d6:c2:46:05:e0:82:70:89:03:40: 6e:49:2f:98:6c:78:16:99:4c:19:c0:3f:26:ff:13:4b:86:37: 68:7a:11:15:19:2b:d0:d3:ab:ed:d5:1c:07:60:be:46:08:f7: 24:6c:76:cb:5e:03:b6:33:90:29:de:23:3a:17:73:75:4b:89: f9:c8:e4:0d:b6:54:99:8e:ba:d0:82:06:98:f3:b9:1b:bd:b2: 40:29:f3:55:f5:1e:cf:db:b4:28:1e:1c:8b:68:3c:0d:e8:b2: f4:1f:5e:b9:62:63:6d:67:50:3e:a4:fb:7c:2b:46:96:31:df: 1e:5b:45:34:d9:f3:f4:b4:e4:a4:6c:3e:dc:18:85:ce:fa:6e: 0f:46:8d:cd:63:61:6e:7a:0f:04:45:cd:27:33:fb:17:14:bb: 65:a9:4b:24:25:45:3c:5c:8f:8d:03:77:30:eb:28:df:6b:68: e8:1d:8e:f7:10:54:6b:9b:bf:eb:0e:d0:81:32:dd:e3:4f:c7: 0f:20:37:1d:61:c5:5b:2c:af:54:d4:c0:75:fe:fd:e7:36:34: 9f:73:01:cb:ae:cd:bb:3b:ac:58:fc:19:25:87:da:70:2c:31: 19:06:fa:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0jo+5jV4MRdvgpyQk4GxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNmIzMzYxYTFhMmEwMGRiY2UzMTkwMTk4MjdmZWJiNzE1 YmQwNDQwHhcNMjUxMjA2MDQwMTE3WhcNMjUxMjA3MDQwMTE3WjAzMTEwLwYDVQQD EyhhNmM4MzE2NDU4NjFmMzI1YmZjODM1ZDViMzkxN2NlZTg3ZGNhOTM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW251KkGcHWJ+a0CMbmBwCCAs9zB cT1IeQZietUziUeDqR6/mAEzxPubvL7kzu/fk9xLuF8gTEf8aozoIC+8MDHOLVdb PgsmjxyZg64t/YSwc5lAesaON97OUBLtbQoT0AtGdFAEc5yLVb+0L+ahsF7jw43F tT2N+d5ra3ScF6Wtkxf1YdpX9v3WyH6Ne0FtkzilTa3XqYsC32qB7SpOXZA7A9Cq 9WtWd8Z0UEc6BXZ7x8MsqU/DyBHkvWMDetfwdrJ2xMEi2/Z0YA8/XCncQksCAvQl s3T2F2tuunr8e7uI7SzdR8XE7JByL2L2MEXTvpZR4nltiLb6USuVc1xwtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKbIMWRYYfMlv8g11bORfO6H3Kk2MB8GA1UdIwQY MBaAFP9rM2GhoqANvOMZAZgn/rtxW9BEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUt ZjYyMzIwOTUxYTM2LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUtZjYyMzIwOTUxYTM2 LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj42kh3yt jPiYqR1c3Jo9K96fNN+iNlJxcEHWwkYF4IJwiQNAbkkvmGx4FplMGcA/Jv8TS4Y3 aHoRFRkr0NOr7dUcB2C+Rgj3JGx2y14DtjOQKd4jOhdzdUuJ+cjkDbZUmY660IIG mPO5G72yQCnzVfUez9u0KB4ci2g8Deiy9B9euWJjbWdQPqT7fCtGljHfHltFNNnz 9LTkpGw+3BiFzvpuD0aNzWNhbnoPBEXNJzP7FxS7ZalLJCVFPFyPjQN3MOso32to 6B2O9xBUa5u/6w7QgTLd40/HDyA3HWHFWyyvVNTAdf795zY0n3MBy67NuzusWPwZ JYfacCwxGQb6oQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:09:52 2025 by rpki-client