This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft File: 2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json) Hash identifier: qNMbzWgZ/n2xwuE+wxY71+x4Mo9rxaEGSxodYfs6cno= Subject key identifier: BF:8A:66:D5:EA:21:C1:98:DC:7A:A2:9E:66:66:6B:F6:0D:68:21:C6 Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61 Certificate issuer: /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61 Certificate serial: 019B360E83910A34E873E5CAE21FBF601282 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft Manifest number: 1250 Signing time: Fri 19 Dec 2025 10:01:19 +0000 Manifest this update: Fri 19 Dec 2025 10:01:19 +0000 Manifest next update: Sat 20 Dec 2025 10:01:19 +0000 Files and hashes: 1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: WfBKkaekzqlAg+XKGiV7qaZdarxqPvCvjaUSPyV0t4k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:0e:83:91:0a:34:e8:73:e5:ca:e2:1f:bf:60:12:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61 Validity Not Before: Dec 19 10:01:19 2025 GMT Not After : Dec 20 10:01:19 2025 GMT Subject: CN=bf8a66d5ea21c198dc7aa29e66666bf60d6821c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:90:b3:c0:e2:63:96:19:6c:bd:17:71:5d:80: f3:91:a3:e5:9d:b0:ac:d5:26:0f:cf:c6:6c:a7:b8: cd:f4:9e:a9:3c:d2:c8:ae:53:76:f9:75:5c:10:7e: be:31:ac:3d:9a:0c:d7:9a:07:0c:8e:e9:26:ae:69: 7f:94:ed:04:67:53:0c:3f:fe:4e:f3:47:6e:0d:8e: fe:22:41:79:45:6d:77:91:4b:4f:8b:05:ff:1b:48: 54:20:9f:24:61:46:9e:4d:d6:3d:9b:c1:94:09:9d: 1f:e8:3b:d5:d6:b7:1b:f8:64:73:fa:86:48:ca:59: d1:97:79:71:d2:a2:d6:61:78:16:72:2a:0d:41:02: 68:db:64:9e:c3:d8:b3:d2:51:ad:08:7f:62:88:a8: d4:0b:c4:20:8d:38:95:da:73:6d:6a:3e:e9:38:0d: f7:c4:ee:c4:d3:1f:cb:8c:ca:9a:57:47:ac:34:29: 96:f4:df:ca:18:54:05:de:e5:7d:b0:8e:76:60:2d: 79:b9:fe:f1:62:f3:8f:e5:0a:8c:bf:6c:2b:35:f2: 14:d0:c3:fd:f7:d0:1b:86:95:f1:be:e4:0f:f4:89: 93:ae:6e:3e:1a:60:43:4f:2b:1f:27:0c:76:93:cf: 92:2a:29:92:9a:f4:50:fe:d4:45:cd:8a:8d:d3:71: 2c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:8A:66:D5:EA:21:C1:98:DC:7A:A2:9E:66:66:6B:F6:0D:68:21:C6 X509v3 Authority Key Identifier: keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:88:3c:a3:f9:b1:33:56:b9:aa:a6:9d:da:92:30:d5:98:a7: 83:06:91:d8:9d:3c:9f:38:b2:e6:40:b1:5a:55:ad:e0:3c:7d: fe:b7:0e:66:58:2a:1b:7d:4f:2e:e0:c5:57:54:46:ae:ad:e3: 67:21:1c:54:bb:4a:8d:80:39:39:cb:4f:74:d0:5c:4d:88:a8: 75:50:c0:45:39:61:a3:c1:a5:f9:8d:a4:1e:50:57:39:d5:76: 35:31:7d:0d:b2:a9:5e:9c:c8:11:a0:69:1a:9a:a5:ef:b3:12: 30:ee:3a:b8:c0:86:0c:d4:6e:41:25:0a:78:ec:9a:a1:f6:f4: 2c:d3:bc:44:5e:3c:08:99:54:b0:90:4e:af:b4:cc:23:be:57: cc:1b:f3:ad:98:65:0f:8b:a9:12:11:67:4d:36:c5:62:42:26: d4:29:44:35:de:26:a5:77:a7:05:02:3e:e4:4b:73:62:f5:a0: f9:bb:0c:83:6c:36:3d:4c:6f:2c:d6:52:98:c0:ed:d1:91:2f: 66:24:f1:a4:60:81:2f:3a:01:90:97:a1:5d:82:95:a2:f8:40: cc:bf:28:f0:92:ea:aa:5e:06:fa:03:e3:f0:42:72:f1:3a:57: 52:34:91:2f:b9:ee:f4:bb:70:7c:dc:dd:96:8a:a1:2f:f8:b3: f5:95:4b:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2DoORCjToc+XK4h+/YBKCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl ZjFjNjEwHhcNMjUxMjE5MTAwMTE5WhcNMjUxMjIwMTAwMTE5WjAzMTEwLwYDVQQD EyhiZjhhNjZkNWVhMjFjMTk4ZGM3YWEyOWU2NjY2NmJmNjBkNjgyMWM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJCzwOJjlhlsvRdxXYDzkaPlnbCs 1SYPz8Zsp7jN9J6pPNLIrlN2+XVcEH6+Maw9mgzXmgcMjukmrml/lO0EZ1MMP/5O 80duDY7+IkF5RW13kUtPiwX/G0hUIJ8kYUaeTdY9m8GUCZ0f6DvV1rcb+GRz+oZI ylnRl3lx0qLWYXgWcioNQQJo22Sew9iz0lGtCH9iiKjUC8QgjTiV2nNtaj7pOA33 xO7E0x/LjMqaV0esNCmW9N/KGFQF3uV9sI52YC15uf7xYvOP5QqMv2wrNfIU0MP9 99AbhpXxvuQP9ImTrm4+GmBDTysfJwx2k8+SKimSmvRQ/tRFzYqN03EsoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL+KZtXqIcGY3HqinmZma/YNaCHGMB8GA1UdIwQY MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALYg8o/mx M1a5qqad2pIw1ZingwaR2J08nziy5kCxWlWt4Dx9/rcOZlgqG31PLuDFV1RGrq3j ZyEcVLtKjYA5OctPdNBcTYiodVDARTlho8Gl+Y2kHlBXOdV2NTF9DbKpXpzIEaBp Gpql77MSMO46uMCGDNRuQSUKeOyaofb0LNO8RF48CJlUsJBOr7TMI75XzBvzrZhl D4upEhFnTTbFYkIm1ClENd4mpXenBQI+5EtzYvWg+bsMg2w2PUxvLNZSmMDt0ZEv ZiTxpGCBLzoBkJehXYKVovhAzL8o8JLqql4G+gPj8EJy8TpXUjSRL7nu9LtwfNzd loqhL/iz9ZVL1A== -----END CERTIFICATE-----Generated at Fri Dec 19 15:06:10 2025 by rpki-client