This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft File: 2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft (raw, json) Hash identifier: yd7yXeDJualqkftlTpNFgPH2z7Wz34M9Ng+TOQisOIU= Subject key identifier: C6:CF:5C:DA:05:E5:BA:27:2B:C4:2A:5F:CA:D0:C7:68:37:63:E2:F0 Authority key identifier: D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39 Certificate issuer: /CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39 Certificate serial: 019AF31C8FDCCCB283A0C658A7611B248B9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft Manifest number: 0CC8 Signing time: Sat 06 Dec 2025 10:02:06 +0000 Manifest this update: Sat 06 Dec 2025 10:02:06 +0000 Manifest next update: Sun 07 Dec 2025 10:02:06 +0000 Files and hashes: 1: 2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl (hash: DLdv32dcUvRPTQPLAV5DzJalzPKevnsZo2duv3KXrW8=) 2: pEoCff1DtYoEMHzC9EANzQRBsC8.roa (hash: +m2VMtZgdFPS2/0zJPg1ZLBtRhUd6KXSgxAw6jiEMMI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:8f:dc:cc:b2:83:a0:c6:58:a7:61:1b:24:8b:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39 Validity Not Before: Dec 6 10:02:06 2025 GMT Not After : Dec 7 10:02:06 2025 GMT Subject: CN=c6cf5cda05e5ba272bc42a5fcad0c7683763e2f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c7:32:20:b2:c2:84:9f:08:2c:56:a9:87:d2: b0:9f:b2:b6:12:b5:c8:2c:a7:e4:15:d3:0b:fd:17: 83:f0:47:c4:3d:21:25:68:0b:b4:69:d1:66:04:a3: e8:da:65:23:7a:c6:c9:82:08:4e:90:82:19:8f:51: c7:ac:50:13:de:51:86:59:89:78:5a:24:10:e0:0a: b6:71:f8:e1:bf:78:12:1f:f3:46:bf:6e:26:f5:4d: 2d:75:fd:06:ba:ea:74:a1:e5:c5:26:6e:26:54:01: a7:36:60:c2:f6:c0:b8:10:6c:b9:d9:bf:bb:e6:57: ff:f4:c3:74:da:78:23:45:1f:f1:36:d0:69:40:4a: 44:8f:13:c2:78:37:ac:e2:88:eb:35:d3:e4:d1:0b: b1:42:af:72:6a:de:28:04:6d:a9:7d:a3:d9:a5:b8: 60:4e:03:37:80:03:80:9e:e8:2b:87:81:4d:57:c2: ad:bd:7c:10:e6:eb:37:d7:ed:06:f9:19:04:ef:20: f0:e2:86:c6:bc:05:d0:fc:df:79:3a:36:88:49:b0: fc:e8:67:5c:ff:c3:bb:35:ff:0e:f2:50:7e:34:b7: 28:6f:8f:cb:b5:c1:30:82:74:df:10:ad:2b:ac:fe: cb:1c:7e:19:ca:9c:13:56:9a:a1:b0:40:56:36:57: 9e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:CF:5C:DA:05:E5:BA:27:2B:C4:2A:5F:CA:D0:C7:68:37:63:E2:F0 X509v3 Authority Key Identifier: keyid:D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:43:7e:dd:8f:92:07:e2:36:63:e4:f8:10:f7:64:58:9b:56: 7b:33:41:66:69:50:9e:7a:64:3a:dd:7d:69:61:fc:01:e0:da: 3b:08:0d:96:8a:67:64:cd:39:2c:dc:a2:eb:a8:71:b8:a5:48: de:05:cc:6a:5d:4e:7d:d7:1d:e9:f2:95:85:d4:4a:8d:68:68: e4:0a:b9:35:6c:4d:f1:e5:04:8e:b2:30:c1:94:af:00:3d:21: f6:b2:6b:e8:11:0a:30:70:00:4a:5b:dd:2f:8e:cf:57:c7:81: e6:81:10:51:f3:37:9d:09:a9:80:12:24:22:bf:36:10:2f:80: 24:25:56:c6:c2:ef:3c:a0:6c:90:af:b6:89:3b:d9:f9:0a:a2: 8b:7b:3c:79:00:63:d8:e4:b7:90:2f:bb:c9:72:d9:cd:37:52: c8:5f:5a:0d:76:e9:20:ef:10:21:53:d0:84:df:b0:e4:00:95: 86:63:1d:5f:4a:3a:ee:24:f6:c9:b9:7b:e9:1d:96:49:be:f8: 64:db:c2:bb:d1:66:63:99:01:91:9e:2d:ee:10:2d:c5:2f:ca: 5a:e9:04:5b:90:26:83:d2:f6:fd:eb:b0:d1:4a:14:d5:6e:67: f3:15:eb:62:10:50:60:ee:cb:95:0c:9d:16:f0:64:a0:2c:bf: 48:b6:4f:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHI/czLKDoMZYp2EbJIubMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OWI0NGUyYzA1N2YwMWE5OTI2MWY5NGJiZjZkYTFiZjE4 NjVmMzkwHhcNMjUxMjA2MTAwMjA2WhcNMjUxMjA3MTAwMjA2WjAzMTEwLwYDVQQD EyhjNmNmNWNkYTA1ZTViYTI3MmJjNDJhNWZjYWQwYzc2ODM3NjNlMmYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMcyILLChJ8ILFaph9Kwn7K2ErXI LKfkFdML/ReD8EfEPSElaAu0adFmBKPo2mUjesbJgghOkIIZj1HHrFAT3lGGWYl4 WiQQ4Aq2cfjhv3gSH/NGv24m9U0tdf0Guup0oeXFJm4mVAGnNmDC9sC4EGy52b+7 5lf/9MN02ngjRR/xNtBpQEpEjxPCeDes4ojrNdPk0QuxQq9yat4oBG2pfaPZpbhg TgM3gAOAnugrh4FNV8KtvXwQ5us31+0G+RkE7yDw4obGvAXQ/N95OjaISbD86Gdc /8O7Nf8O8lB+NLcob4/LtcEwgnTfEK0rrP7LHH4ZypwTVpqhsEBWNleeyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMbPXNoF5bonK8QqX8rQx2g3Y+LwMB8GA1UdIwQY MBaAFNibROLAV/AamSYflLv22hvxhl85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTkt YjYwZmJiMTRjMTlkLzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTktYjYwZmJiMTRjMTlk LzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkN+3Y+S B+I2Y+T4EPdkWJtWezNBZmlQnnpkOt19aWH8AeDaOwgNlopnZM05LNyi66hxuKVI 3gXMal1Ofdcd6fKVhdRKjWho5Aq5NWxN8eUEjrIwwZSvAD0h9rJr6BEKMHAASlvd L47PV8eB5oEQUfM3nQmpgBIkIr82EC+AJCVWxsLvPKBskK+2iTvZ+Qqii3s8eQBj 2OS3kC+7yXLZzTdSyF9aDXbpIO8QIVPQhN+w5ACVhmMdX0o67iT2ybl76R2WSb74 ZNvCu9FmY5kBkZ4t7hAtxS/KWukEW5Amg9L2/euw0UoU1W5n8xXrYhBQYO7LlQyd FvBkoCy/SLZPDA== -----END CERTIFICATE-----Generated at Sat Dec 6 17:49:37 2025 by rpki-client