This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft File: 2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json) Hash identifier: EjwyYHO4vgGD234fCJ4HZumzX1ucUodVV2mwc7JaTnA= Subject key identifier: 4D:C6:22:BB:DF:22:F9:3C:01:00:3C:7F:E5:A1:31:7B:9B:42:F7:20 Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD Certificate issuer: /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd Certificate serial: 019AF0BF377FCF2E1BCA2EA33338FD593A66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft Manifest number: 04C6 Signing time: Fri 05 Dec 2025 23:00:54 +0000 Manifest this update: Fri 05 Dec 2025 23:00:54 +0000 Manifest next update: Sat 06 Dec 2025 23:00:54 +0000 Files and hashes: 1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: 77hiEV3FzFu8kSHox1UlrdDhmXZgj/WoQQhG8zDYCQI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:37:7f:cf:2e:1b:ca:2e:a3:33:38:fd:59:3a:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd Validity Not Before: Dec 5 23:00:54 2025 GMT Not After : Dec 6 23:00:54 2025 GMT Subject: CN=4dc622bbdf22f93c01003c7fe5a1317b9b42f720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:12:7d:73:a5:29:3d:9c:e5:30:6f:05:01:ee: 87:ae:04:38:52:ad:53:1a:99:53:89:60:58:fc:50: 96:b7:44:30:fb:dd:08:ce:d1:7d:40:f7:4b:49:c4: 45:9a:ba:d3:6f:e6:a5:44:2b:3c:ef:83:af:31:31: ef:13:0c:5a:f1:c8:e6:81:47:77:5d:33:a9:46:33: 0a:84:82:2f:bf:84:33:6e:fa:75:90:19:dd:35:7d: 58:c6:d8:e7:09:67:1f:4e:be:46:e6:58:e2:f8:5a: 38:94:55:17:98:8a:a9:68:9c:45:26:3f:6d:3d:7d: 5a:cd:d9:c0:6b:b2:01:cf:c5:fe:ef:c8:6a:56:48: f8:12:a2:5b:14:2e:fe:cd:1b:08:78:5e:60:62:d3: af:65:ec:5f:a6:a3:d6:bb:ea:a7:68:a2:58:22:92: 23:f0:9b:a5:ee:f3:58:44:0b:ca:ff:19:b6:e5:f8: 07:2c:c3:c4:6d:91:b0:3e:48:f7:22:2a:a7:2b:a5: e9:3c:16:7b:97:3c:9a:9d:1f:40:04:c5:b1:71:f3: 9d:b1:e2:14:83:fe:94:88:66:c6:d0:a8:47:e8:66: 1d:01:e1:07:d3:b1:03:4c:7e:e3:99:51:40:dd:c5: 2b:09:8e:54:7d:75:f8:db:ec:24:e4:e4:e3:72:a0: 24:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:C6:22:BB:DF:22:F9:3C:01:00:3C:7F:E5:A1:31:7B:9B:42:F7:20 X509v3 Authority Key Identifier: keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:b3:bb:c8:9d:df:59:99:db:65:b6:fc:5a:52:a4:3f:05:91: 79:43:8a:ba:53:81:f0:a9:64:de:b9:2b:a6:a1:c4:73:04:06: 25:5d:e5:58:f0:5a:ad:0f:92:27:32:33:18:1d:d6:c8:65:e8: 08:79:86:53:c6:be:f8:e7:6d:5d:7e:3a:e9:a1:a8:11:4f:fc: 47:aa:79:30:2b:33:54:a7:86:0a:2d:57:db:f8:21:b3:1b:e5: a2:35:24:ff:1e:a1:6a:f3:55:22:35:ea:8c:24:12:ab:5d:c9: b3:a2:7f:d7:df:98:40:0b:cf:80:fc:4f:70:cd:53:2e:8d:95: 34:3c:6d:6d:1a:16:ea:0b:6b:57:ff:75:f1:03:4a:74:0f:09: d1:ef:81:a4:f7:66:d5:4d:e8:21:39:ea:e7:85:60:14:03:9e: aa:1c:c4:ad:8a:db:f3:a9:c3:cf:68:47:2e:0c:06:0f:5d:96: 06:e5:80:b1:47:80:92:e7:62:52:04:cc:0a:e6:e8:21:bd:2c: c6:3e:c6:63:10:d7:d1:9e:0d:30:71:f8:6c:41:16:d6:be:24: e7:b9:2f:38:2c:3e:af:ef:c3:4d:25:16:c6:66:45:3e:71:62: ed:cf:b2:65:61:c7:49:f4:cd:3e:84:26:0f:dd:5a:3b:9e:22: db:79:50:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvzd/zy4byi6jMzj9WTpmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2 NjIyY2QwHhcNMjUxMjA1MjMwMDU0WhcNMjUxMjA2MjMwMDU0WjAzMTEwLwYDVQQD Eyg0ZGM2MjJiYmRmMjJmOTNjMDEwMDNjN2ZlNWExMzE3YjliNDJmNzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBJ9c6UpPZzlMG8FAe6HrgQ4Uq1T GplTiWBY/FCWt0Qw+90IztF9QPdLScRFmrrTb+alRCs874OvMTHvEwxa8cjmgUd3 XTOpRjMKhIIvv4Qzbvp1kBndNX1YxtjnCWcfTr5G5lji+Fo4lFUXmIqpaJxFJj9t PX1azdnAa7IBz8X+78hqVkj4EqJbFC7+zRsIeF5gYtOvZexfpqPWu+qnaKJYIpIj 8Jul7vNYRAvK/xm25fgHLMPEbZGwPkj3IiqnK6XpPBZ7lzyanR9ABMWxcfOdseIU g/6UiGbG0KhH6GYdAeEH07EDTH7jmVFA3cUrCY5UfXX42+wk5OTjcqAkcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE3GIrvfIvk8AQA8f+WhMXubQvcgMB8GA1UdIwQY MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5 LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFLO7yJ3f WZnbZbb8WlKkPwWReUOKulOB8Klk3rkrpqHEcwQGJV3lWPBarQ+SJzIzGB3WyGXo CHmGU8a++OdtXX466aGoEU/8R6p5MCszVKeGCi1X2/ghsxvlojUk/x6havNVIjXq jCQSq13Js6J/19+YQAvPgPxPcM1TLo2VNDxtbRoW6gtrV/918QNKdA8J0e+BpPdm 1U3oITnq54VgFAOeqhzErYrb86nDz2hHLgwGD12WBuWAsUeAkudiUgTMCuboIb0s xj7GYxDX0Z4NMHH4bEEW1r4k57kvOCw+r+/DTSUWxmZFPnFi7c+yZWHHSfTNPoQm D91aO54i23lQMw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:59:57 2025 by rpki-client