This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft File: 2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json) Hash identifier: 0F0M1uRnMB2Q7Nq8IjLLrUB18vNOZv9aDa5XVIw5SMU= Subject key identifier: 2D:87:70:D8:F1:C1:EB:1F:B8:43:77:B5:E3:29:86:07:A9:26:26:71 Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22 Certificate issuer: /CN=da8da74400c7555aba27c1289fbfb90b33b79a22 Certificate serial: 019AF19A950D3E78D4C4C6C0327C6ECACF57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft Manifest number: 15EE Signing time: Sat 06 Dec 2025 03:00:30 +0000 Manifest this update: Sat 06 Dec 2025 03:00:30 +0000 Manifest next update: Sun 07 Dec 2025 03:00:30 +0000 Files and hashes: 1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: z9yPeDLox2oFDZSP6XQGdW9hOM6m/YGu8o8HhfRRpUo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:95:0d:3e:78:d4:c4:c6:c0:32:7c:6e:ca:cf:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22 Validity Not Before: Dec 6 03:00:30 2025 GMT Not After : Dec 7 03:00:30 2025 GMT Subject: CN=2d8770d8f1c1eb1fb84377b5e3298607a9262671 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:94:d1:9b:19:4f:af:11:8c:65:15:de:5d:6e: 4b:48:95:99:6e:87:8d:64:22:a9:40:51:17:89:39: 30:bb:73:2a:f8:2e:00:4c:e0:dc:c9:83:93:58:75: 60:f3:57:45:6c:3d:c5:dc:6d:45:35:4e:c4:f7:c3: 7a:f5:22:2d:4f:9f:4c:78:94:04:b4:40:24:67:a1: 0f:d7:72:6f:7b:db:45:8f:ac:ac:c5:75:6e:7f:5b: 3f:29:a3:bb:81:78:ea:f7:e7:f5:c6:62:b5:fb:4d: e8:7d:ce:e8:b1:e1:f7:d9:30:98:08:1d:27:9f:7b: de:6f:bc:aa:f3:2c:f7:88:73:47:3c:29:5a:99:d1: 48:eb:38:9a:90:0a:06:96:6c:76:33:17:69:d7:62: b0:49:4e:12:08:db:da:92:08:fc:81:86:e8:c5:1e: f1:74:0b:01:bf:df:cf:28:1e:b5:43:03:61:cd:f3: d3:3d:68:a3:dd:af:98:43:01:89:c5:ab:a6:bf:ab: c2:a9:81:23:d2:43:33:ef:3b:1d:ba:d2:07:3a:bc: e7:3a:6e:02:e1:f2:a7:59:02:9f:8e:06:2a:99:be: 62:ae:87:80:d8:b4:19:a7:eb:92:1b:21:55:47:fe: e8:5f:ca:53:2c:31:2f:05:36:c8:a7:ba:5f:10:dd: a8:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:87:70:D8:F1:C1:EB:1F:B8:43:77:B5:E3:29:86:07:A9:26:26:71 X509v3 Authority Key Identifier: keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:5e:32:53:13:a6:de:fc:5f:d9:90:9c:16:e1:c2:d9:5f:4a: fa:b7:00:36:97:03:ec:a1:68:5a:3c:90:91:aa:a5:11:b4:9c: cb:84:36:aa:ba:4e:a9:78:07:c7:92:25:82:3f:4f:1e:50:3c: 84:3a:a4:d2:15:5c:43:00:b3:a4:7e:bb:74:b0:10:be:a1:fc: 1b:86:5e:81:0d:13:cc:4a:41:15:73:6c:d4:5d:ab:59:cc:71: 17:ad:68:52:3b:e1:bb:75:f5:9d:94:13:18:ab:2d:a2:b4:8f: f3:d0:1e:44:91:e0:d1:95:1d:bd:38:33:35:46:6f:1b:80:50: f2:79:61:78:39:5e:a9:1d:2a:1d:30:8b:14:2f:6a:97:b2:b5: ff:bb:2e:b4:45:d5:2e:14:02:9a:a5:39:f1:a0:37:48:3c:78: 73:c8:ca:ea:34:e6:63:de:b1:0e:ca:c8:32:43:29:c4:14:49: 3e:48:53:68:29:e6:4a:99:e2:ae:59:7f:44:7b:42:c5:3b:ae: 48:93:fd:89:9d:1f:4f:f8:f0:b3:a4:9e:1e:38:3c:bd:a8:5f: 9a:38:af:4e:13:71:78:b7:6b:41:cd:e7:e7:18:22:dc:0e:ae: 56:8b:8e:f4:bf:18:d6:ae:4e:17:8a:08:6a:f0:ff:8e:2e:08: 53:54:bb:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmpUNPnjUxMbAMnxuys9XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi NzlhMjIwHhcNMjUxMjA2MDMwMDMwWhcNMjUxMjA3MDMwMDMwWjAzMTEwLwYDVQQD EygyZDg3NzBkOGYxYzFlYjFmYjg0Mzc3YjVlMzI5ODYwN2E5MjYyNjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZTRmxlPrxGMZRXeXW5LSJWZboeN ZCKpQFEXiTkwu3Mq+C4ATODcyYOTWHVg81dFbD3F3G1FNU7E98N69SItT59MeJQE tEAkZ6EP13Jve9tFj6ysxXVuf1s/KaO7gXjq9+f1xmK1+03ofc7oseH32TCYCB0n n3veb7yq8yz3iHNHPClamdFI6ziakAoGlmx2Mxdp12KwSU4SCNvakgj8gYboxR7x dAsBv9/PKB61QwNhzfPTPWij3a+YQwGJxaumv6vCqYEj0kMz7zsdutIHOrznOm4C 4fKnWQKfjgYqmb5iroeA2LQZp+uSGyFVR/7oX8pTLDEvBTbIp7pfEN2oUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC2HcNjxwesfuEN3teMphgepJiZxMB8GA1UdIwQY MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3 LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADF4yUxOm 3vxf2ZCcFuHC2V9K+rcANpcD7KFoWjyQkaqlEbScy4Q2qrpOqXgHx5Ilgj9PHlA8 hDqk0hVcQwCzpH67dLAQvqH8G4ZegQ0TzEpBFXNs1F2rWcxxF61oUjvhu3X1nZQT GKstorSP89AeRJHg0ZUdvTgzNUZvG4BQ8nlheDleqR0qHTCLFC9ql7K1/7sutEXV LhQCmqU58aA3SDx4c8jK6jTmY96xDsrIMkMpxBRJPkhTaCnmSpnirll/RHtCxTuu SJP9iZ0fT/jws6SeHjg8vahfmjivThNxeLdrQc3n5xgi3A6uVouO9L8Y1q5OF4oI avD/ji4IU1S7SA== -----END CERTIFICATE-----Generated at Sat Dec 6 06:59:01 2025 by rpki-client