This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft File: 2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json) Hash identifier: dYw9D6bEzNwIPYEhTtQzrP7CicDGTXQpiGW/Vvvzs3I= Subject key identifier: FA:8D:91:1C:01:38:CD:1C:E3:8E:78:1D:34:A4:93:14:0C:4F:CA:29 Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41 Certificate issuer: /CN=d9b37a38ce887d37636046aef387a1c233152e41 Certificate serial: 019AF12CF9E8B4B8AFD916EE7BFB71B61EA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft Manifest number: 07F2 Signing time: Sat 06 Dec 2025 01:00:47 +0000 Manifest this update: Sat 06 Dec 2025 01:00:47 +0000 Manifest next update: Sun 07 Dec 2025 01:00:47 +0000 Files and hashes: 1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: TYOWkFqpjHRFZKtd8GDfP6P2aHFcbN4aN+2NTEDUfjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:f9:e8:b4:b8:af:d9:16:ee:7b:fb:71:b6:1e:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41 Validity Not Before: Dec 6 01:00:47 2025 GMT Not After : Dec 7 01:00:47 2025 GMT Subject: CN=fa8d911c0138cd1ce38e781d34a493140c4fca29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:50:67:28:52:1f:8f:83:db:4a:6d:a2:c6:82: 61:b1:98:dd:68:d5:fe:59:18:4e:d1:84:b7:4b:c9: a9:b4:36:33:78:62:e6:17:5c:10:b5:f3:e5:49:9f: 9c:00:eb:e8:b3:5d:4f:98:18:00:6d:c1:ad:db:25: dd:0d:3a:3d:86:a9:19:67:b4:d0:29:e2:b9:71:0d: bd:9a:09:77:2b:41:01:f7:5e:d9:20:ba:37:6a:46: 08:81:8e:f4:5d:e2:7f:dd:cd:eb:1b:9a:8b:a3:b5: af:ba:1d:24:22:22:f3:ba:2b:85:85:ab:46:da:24: e7:37:2d:22:a5:ea:1f:c5:4f:c1:55:bb:6f:8f:23: 8b:56:69:13:84:f1:69:87:45:0a:db:9b:ae:a1:5e: 5c:ea:e2:d4:43:78:42:f8:df:99:5b:25:f2:32:e5: 94:cb:fd:fa:68:39:30:2c:38:31:fc:09:17:49:f4: 85:cb:d4:63:c8:36:10:77:f8:0b:c4:38:91:ee:5f: 6d:63:10:a9:d1:2e:b8:f3:7f:f9:10:b2:c3:a7:6d: ce:5c:b5:cf:8f:77:ce:ed:be:0c:20:e8:6b:ec:a4: 9d:e7:b9:cb:e7:7c:c6:1b:a3:6b:2d:d9:57:fa:45: 16:9b:f6:58:88:c8:f8:ee:36:c4:3f:0a:3f:1e:b3: 55:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:8D:91:1C:01:38:CD:1C:E3:8E:78:1D:34:A4:93:14:0C:4F:CA:29 X509v3 Authority Key Identifier: keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:c6:fd:0c:9b:c0:88:36:6c:ac:b1:95:40:aa:fd:dd:0d:3e: 4e:45:7d:e1:23:45:19:d3:a8:0d:67:c8:1c:c4:70:9c:13:e3: 9e:6d:f9:71:6f:8b:e7:84:d3:f1:f5:0a:02:04:1c:1a:23:54: 16:06:4f:0a:de:8a:00:f1:27:33:58:c3:7b:60:00:7d:5e:cb: 0f:66:38:68:b5:94:35:82:d1:7d:2b:b8:8c:2f:79:dd:e0:05: 62:60:b7:21:df:41:1d:7b:52:79:24:45:5f:4a:6a:e6:33:2c: b3:a9:0a:bb:43:4e:71:76:b0:d0:72:95:81:03:55:3d:90:cf: ca:df:fb:c1:d9:75:c4:df:2d:35:b9:4a:c4:15:f2:ed:a8:a6: e7:dc:06:d4:fa:e1:b5:a3:86:c6:fa:f0:4e:08:39:15:d5:c1: 9d:6c:10:bd:3c:2c:67:22:23:78:d0:3a:da:97:27:fd:5d:ed: 1d:db:25:a7:12:0e:d1:20:88:f4:e2:d1:58:51:d9:53:6c:eb: a2:76:54:45:f6:69:8f:8c:87:3e:db:de:24:63:47:92:e5:da: 44:e8:f9:f2:09:53:fc:df:65:cd:4a:34:85:c0:f4:fe:52:33: 45:92:8a:c8:22:97:cd:8f:09:6d:c7:7b:dd:a1:a4:12:6e:ae: 9b:f3:e7:1e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLPnotLiv2Rbue/txth6pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx NTJlNDEwHhcNMjUxMjA2MDEwMDQ3WhcNMjUxMjA3MDEwMDQ3WjAzMTEwLwYDVQQD EyhmYThkOTExYzAxMzhjZDFjZTM4ZTc4MWQzNGE0OTMxNDBjNGZjYTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1BnKFIfj4PbSm2ixoJhsZjdaNX+ WRhO0YS3S8mptDYzeGLmF1wQtfPlSZ+cAOvos11PmBgAbcGt2yXdDTo9hqkZZ7TQ KeK5cQ29mgl3K0EB917ZILo3akYIgY70XeJ/3c3rG5qLo7Wvuh0kIiLzuiuFhatG 2iTnNy0ipeofxU/BVbtvjyOLVmkThPFph0UK25uuoV5c6uLUQ3hC+N+ZWyXyMuWU y/36aDkwLDgx/AkXSfSFy9RjyDYQd/gLxDiR7l9tYxCp0S6483/5ELLDp23OXLXP j3fO7b4MIOhr7KSd57nL53zGG6NrLdlX+kUWm/ZYiMj47jbEPwo/HrNV2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPqNkRwBOM0c4454HTSkkxQMT8opMB8GA1UdIwQY MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAsb9DJvA iDZsrLGVQKr93Q0+TkV94SNFGdOoDWfIHMRwnBPjnm35cW+L54TT8fUKAgQcGiNU FgZPCt6KAPEnM1jDe2AAfV7LD2Y4aLWUNYLRfSu4jC953eAFYmC3Id9BHXtSeSRF X0pq5jMss6kKu0NOcXaw0HKVgQNVPZDPyt/7wdl1xN8tNblKxBXy7aim59wG1Prh taOGxvrwTgg5FdXBnWwQvTwsZyIjeNA62pcn/V3tHdslpxIO0SCI9OLRWFHZU2zr onZURfZpj4yHPtveJGNHkuXaROj58glT/N9lzUo0hcD0/lIzRZKKyCKXzY8Jbcd7 3aGkEm6um/PnHg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:15:03 2025 by rpki-client