This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft File: 2LlxoaILZPFCUYAfj0NKQHX36pE.mft (raw, json) Hash identifier: qwNKGwSQfz4+XQsQz3lW3tkY88e0Oq9SdFJoG1FyXz8= Subject key identifier: 3E:74:64:27:37:CF:32:28:17:5F:B3:6E:13:06:10:72:6C:44:93:26 Authority key identifier: D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91 Certificate issuer: /CN=d8b971a1a20b64f14251801f8f434a4075f7ea91 Certificate serial: 019AF164485F23072E6CFE0B66211077AD2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft Manifest number: 0410 Signing time: Sat 06 Dec 2025 02:01:12 +0000 Manifest this update: Sat 06 Dec 2025 02:01:12 +0000 Manifest next update: Sun 07 Dec 2025 02:01:12 +0000 Files and hashes: 1: 2LlxoaILZPFCUYAfj0NKQHX36pE.crl (hash: s/v1Gg5GqGv4Jsfu8TNxpGYr3/ZxWELd/jMp2AR2qq4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:48:5f:23:07:2e:6c:fe:0b:66:21:10:77:ad:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8b971a1a20b64f14251801f8f434a4075f7ea91 Validity Not Before: Dec 6 02:01:12 2025 GMT Not After : Dec 7 02:01:12 2025 GMT Subject: CN=3e74642737cf3228175fb36e130610726c449326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:2b:aa:50:89:94:87:d4:ea:34:64:29:af:21: cc:04:0a:0f:9e:0b:1b:9c:33:9e:7a:3d:a8:d6:5f: ec:03:5a:3f:95:f9:d1:89:f0:ba:22:57:cd:61:96: 7b:9d:31:4d:b4:ec:7a:6d:e4:a7:a7:41:b7:97:6c: b7:4c:ab:a2:6f:ec:e7:0e:9d:61:e2:2a:99:4c:fd: cf:43:be:f2:6f:aa:08:b8:6e:cd:51:cc:fb:33:b6: ee:57:18:39:98:d0:a4:31:4e:a8:de:09:80:de:7f: 81:68:14:d7:17:98:68:a1:cd:da:06:40:92:01:72: ea:d0:3e:cf:f3:35:e7:33:4d:bd:90:40:4b:92:9e: 76:b2:9f:aa:69:f5:22:ad:9e:f0:82:b6:42:d2:54: 88:50:5d:01:95:49:5c:87:2f:ad:ba:96:6a:31:3d: a6:66:63:91:51:0d:47:89:ee:18:9b:07:98:45:39: 5c:97:14:5c:75:1c:79:25:66:47:ae:85:57:af:2e: 26:d1:1a:fe:55:36:0c:26:2f:f9:1e:67:64:e7:f2: 19:1b:f3:a7:6f:40:a2:7c:f5:68:50:1f:68:c7:a7: 56:32:14:dc:21:1e:92:0e:6c:1b:1f:45:16:75:1a: 13:9a:35:94:23:e4:e2:ec:62:f8:c5:4d:cc:16:a0: 9a:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:74:64:27:37:CF:32:28:17:5F:B3:6E:13:06:10:72:6C:44:93:26 X509v3 Authority Key Identifier: keyid:D8:B9:71:A1:A2:0B:64:F1:42:51:80:1F:8F:43:4A:40:75:F7:EA:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LlxoaILZPFCUYAfj0NKQHX36pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9bd669-2abb-499b-a91f-4445a4d786d4/1/2LlxoaILZPFCUYAfj0NKQHX36pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:73:78:ae:60:0c:b0:57:7b:64:3a:d5:7e:db:ec:9d:b8:d9: 6f:ff:2f:8c:46:4a:f4:f2:d0:51:ca:50:1d:d7:d0:0e:0a:11: 74:f1:09:e8:14:7e:2c:2b:97:81:c2:51:dd:7f:a7:1e:5c:af: 22:0f:45:6f:75:a1:77:b6:23:00:f8:2c:22:48:65:76:33:33: e5:25:08:ac:6d:5d:9b:f6:f2:c9:59:9a:cd:a4:b2:67:b6:92: d1:86:ff:22:a3:c0:c9:dd:15:60:eb:5d:82:c4:5f:a7:22:d6: 6b:77:89:8c:1f:37:2f:67:70:fa:5b:05:8a:19:03:31:73:b9: bd:30:89:41:29:55:5c:b1:97:12:f9:4d:d2:f5:aa:66:52:34: cb:50:8b:14:89:2a:1d:6a:e4:d5:13:47:6a:24:b4:16:4a:91: d2:da:06:7b:2d:eb:b1:9d:4a:59:45:21:88:b4:1c:6a:6d:f8: 06:b5:fa:32:4c:00:1f:5a:bd:ce:bb:87:69:d8:57:6c:a0:8a: 48:e0:ad:bf:e6:48:44:6d:18:35:3a:8b:62:09:1e:db:c0:8d: d1:ce:73:58:28:17:be:a6:b8:2c:17:76:af:1c:3b:93:c1:3d: 80:8e:e8:e1:2b:72:42:70:52:28:54:35:64:30:6d:b9:4c:49: 69:ff:03:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZEhfIwcubP4LZiEQd60vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4Yjk3MWExYTIwYjY0ZjE0MjUxODAxZjhmNDM0YTQwNzVm N2VhOTEwHhcNMjUxMjA2MDIwMTEyWhcNMjUxMjA3MDIwMTEyWjAzMTEwLwYDVQQD EygzZTc0NjQyNzM3Y2YzMjI4MTc1ZmIzNmUxMzA2MTA3MjZjNDQ5MzI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSuqUImUh9TqNGQpryHMBAoPngsb nDOeej2o1l/sA1o/lfnRifC6IlfNYZZ7nTFNtOx6beSnp0G3l2y3TKuib+znDp1h 4iqZTP3PQ77yb6oIuG7NUcz7M7buVxg5mNCkMU6o3gmA3n+BaBTXF5hooc3aBkCS AXLq0D7P8zXnM029kEBLkp52sp+qafUirZ7wgrZC0lSIUF0BlUlchy+tupZqMT2m ZmORUQ1Hie4YmweYRTlclxRcdRx5JWZHroVXry4m0Rr+VTYMJi/5Hmdk5/IZG/On b0CifPVoUB9ox6dWMhTcIR6SDmwbH0UWdRoTmjWUI+Ti7GL4xU3MFqCaSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD50ZCc3zzIoF1+zbhMGEHJsRJMmMB8GA1UdIwQY MBaAFNi5caGiC2TxQlGAH49DSkB19+qRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYt NDQ0NWE0ZDc4NmQ0LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS85YmQ2NjktMmFiYi00OTliLWE5MWYtNDQ0NWE0ZDc4NmQ0 LzEvMkxseG9hSUxaUEZDVVlBZmowTktRSFgzNnBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJXN4rmAM sFd7ZDrVftvsnbjZb/8vjEZK9PLQUcpQHdfQDgoRdPEJ6BR+LCuXgcJR3X+nHlyv Ig9Fb3Whd7YjAPgsIkhldjMz5SUIrG1dm/byyVmazaSyZ7aS0Yb/IqPAyd0VYOtd gsRfpyLWa3eJjB83L2dw+lsFihkDMXO5vTCJQSlVXLGXEvlN0vWqZlI0y1CLFIkq HWrk1RNHaiS0FkqR0toGey3rsZ1KWUUhiLQcam34BrX6MkwAH1q9zruHadhXbKCK SOCtv+ZIRG0YNTqLYgke28CN0c5zWCgXvqa4LBd2rxw7k8E9gI7o4StyQnBSKFQ1 ZDBtuUxJaf8Dww== -----END CERTIFICATE-----Generated at Sat Dec 6 11:30:51 2025 by rpki-client