This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft File: 2DLajUWISdX0C6bwuSCPhYXZ4j4.mft (raw, json) Hash identifier: OAITOiFCnGLNFYf1/6qaW3B7YuugPZ3RqTc3SSTqfcM= Subject key identifier: 82:8D:7E:44:46:5D:37:CF:A6:FD:F2:BF:16:DF:3C:98:00:C0:E7:0C Authority key identifier: D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E Certificate issuer: /CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e Certificate serial: 019AF2768199EE9F2EB04E4EA188976A1EB9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 07:00:43 +0000 Manifest this update: Sat 06 Dec 2025 07:00:43 +0000 Manifest next update: Sun 07 Dec 2025 07:00:43 +0000 Files and hashes: 1: 0LdCYiyoo_rQZDLAQK9EXmWdrLs.roa (hash: ii+DUPaWPj2PKPLgx9rgU4vJhM6MjQajOc4FBEHl1O8=) 2: 2DLajUWISdX0C6bwuSCPhYXZ4j4.crl (hash: 0u8DJ5wEj3F9OdMJ47G+bEL+Dv1hpQBLAEQZQHFBPgE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:81:99:ee:9f:2e:b0:4e:4e:a1:88:97:6a:1e:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e Validity Not Before: Dec 6 07:00:43 2025 GMT Not After : Dec 7 07:00:43 2025 GMT Subject: CN=828d7e44465d37cfa6fdf2bf16df3c9800c0e70c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:93:a5:34:bb:2d:3c:2a:6c:56:9e:6d:13:b3: ac:b9:ea:05:28:97:4f:78:d0:4e:24:24:45:a5:71: ee:6c:e0:51:06:f0:dc:0a:51:6a:6f:94:2a:d8:51: 2e:3e:a7:63:28:e3:11:54:e5:84:5b:ec:65:18:60: 8c:e6:bd:7d:71:a1:be:e6:ec:f2:72:76:23:39:2f: 19:69:8d:e3:c5:23:0f:52:00:c2:06:3f:dc:d2:92: 25:6e:69:c6:c3:7a:bd:fe:a7:fa:fe:36:e1:d3:05: 32:93:ce:62:22:5f:c9:bc:df:20:fd:07:01:61:13: 39:a3:9c:7d:13:f0:a5:2c:da:e1:0e:6b:e5:14:3d: 84:40:2e:59:31:42:46:c4:19:18:cd:43:6f:1b:94: 1a:e3:30:01:52:30:dd:41:b6:9f:3d:fa:e8:f4:7c: 43:fd:b3:31:e8:fb:68:a4:42:7a:62:ba:27:84:35: bc:83:9e:b1:cb:f5:9b:29:cf:7f:8a:5b:97:93:30: 15:21:0a:be:72:83:b6:9f:88:d8:17:8c:ae:52:0b: 08:90:fe:e0:82:cd:9f:04:e2:58:8e:79:40:49:c5: 5c:40:56:c9:bd:82:67:28:a7:f3:27:bc:cd:c6:d6: 25:79:e3:11:3b:2a:11:7b:b9:0f:12:78:b9:d3:f3: ef:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:8D:7E:44:46:5D:37:CF:A6:FD:F2:BF:16:DF:3C:98:00:C0:E7:0C X509v3 Authority Key Identifier: keyid:D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:f3:db:87:1b:fe:a1:73:01:76:7c:b5:ef:a1:98:22:7f:8b: de:cb:44:00:f3:9b:77:69:fe:7d:af:3d:37:3a:01:58:09:95: 27:a4:53:51:63:aa:e7:2e:24:be:f8:16:d6:c1:06:f3:ea:b7: 19:01:95:b4:f7:cb:c0:47:87:af:a7:30:88:35:50:9d:22:6e: e6:5c:a1:dd:da:f1:af:91:12:8e:f7:20:7d:91:be:96:01:97: d5:9e:b5:a5:a7:da:1e:b0:35:6e:c8:bf:51:53:6b:f1:02:4f: 1e:ae:68:8d:db:8f:44:e9:47:94:0b:24:21:61:df:d1:c4:3b: e3:38:6f:f2:ff:f2:5b:2f:04:7b:d8:fb:d5:82:77:b7:1e:a2: 07:5d:94:cb:d3:52:4c:f4:31:51:f6:26:49:1d:c1:c6:51:04: 4b:a9:9d:38:54:30:c0:a5:cb:22:f1:f1:52:f7:ce:1b:c5:02: c4:e1:ed:d8:37:ef:5a:c0:e1:da:c4:08:72:17:ff:46:4e:68: 38:cd:db:24:46:89:6a:d1:ac:3e:0b:b9:b3:69:b1:bc:27:77: 08:37:ae:7d:19:af:18:62:7f:9f:19:96:ed:4b:49:a0:50:d3: 3e:4e:67:d9:53:65:30:48:7f:97:e4:a9:61:f6:c9:dc:8c:96: ef:23:59:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydoGZ7p8usE5OoYiXah65MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MzJkYThkNDU4ODQ5ZDVmNDBiYTZmMGI5MjA4Zjg1ODVk OWUyM2UwHhcNMjUxMjA2MDcwMDQzWhcNMjUxMjA3MDcwMDQzWjAzMTEwLwYDVQQD Eyg4MjhkN2U0NDQ2NWQzN2NmYTZmZGYyYmYxNmRmM2M5ODAwYzBlNzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZOlNLstPCpsVp5tE7OsueoFKJdP eNBOJCRFpXHubOBRBvDcClFqb5Qq2FEuPqdjKOMRVOWEW+xlGGCM5r19caG+5uzy cnYjOS8ZaY3jxSMPUgDCBj/c0pIlbmnGw3q9/qf6/jbh0wUyk85iIl/JvN8g/QcB YRM5o5x9E/ClLNrhDmvlFD2EQC5ZMUJGxBkYzUNvG5Qa4zABUjDdQbafPfro9HxD /bMx6PtopEJ6YronhDW8g56xy/WbKc9/iluXkzAVIQq+coO2n4jYF4yuUgsIkP7g gs2fBOJYjnlAScVcQFbJvYJnKKfzJ7zNxtYleeMROyoRe7kPEni50/PvzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIKNfkRGXTfPpv3yvxbfPJgAwOcMMB8GA1UdIwQY MBaAFNgy2o1FiEnV9Aum8Lkgj4WF2eI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYt Yzk5Nzk1ZjM4ODVmLzEvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYtYzk5Nzk1ZjM4ODVm LzEvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXPPbhxv+ oXMBdny176GYIn+L3stEAPObd2n+fa89NzoBWAmVJ6RTUWOq5y4kvvgW1sEG8+q3 GQGVtPfLwEeHr6cwiDVQnSJu5lyh3drxr5ESjvcgfZG+lgGX1Z61pafaHrA1bsi/ UVNr8QJPHq5ojduPROlHlAskIWHf0cQ74zhv8v/yWy8Ee9j71YJ3tx6iB12Uy9NS TPQxUfYmSR3BxlEES6mdOFQwwKXLIvHxUvfOG8UCxOHt2DfvWsDh2sQIchf/Rk5o OM3bJEaJatGsPgu5s2mxvCd3CDeufRmvGGJ/nxmW7UtJoFDTPk5n2VNlMEh/l+Sp YfbJ3IyW7yNZ3Q== -----END CERTIFICATE-----Generated at Sat Dec 6 10:00:51 2025 by rpki-client