This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.mft File: 2nDEQfuJK4yYFlNIhQafzTMAyaQ.mft (raw, json) Hash identifier: WACORNtSBZlU17fB4yZhKKCFwDWBaNI8H6isC/rDrxk= Subject key identifier: AF:75:6C:94:1E:9D:F2:87:3F:C4:55:32:C9:E3:8F:E7:51:B2:B5:9F Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4 Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4 Certificate serial: 019AF088B8601367987475318DD0380E4BFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.mft Manifest number: 0EA4 Signing time: Fri 05 Dec 2025 22:01:23 +0000 Manifest this update: Fri 05 Dec 2025 22:01:23 +0000 Manifest next update: Sat 06 Dec 2025 22:01:23 +0000 Files and hashes: 1: 2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl (hash: FO3xBI+ZIOjWhHDLnK0Wc0CsGLC00SwEDX0K6s7yCcs=) 2: KtlV2YYAuDvLLDrwvVONKNyr5wE.roa (hash: X0ZKW+Jh+LXjVGRNpAiX4HmMGVTvfeCbPgs0XOICV8s=) 3: SRivJZ3NfmTceYbb0X0qedoYDkw.roa (hash: +54ZwqGRotzytN67kFR0epWImuzogdtQhuQ9BjiZR4M=) 4: VEU2Xx_W7oXurM3BP9vIKZCMG4o.roa (hash: o9K/DHxqI5B4HDKoeQx+W7Rwvv3Sj+2t3qcauvi8Xig=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.mft rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:b8:60:13:67:98:74:75:31:8d:d0:38:0e:4b:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4 Validity Not Before: Dec 5 22:01:23 2025 GMT Not After : Dec 6 22:01:23 2025 GMT Subject: CN=af756c941e9df2873fc45532c9e38fe751b2b59f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:80:c3:6f:74:d3:67:b4:f9:60:ff:48:e7:74: c4:fa:7d:75:c6:74:03:cb:6a:92:6a:ce:1e:64:e7: 12:cf:0d:2a:30:3f:cf:41:0c:92:97:78:f6:42:73: 0f:4a:dc:2a:0f:4c:63:41:18:40:d5:f2:00:46:a0: fa:a5:6b:88:78:73:0f:f8:21:a6:28:a9:15:59:e9: dd:28:0e:f9:13:4f:4d:09:96:6d:92:f5:e6:fd:1e: 97:59:26:48:dd:fd:f4:f0:8e:75:b7:f9:57:38:fc: 2d:4b:9b:1a:21:87:1d:33:65:a1:b2:68:ed:d6:13: 11:05:a5:49:4f:38:58:7a:27:98:a8:0b:7e:2e:d5: 16:59:69:54:6c:a4:47:38:fd:f8:c6:29:d8:f3:27: ca:da:b2:41:c9:eb:d0:f9:77:2a:62:f4:17:79:1f: 6d:52:bb:48:2e:b7:5a:46:18:a7:b9:bc:6a:b8:ec: 55:b5:56:6f:49:a3:46:d7:90:66:5b:36:ff:c2:c4: 68:39:58:c0:e7:e6:23:af:78:49:af:d8:65:31:50: 05:aa:79:22:b2:b4:29:a9:41:ae:b4:3b:dd:fc:03: 02:a1:23:97:49:f5:da:52:1a:c6:2f:36:a1:34:ca: 0e:3e:d7:51:6c:00:df:9c:63:99:5d:52:1d:4c:2e: f6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:75:6C:94:1E:9D:F2:87:3F:C4:55:32:C9:E3:8F:E7:51:B2:B5:9F X509v3 Authority Key Identifier: keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:f0:dc:aa:f5:c6:a4:aa:a5:b7:bf:62:8f:19:3a:4a:05:4b: b8:3a:de:7d:08:05:a6:e0:3e:f7:16:2f:2e:18:c1:29:52:43: a8:d1:7e:31:a3:a3:bd:cd:5b:10:13:aa:c7:1d:4d:d8:77:0d: b4:07:12:3f:4f:76:1f:50:49:e1:b5:62:7b:a4:39:1a:67:cc: 03:3d:9a:a7:37:d0:45:77:06:36:14:65:26:a2:2f:1c:56:b9: b0:0f:6c:5f:b8:4e:46:83:04:a9:ea:01:5d:1e:a9:0e:26:39: e3:b3:4d:0a:5e:dc:e4:c9:07:f0:83:da:53:27:2f:46:cb:9d: b8:f1:5f:2f:dd:6a:ab:97:ba:ca:d3:82:15:c2:90:36:b4:53: 51:a2:2f:4e:e7:65:a9:e1:4f:6a:f0:38:3c:41:e8:ff:d4:af: b3:df:1c:81:aa:76:b0:c7:01:73:2e:ad:3e:7b:f2:d0:ab:1f: 25:d9:46:ee:81:f9:d3:cd:3c:58:01:69:6e:ab:2f:ae:b4:e6: fe:84:53:9f:fb:d2:fe:ce:3c:48:84:62:0c:3b:18:35:eb:b9: 7f:fa:91:1e:31:3b:55:60:e4:3b:52:1b:ec:e3:a3:7a:94:46: 7d:6c:7f:45:0d:52:e4:18:85:40:28:fa:87:a7:d2:e3:86:51: 0c:dd:2b:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiLhgE2eYdHUxjdA4Dkv7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw MGM5YTQwHhcNMjUxMjA1MjIwMTIzWhcNMjUxMjA2MjIwMTIzWjAzMTEwLwYDVQQD EyhhZjc1NmM5NDFlOWRmMjg3M2ZjNDU1MzJjOWUzOGZlNzUxYjJiNTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIDDb3TTZ7T5YP9I53TE+n11xnQD y2qSas4eZOcSzw0qMD/PQQySl3j2QnMPStwqD0xjQRhA1fIARqD6pWuIeHMP+CGm KKkVWendKA75E09NCZZtkvXm/R6XWSZI3f308I51t/lXOPwtS5saIYcdM2Whsmjt 1hMRBaVJTzhYeieYqAt+LtUWWWlUbKRHOP34xinY8yfK2rJByevQ+XcqYvQXeR9t UrtILrdaRhinubxquOxVtVZvSaNG15BmWzb/wsRoOVjA5+Yjr3hJr9hlMVAFqnki srQpqUGutDvd/AMCoSOXSfXaUhrGLzahNMoOPtdRbADfnGOZXVIdTC726wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK91bJQenfKHP8RVMsnjj+dRsrWfMB8GA1UdIwQY MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt MTVmYzBiNjhmODQ0LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0 LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvDcqvXG pKqlt79ijxk6SgVLuDrefQgFpuA+9xYvLhjBKVJDqNF+MaOjvc1bEBOqxx1N2HcN tAcSP092H1BJ4bVie6Q5GmfMAz2apzfQRXcGNhRlJqIvHFa5sA9sX7hORoMEqeoB XR6pDiY547NNCl7c5MkH8IPaUycvRsuduPFfL91qq5e6ytOCFcKQNrRTUaIvTudl qeFPavA4PEHo/9Svs98cgap2sMcBcy6tPnvy0KsfJdlG7oH50808WAFpbqsvrrTm /oRTn/vS/s48SIRiDDsYNeu5f/qRHjE7VWDkO1Ib7OOjepRGfWx/RQ1S5BiFQCj6 h6fS44ZRDN0rMg== -----END CERTIFICATE-----Generated at Sat Dec 6 06:58:56 2025 by rpki-client