This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft File: 2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json) Hash identifier: pHntK9tTc6VXv43c2AO2VAbjIEnqkcg6VYgn54+bWKQ= Subject key identifier: 2A:B2:46:FA:F8:F7:D6:39:7B:DC:F2:43:02:4F:C0:A2:FB:13:BA:B6 Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9 Certificate issuer: /CN=da028f6943034ab760f38ae4209154e2255c89e9 Certificate serial: 019AF276AECBA8C745C6D7F7799CEFAE0948 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft Manifest number: 06C2 Signing time: Sat 06 Dec 2025 07:00:55 +0000 Manifest this update: Sat 06 Dec 2025 07:00:55 +0000 Manifest next update: Sun 07 Dec 2025 07:00:55 +0000 Files and hashes: 1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: TZuioeYObGfUGKC7j2wWarmEFYUhOzRTnMoe0jKaykI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:ae:cb:a8:c7:45:c6:d7:f7:79:9c:ef:ae:09:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9 Validity Not Before: Dec 6 07:00:55 2025 GMT Not After : Dec 7 07:00:55 2025 GMT Subject: CN=2ab246faf8f7d6397bdcf243024fc0a2fb13bab6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9d:1c:b7:c4:58:3b:58:e4:9c:0f:ea:22:59: e3:07:ac:12:0e:ec:5d:d8:93:8f:a0:26:fa:a8:3c: b5:45:b4:94:0f:a2:74:4e:fe:33:7f:d8:d2:79:2b: 78:9b:cb:60:a8:19:f4:ff:0a:87:fd:3a:a5:b0:59: 0c:a3:63:2e:53:07:fd:a1:88:0e:d9:a4:60:5d:fd: 90:05:c8:6c:43:71:2f:a1:32:62:ba:72:7d:62:6f: aa:2a:f5:7f:1b:c9:74:d5:b4:76:0b:1d:0e:cf:aa: a3:11:ad:49:bd:c8:80:d1:29:f3:b2:87:4b:7c:01: 45:2d:b5:da:8d:1d:fe:1f:9e:77:f3:f8:dc:49:b2: 6d:ec:b1:c2:ff:86:38:81:3e:a5:ae:46:b7:35:b9: 76:0f:49:c8:e0:93:52:21:7b:f4:e5:a6:2c:b8:e0: 08:e6:dd:b5:5f:54:98:52:bb:99:b1:ae:a1:b8:bd: 92:63:a7:1c:64:90:13:05:08:98:be:bf:53:e9:c7: 73:eb:b7:94:41:af:77:35:11:7a:0d:49:ed:59:4f: 2a:2a:ce:73:55:dc:c7:61:fe:dc:e7:d4:22:86:97: 34:e0:f4:56:89:21:d4:72:e0:95:21:b7:d7:16:31: 17:57:97:d9:5c:ef:06:2f:69:84:d6:1c:79:35:92: 5f:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:B2:46:FA:F8:F7:D6:39:7B:DC:F2:43:02:4F:C0:A2:FB:13:BA:B6 X509v3 Authority Key Identifier: keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:cc:92:f3:9a:db:5b:98:a4:53:3c:47:12:40:03:16:0d:81: a8:3e:77:0c:d8:c4:4d:cc:ce:9a:bd:8e:40:c5:7b:2d:15:f9: fc:f7:d9:ba:e7:30:db:20:cd:52:0c:fc:aa:11:d5:1f:a3:49: 64:3b:23:5f:8c:aa:87:48:6b:86:4d:64:5d:61:f4:04:7d:3f: d1:b8:d3:15:eb:9f:4f:a0:38:64:b5:32:b6:7f:94:cf:34:92: 37:3b:21:74:4b:97:95:1a:c5:f7:43:c8:91:7c:2b:e8:22:c8: 81:ff:16:f3:62:ec:27:45:4d:25:4d:f8:1e:a2:ee:1f:e8:ba: c8:5b:80:20:32:b3:6a:9b:cf:1f:21:c2:02:75:d5:86:e9:04: c7:28:0b:da:66:f8:33:e0:d4:40:29:ee:45:9a:35:5f:5d:07: 98:eb:29:2d:a0:a8:b3:99:34:0d:0a:a6:df:e0:02:61:d5:ef: fd:01:a2:d6:87:5a:3b:bb:6c:6b:57:c6:5e:38:e1:86:8f:92: 88:7f:b1:b5:b8:a6:fa:e6:8c:9f:c3:ee:46:23:44:4b:b8:cc: 72:19:53:2b:6c:da:72:a2:4a:dc:0e:16:63:e3:e1:cf:28:f8: 19:ce:3b:11:52:b4:82:b3:fa:66:dd:af:0b:7b:42:85:d3:2d: 09:17:1e:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydq7LqMdFxtf3eZzvrglIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1 Yzg5ZTkwHhcNMjUxMjA2MDcwMDU1WhcNMjUxMjA3MDcwMDU1WjAzMTEwLwYDVQQD EygyYWIyNDZmYWY4ZjdkNjM5N2JkY2YyNDMwMjRmYzBhMmZiMTNiYWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq50ct8RYO1jknA/qIlnjB6wSDuxd 2JOPoCb6qDy1RbSUD6J0Tv4zf9jSeSt4m8tgqBn0/wqH/TqlsFkMo2MuUwf9oYgO 2aRgXf2QBchsQ3EvoTJiunJ9Ym+qKvV/G8l01bR2Cx0Oz6qjEa1JvciA0SnzsodL fAFFLbXajR3+H5538/jcSbJt7LHC/4Y4gT6lrka3Nbl2D0nI4JNSIXv05aYsuOAI 5t21X1SYUruZsa6huL2SY6ccZJATBQiYvr9T6cdz67eUQa93NRF6DUntWU8qKs5z VdzHYf7c59Qihpc04PRWiSHUcuCVIbfXFjEXV5fZXO8GL2mE1hx5NZJf3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCqyRvr499Y5e9zyQwJPwKL7E7q2MB8GA1UdIwQY MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY8yS85rb W5ikUzxHEkADFg2BqD53DNjETczOmr2OQMV7LRX5/PfZuucw2yDNUgz8qhHVH6NJ ZDsjX4yqh0hrhk1kXWH0BH0/0bjTFeufT6A4ZLUytn+UzzSSNzshdEuXlRrF90PI kXwr6CLIgf8W82LsJ0VNJU34HqLuH+i6yFuAIDKzapvPHyHCAnXVhukExygL2mb4 M+DUQCnuRZo1X10HmOspLaCos5k0DQqm3+ACYdXv/QGi1odaO7tsa1fGXjjhho+S iH+xtbim+uaMn8PuRiNES7jMchlTK2zacqJK3A4WY+Phzyj4Gc47EVK0grP6Zt2v C3tChdMtCRce7g== -----END CERTIFICATE-----Generated at Sat Dec 6 13:40:43 2025 by rpki-client