This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft File: 2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json) Hash identifier: 1lXaAED+tafXBFua+vRroMGCzTd+pGI0QraJG6XVe4s= Subject key identifier: A2:A6:21:83:33:B6:E0:54:31:B4:46:FA:53:67:F2:C9:DB:D4:2B:76 Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79 Certificate issuer: /CN=d90ad1111318300ba678e88e0502b1fc51e35379 Certificate serial: 019AF16462C1528CE3F478FBD38FB34B8DF8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft Manifest number: 036B Signing time: Sat 06 Dec 2025 02:01:19 +0000 Manifest this update: Sat 06 Dec 2025 02:01:19 +0000 Manifest next update: Sun 07 Dec 2025 02:01:19 +0000 Files and hashes: 1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: pGK8Ly/9K460aFe671iBuDI3JMGV1ShoPP3fvOMCLo8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:62:c1:52:8c:e3:f4:78:fb:d3:8f:b3:4b:8d:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379 Validity Not Before: Dec 6 02:01:19 2025 GMT Not After : Dec 7 02:01:19 2025 GMT Subject: CN=a2a6218333b6e05431b446fa5367f2c9dbd42b76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:16:e8:fb:88:49:89:ae:c6:d0:00:0c:d9:52: 9e:44:9e:37:16:31:a6:9d:8a:20:76:8e:2b:77:1a: 65:89:43:fb:48:97:80:02:bb:c8:a2:e3:12:e4:89: b1:46:bd:65:17:2c:74:b4:2a:59:8c:48:29:30:fe: 92:51:b4:b4:11:f3:13:cf:98:fa:f7:4f:82:36:03: 6f:6e:ec:2e:58:31:2e:a5:a9:f5:b2:44:ed:fd:7a: e3:34:e1:f7:41:30:80:26:46:29:bf:c7:5e:63:af: af:8c:c8:6d:d4:ae:46:d9:d4:69:23:87:9c:b0:29: 30:f7:73:97:67:1e:22:42:1a:d8:7a:13:0e:5b:35: 4f:fa:e3:96:ef:13:56:c3:f0:f1:bc:4e:c3:5f:52: 89:af:c8:ef:05:77:8c:48:95:db:ec:d5:9f:ab:96: b2:94:32:3c:c0:da:02:b1:d1:8a:7f:df:3f:ac:ad: 8c:27:f1:72:45:94:f8:0b:c6:f4:14:66:a0:28:bc: a8:a7:7a:8b:67:94:ba:11:f0:04:e4:6e:7f:84:c1: c0:2f:54:eb:aa:62:e3:f8:31:a9:9e:bb:5c:4f:03: b1:94:6d:73:01:e5:20:3e:e5:ec:4a:62:02:5e:f6: 41:41:4d:f9:c4:7f:86:9c:81:b1:7d:8b:09:b6:25: 1f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:A6:21:83:33:B6:E0:54:31:B4:46:FA:53:67:F2:C9:DB:D4:2B:76 X509v3 Authority Key Identifier: keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:a0:cb:db:d9:47:82:3a:7e:93:d7:3a:54:db:0d:48:de:7f: 5c:63:53:f4:f6:ff:f1:37:cd:e5:56:18:c7:69:94:7a:f2:31: e3:66:c1:ee:0e:1b:50:4c:80:f0:bd:f9:c4:4c:c1:13:ea:42: c3:04:1e:db:a8:d0:52:60:42:18:65:a3:e7:2c:8d:2a:c0:91: f0:be:59:eb:a4:a4:f4:31:af:a0:4c:50:4d:4e:69:6b:25:18: e0:47:09:db:c2:4b:60:07:cb:3b:2c:62:34:4d:f2:f9:53:a6: e2:10:02:42:31:28:c8:97:97:07:a7:ee:76:af:10:9a:33:14: 54:b3:3d:e2:f1:10:83:ae:47:f3:dd:4e:61:53:9d:b8:c2:a2: 66:c5:f2:8a:04:b4:9d:a8:ec:41:b0:44:c1:09:34:ff:19:46: fb:af:bd:99:8c:d5:46:8b:f8:fc:b7:e2:a6:f8:cb:dd:af:3e: fb:9d:5a:a8:18:14:d3:c1:aa:9c:40:40:d6:63:be:95:f9:b6: d8:b7:c8:34:52:fc:21:f1:24:f5:43:d7:e4:23:d7:e1:25:99: 0a:72:09:6a:5f:46:2b:e9:09:e9:52:a7:9b:d2:cd:0c:3e:b5: 1e:c4:52:ee:76:28:5e:d2:fb:61:19:f2:e4:29:47:e1:72:d3: 21:ac:2c:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZGLBUozj9Hj704+zS434MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl MzUzNzkwHhcNMjUxMjA2MDIwMTE5WhcNMjUxMjA3MDIwMTE5WjAzMTEwLwYDVQQD EyhhMmE2MjE4MzMzYjZlMDU0MzFiNDQ2ZmE1MzY3ZjJjOWRiZDQyYjc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xbo+4hJia7G0AAM2VKeRJ43FjGm nYogdo4rdxpliUP7SJeAArvIouMS5ImxRr1lFyx0tCpZjEgpMP6SUbS0EfMTz5j6 90+CNgNvbuwuWDEupan1skTt/XrjNOH3QTCAJkYpv8deY6+vjMht1K5G2dRpI4ec sCkw93OXZx4iQhrYehMOWzVP+uOW7xNWw/DxvE7DX1KJr8jvBXeMSJXb7NWfq5ay lDI8wNoCsdGKf98/rK2MJ/FyRZT4C8b0FGagKLyop3qLZ5S6EfAE5G5/hMHAL1Tr qmLj+DGpnrtcTwOxlG1zAeUgPuXsSmICXvZBQU35xH+GnIGxfYsJtiUflQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKKmIYMztuBUMbRG+lNn8snb1Ct2MB8GA1UdIwQY MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1 LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS6DL29lH gjp+k9c6VNsNSN5/XGNT9Pb/8TfN5VYYx2mUevIx42bB7g4bUEyA8L35xEzBE+pC wwQe26jQUmBCGGWj5yyNKsCR8L5Z66Sk9DGvoExQTU5payUY4EcJ28JLYAfLOyxi NE3y+VOm4hACQjEoyJeXB6fudq8QmjMUVLM94vEQg65H891OYVOduMKiZsXyigS0 najsQbBEwQk0/xlG+6+9mYzVRov4/LfipvjL3a8++51aqBgU08GqnEBA1mO+lfm2 2LfINFL8IfEk9UPX5CPX4SWZCnIJal9GK+kJ6VKnm9LNDD61HsRS7nYoXtL7YRny 5ClH4XLTIawsHw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:57:44 2025 by rpki-client