This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft File: 2q_pD50IEzTMko7e6bxzFUBwjf0.mft (raw, json) Hash identifier: ZlpcbJWUucU8/VYiWm1XHyp6fO7XQh2MkK5rLl/rVw8= Subject key identifier: B4:8C:4D:7E:E2:06:58:D8:80:5A:7F:6E:0B:7F:4C:A7:54:CA:69:62 Authority key identifier: DA:AF:E9:0F:9D:08:13:34:CC:92:8E:DE:E9:BC:73:15:40:70:8D:FD Certificate issuer: /CN=daafe90f9d081334cc928edee9bc731540708dfd Certificate serial: 019AF12E428F9B8B8D3EAC4B621A54A60384 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft Manifest number: 0AB6 Signing time: Sat 06 Dec 2025 01:02:11 +0000 Manifest this update: Sat 06 Dec 2025 01:02:11 +0000 Manifest next update: Sun 07 Dec 2025 01:02:11 +0000 Files and hashes: 1: 2q_pD50IEzTMko7e6bxzFUBwjf0.crl (hash: GYRqheZTd+GXV8pjGdVRFRqL5PFUkhWfO8ol10gOVvE=) 2: ptCjyawSJ9frfP9fH_ikMswCnsI.roa (hash: qlAjQ7L6msxhMlwj1dEaHE32m8HH4N1buR0Bga+2/Qo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:42:8f:9b:8b:8d:3e:ac:4b:62:1a:54:a6:03:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daafe90f9d081334cc928edee9bc731540708dfd Validity Not Before: Dec 6 01:02:11 2025 GMT Not After : Dec 7 01:02:11 2025 GMT Subject: CN=b48c4d7ee20658d8805a7f6e0b7f4ca754ca6962 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3f:9b:0a:46:0c:2d:ab:30:f5:27:50:c4:7d: 85:61:64:42:ca:74:ed:9e:27:e3:ad:99:90:dc:82: e0:25:ab:e1:ee:04:83:71:60:b9:97:ce:c4:c2:7d: 1d:4f:b8:0c:90:59:a8:ca:84:2e:ef:de:c3:aa:e2: c9:a6:f5:4f:d1:84:30:18:48:83:1e:94:18:6f:f7: 3d:5c:f2:30:59:56:8c:1d:0b:ba:98:99:a1:7a:d3: d0:b4:36:45:6b:67:21:f7:79:0d:22:e8:09:73:9f: 42:d4:c1:c8:f7:d4:bd:1e:cc:dc:29:19:74:19:55: b8:e1:88:10:47:15:3a:b1:56:70:a4:1f:91:75:d8: 1f:d7:dd:73:ec:e4:97:e6:09:c4:b7:1f:7a:78:d7: 55:09:8a:74:71:c0:ff:e1:47:a0:af:c2:dd:21:c1: 8e:c2:93:f9:f1:83:34:49:0b:06:6f:cc:30:46:8b: 55:df:8c:16:87:2c:30:38:85:f8:f0:4c:c3:eb:fc: 73:1b:34:37:28:2f:4b:63:4f:d1:1e:ea:1b:a6:1b: 66:5b:a7:6d:75:ec:6d:43:89:ff:f4:eb:5a:3a:04: 63:7e:ba:71:f2:5d:51:48:65:a7:26:5e:02:ca:be: 03:33:7c:dc:67:cc:e5:83:7f:3e:38:68:73:c6:57: e1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:8C:4D:7E:E2:06:58:D8:80:5A:7F:6E:0B:7F:4C:A7:54:CA:69:62 X509v3 Authority Key Identifier: keyid:DA:AF:E9:0F:9D:08:13:34:CC:92:8E:DE:E9:BC:73:15:40:70:8D:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:13:4e:21:49:ca:aa:27:9d:b5:ad:15:d1:7e:1d:dd:bb:bb: 71:fc:d2:3a:5e:6b:4b:81:1c:85:a9:83:0c:8a:02:bd:f4:50: 1d:72:c5:de:4a:cd:6c:26:41:60:2e:98:3b:bd:30:9d:7c:0d: 59:7f:72:49:33:4e:c1:39:69:ec:34:d9:b2:17:2d:9f:d2:43: 92:43:1b:4e:2c:12:2e:2e:ea:32:95:e0:f9:54:48:c2:89:31: 9c:fb:11:de:ac:38:ed:2a:2b:5c:c0:97:3b:9f:ac:b3:16:d1: 03:e1:22:82:13:5e:fd:5c:37:24:63:7d:45:86:de:4e:97:83: 11:fd:f8:a5:6a:d4:08:00:16:69:bc:3a:60:ef:f2:8f:77:3f: 75:c8:29:b9:99:f8:b7:a7:a8:df:dc:74:0b:2d:6e:f0:2e:4c: 77:7a:e7:d4:c5:22:d8:91:57:01:dd:08:71:50:4f:ac:7a:1c: 87:bc:41:b0:06:98:5d:50:f5:39:c5:97:95:07:77:0c:ff:27: f2:83:94:aa:6b:3b:96:b1:bc:5a:34:4e:a2:46:56:c8:80:01: 98:b7:9c:69:5f:cd:8d:9e:71:6a:07:68:ad:4c:96:bc:bd:0a: ce:e3:6a:38:05:8a:5b:2b:8e:e2:5d:f7:a5:8a:6f:f9:4d:4b: 92:be:19:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLkKPm4uNPqxLYhpUpgOEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWZlOTBmOWQwODEzMzRjYzkyOGVkZWU5YmM3MzE1NDA3 MDhkZmQwHhcNMjUxMjA2MDEwMjExWhcNMjUxMjA3MDEwMjExWjAzMTEwLwYDVQQD EyhiNDhjNGQ3ZWUyMDY1OGQ4ODA1YTdmNmUwYjdmNGNhNzU0Y2E2OTYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz+bCkYMLasw9SdQxH2FYWRCynTt nifjrZmQ3ILgJavh7gSDcWC5l87Ewn0dT7gMkFmoyoQu797DquLJpvVP0YQwGEiD HpQYb/c9XPIwWVaMHQu6mJmhetPQtDZFa2ch93kNIugJc59C1MHI99S9HszcKRl0 GVW44YgQRxU6sVZwpB+Rddgf191z7OSX5gnEtx96eNdVCYp0ccD/4Uegr8LdIcGO wpP58YM0SQsGb8wwRotV34wWhywwOIX48EzD6/xzGzQ3KC9LY0/RHuobphtmW6dt dextQ4n/9OtaOgRjfrpx8l1RSGWnJl4Cyr4DM3zcZ8zlg38+OGhzxlfhJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLSMTX7iBljYgFp/bgt/TKdUymliMB8GA1UdIwQY MBaAFNqv6Q+dCBM0zJKO3um8cxVAcI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84YmIzYzEtMTk5ZC00NDliLWFjNDYt YmJkOTJjY2FmYTg4LzEvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS84YmIzYzEtMTk5ZC00NDliLWFjNDYtYmJkOTJjY2FmYTg4 LzEvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATxNOIUnK qiedta0V0X4d3bu7cfzSOl5rS4EchamDDIoCvfRQHXLF3krNbCZBYC6YO70wnXwN WX9ySTNOwTlp7DTZshctn9JDkkMbTiwSLi7qMpXg+VRIwokxnPsR3qw47SorXMCX O5+ssxbRA+EighNe/Vw3JGN9RYbeTpeDEf34pWrUCAAWabw6YO/yj3c/dcgpuZn4 t6eo39x0Cy1u8C5Md3rn1MUi2JFXAd0IcVBPrHoch7xBsAaYXVD1OcWXlQd3DP8n 8oOUqms7lrG8WjROokZWyIABmLecaV/NjZ5xagdorUyWvL0KzuNqOAWKWyuO4l33 pYpv+U1Lkr4ZJQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:25:28 2025 by rpki-client