This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft File: 2YtaX7E4aD0ajMcBn3iXC65ngig.mft (raw, json) Hash identifier: OVCTEZLLLwNyV96CV108XguPhwZL7CplgLKQw6mYPSY= Subject key identifier: D2:22:F4:8E:CB:51:DB:78:35:21:E0:8C:70:A1:A2:E0:FF:E2:77:A9 Authority key identifier: D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28 Certificate issuer: /CN=d98b5a5fb138683d1a8cc7019f78970bae678228 Certificate serial: 019AF051AEB7E048A3AD60FD000FDDF0D962 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft Manifest number: 108A Signing time: Fri 05 Dec 2025 21:01:16 +0000 Manifest this update: Fri 05 Dec 2025 21:01:16 +0000 Manifest next update: Sat 06 Dec 2025 21:01:16 +0000 Files and hashes: 1: 2YtaX7E4aD0ajMcBn3iXC65ngig.crl (hash: KMVe+b1fKtsnNWhqe+wuQsiZ8+xfEOzKBixYVw65sng=) 2: pGBMbGUVmfmMQKR1-BVF--sKK7U.roa (hash: ayj/a/EtllFNMGD1HzcA6KglHzS5bxHd+NVb8RRWcAY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:ae:b7:e0:48:a3:ad:60:fd:00:0f:dd:f0:d9:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d98b5a5fb138683d1a8cc7019f78970bae678228 Validity Not Before: Dec 5 21:01:16 2025 GMT Not After : Dec 6 21:01:16 2025 GMT Subject: CN=d222f48ecb51db783521e08c70a1a2e0ffe277a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:a1:d3:6b:47:c2:7d:31:6b:16:a9:7c:95:21: f8:18:a4:b4:25:93:70:93:bd:95:44:36:fd:cc:0c: 8a:d1:a7:7d:5a:e2:53:00:fb:c3:6d:0d:12:49:f2: 6b:c0:3b:c0:94:a6:b1:35:c8:50:da:5a:05:cb:93: a5:2d:4a:3c:3e:0e:4c:62:c5:2c:15:5a:97:0e:75: d1:0b:60:11:3d:36:5f:8a:7e:c7:5d:a1:09:d3:58: 74:e9:d7:ff:b6:51:b9:02:df:15:8b:87:e0:59:cf: 9b:e0:0a:ad:a7:83:86:c8:17:ba:b2:af:eb:4f:46: ec:95:2c:56:3c:1d:af:66:b3:19:bd:65:23:28:6a: 11:3b:67:61:71:d2:c9:bd:26:5b:19:9f:e3:b8:2a: f1:60:06:ee:40:23:6a:cd:38:50:ef:d8:5d:9a:2b: 58:35:2a:3f:d7:3f:e2:7f:0d:1f:c1:a1:fc:a9:de: fb:d9:d4:73:f0:cf:b9:13:a9:19:0e:1a:a1:d6:43: 24:71:a3:71:9c:d3:fa:01:d8:bb:05:07:9a:71:1b: 09:b9:73:a7:7d:78:be:7c:69:1f:3c:7f:b6:55:0f: d0:e8:fc:fe:a9:8d:37:15:82:c3:d4:af:58:90:26: 7e:80:37:fa:57:af:41:05:dd:69:96:28:65:e6:6c: c6:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:22:F4:8E:CB:51:DB:78:35:21:E0:8C:70:A1:A2:E0:FF:E2:77:A9 X509v3 Authority Key Identifier: keyid:D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:12:24:66:85:e1:4e:7a:c6:66:71:e5:52:a3:b4:75:77:39: 25:6d:6a:46:d9:94:31:1b:fa:5f:0b:7f:2c:58:5e:0b:cd:fd: 69:d7:d3:6c:2c:f2:a1:17:55:c2:84:ac:57:34:9e:67:80:3e: ff:8c:fa:a5:d9:83:36:93:06:52:8e:8a:3c:04:83:e7:05:d6: 78:d0:c6:bf:3b:db:80:72:fd:8f:7e:f0:34:83:19:bd:de:10: 04:2a:00:26:de:ab:8c:c9:e1:c2:6f:3a:1c:5e:08:24:07:f4: d4:7d:0a:8b:10:89:85:47:da:1b:27:df:df:9d:78:f2:3b:e0: e8:2f:d8:dc:42:ec:95:99:c9:f1:d8:a6:bb:a6:86:80:ed:20: 72:f5:36:c3:8e:0f:fa:5a:74:2b:e7:81:99:1a:75:bb:18:93: e4:c9:48:20:f3:8a:03:90:fd:92:e0:ef:25:cb:5f:32:19:e9: 2e:18:36:13:9a:a6:94:66:8d:7c:d5:f1:ee:5e:ac:de:89:16: b1:d4:df:6d:12:fe:7e:85:7b:d4:72:3e:50:50:ca:49:5d:13: b9:ea:67:e8:92:43:2d:6e:4c:85:f2:cc:a1:a0:15:ff:97:60: 94:53:9d:e6:70:be:f9:61:c5:92:f8:8c:a2:b3:fe:ad:90:d7: 56:4a:57:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUa634EijrWD9AA/d8NliMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OGI1YTVmYjEzODY4M2QxYThjYzcwMTlmNzg5NzBiYWU2 NzgyMjgwHhcNMjUxMjA1MjEwMTE2WhcNMjUxMjA2MjEwMTE2WjAzMTEwLwYDVQQD EyhkMjIyZjQ4ZWNiNTFkYjc4MzUyMWUwOGM3MGExYTJlMGZmZTI3N2E5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6HTa0fCfTFrFql8lSH4GKS0JZNw k72VRDb9zAyK0ad9WuJTAPvDbQ0SSfJrwDvAlKaxNchQ2loFy5OlLUo8Pg5MYsUs FVqXDnXRC2ARPTZfin7HXaEJ01h06df/tlG5At8Vi4fgWc+b4Aqtp4OGyBe6sq/r T0bslSxWPB2vZrMZvWUjKGoRO2dhcdLJvSZbGZ/juCrxYAbuQCNqzThQ79hdmitY NSo/1z/ifw0fwaH8qd772dRz8M+5E6kZDhqh1kMkcaNxnNP6Adi7BQeacRsJuXOn fXi+fGkfPH+2VQ/Q6Pz+qY03FYLD1K9YkCZ+gDf6V69BBd1plihl5mzG4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNIi9I7LUdt4NSHgjHChouD/4nepMB8GA1UdIwQY MBaAFNmLWl+xOGg9GozHAZ94lwuuZ4IoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgt ODMxN2E4Mjg4ZDEwLzEvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgtODMxN2E4Mjg4ZDEw LzEvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASRIkZoXh TnrGZnHlUqO0dXc5JW1qRtmUMRv6Xwt/LFheC839adfTbCzyoRdVwoSsVzSeZ4A+ /4z6pdmDNpMGUo6KPASD5wXWeNDGvzvbgHL9j37wNIMZvd4QBCoAJt6rjMnhwm86 HF4IJAf01H0KixCJhUfaGyff35148jvg6C/Y3ELslZnJ8dimu6aGgO0gcvU2w44P +lp0K+eBmRp1uxiT5MlIIPOKA5D9kuDvJctfMhnpLhg2E5qmlGaNfNXx7l6s3okW sdTfbRL+foV71HI+UFDKSV0Tuepn6JJDLW5MhfLMoaAV/5dglFOd5nC++WHFkviM orP+rZDXVkpXfw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:46 2025 by rpki-client