This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft File: 2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json) Hash identifier: k8nR/o2ODdV3s+4jIgFabN43pKZwODPsv+BaRiALlgA= Subject key identifier: 23:A1:EA:50:D0:FD:09:53:14:5A:14:ED:E1:B7:8C:A9:E1:03:FC:90 Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD Certificate issuer: /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd Certificate serial: 019AF31CA781E5ACDECFD761E9F51DFB3A16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 10:02:12 +0000 Manifest this update: Sat 06 Dec 2025 10:02:12 +0000 Manifest next update: Sun 07 Dec 2025 10:02:12 +0000 Files and hashes: 1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: scArqobDf+LrMaINntBEHB0/Z3xAotNQALcRptIgJVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:a7:81:e5:ac:de:cf:d7:61:e9:f5:1d:fb:3a:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd Validity Not Before: Dec 6 10:02:12 2025 GMT Not After : Dec 7 10:02:12 2025 GMT Subject: CN=23a1ea50d0fd0953145a14ede1b78ca9e103fc90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c6:ab:54:c0:02:b6:5c:fc:3a:20:ef:34:22: f2:a6:f9:c0:80:43:dc:ca:d5:bd:25:25:ce:26:c6: 6e:39:af:42:b8:2a:25:83:27:43:11:ad:ae:ee:36: 5e:d9:c1:a2:08:96:11:d9:48:2a:8b:9c:41:81:7a: bd:ea:cd:49:87:02:d5:1f:73:e9:ef:06:4d:32:80: f1:e0:da:32:13:98:ef:94:ef:cf:79:b9:10:97:32: 46:d1:9a:3c:ed:3a:2b:55:73:be:74:e6:7d:d8:d3: db:49:7a:37:62:57:02:ad:24:73:1d:89:f0:eb:23: 4f:21:28:73:c7:4b:73:5d:04:3b:d4:9a:61:23:fc: ad:b3:dd:71:54:83:d3:34:06:8a:2e:bd:96:1b:a5: 10:93:66:48:ed:2f:ee:7e:f5:28:dc:c9:7d:86:c3: 79:9c:5b:00:e1:9e:29:e2:93:30:4c:24:4b:9e:b0: 17:67:0a:2f:3c:65:20:d2:d5:ca:06:5e:60:ab:51: 8e:59:1f:a3:69:59:fa:57:03:2e:94:53:cc:ec:35: 92:ab:11:42:08:0b:49:96:c9:d9:af:90:69:5a:fb: 30:74:45:eb:d7:21:11:fb:3c:7d:24:25:da:71:34: f6:90:e0:b7:d7:35:a8:2a:39:4e:7c:e4:bb:fa:ab: 3f:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:A1:EA:50:D0:FD:09:53:14:5A:14:ED:E1:B7:8C:A9:E1:03:FC:90 X509v3 Authority Key Identifier: keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:51:47:7b:7a:72:75:d4:9f:92:9e:5f:c7:51:90:e0:64:04: b8:18:b3:1c:b2:e9:6b:c5:f6:bf:4a:38:12:9e:de:40:53:ab: 31:88:d5:5c:a1:58:37:31:57:8c:3c:03:57:83:c5:72:7c:5e: 7d:de:53:85:50:8a:22:51:07:ff:2e:d8:8d:45:18:39:9e:60: 70:3b:65:79:58:40:04:5d:56:08:57:56:9a:d3:97:71:dc:4f: e8:48:93:10:da:02:c0:f3:1c:1c:5e:85:ad:af:97:42:69:d9: c5:1a:3b:0c:21:9e:ae:dc:a5:e7:3b:8c:9c:d3:4e:3e:f9:2b: 28:01:48:11:68:80:fa:13:9d:c2:bd:ca:46:53:22:28:5b:d3: 0b:c4:71:6b:ea:76:ba:9f:38:15:20:5b:b9:b1:23:b3:fb:e9: ed:26:d4:9a:ea:07:10:29:31:61:66:f8:e6:99:d9:9d:06:cd: 24:1a:cb:0d:4e:c9:dc:9e:bc:de:52:e4:57:4d:73:c9:7a:82: 29:fe:ad:4a:27:e4:c2:ab:95:0f:28:a7:72:fb:4d:50:6f:09: c2:8b:3c:d7:d3:15:4b:16:96:06:cb:55:7a:67:61:0c:b9:3f: 39:59:77:8f:3d:0a:62:0b:91:f2:d8:79:fb:60:3f:02:fa:e7: 3d:c4:ac:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHKeB5azez9dh6fUd+zoWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx ZTZhZmQwHhcNMjUxMjA2MTAwMjEyWhcNMjUxMjA3MTAwMjEyWjAzMTEwLwYDVQQD EygyM2ExZWE1MGQwZmQwOTUzMTQ1YTE0ZWRlMWI3OGNhOWUxMDNmYzkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sarVMACtlz8OiDvNCLypvnAgEPc ytW9JSXOJsZuOa9CuColgydDEa2u7jZe2cGiCJYR2Ugqi5xBgXq96s1JhwLVH3Pp 7wZNMoDx4NoyE5jvlO/PebkQlzJG0Zo87TorVXO+dOZ92NPbSXo3YlcCrSRzHYnw 6yNPIShzx0tzXQQ71JphI/yts91xVIPTNAaKLr2WG6UQk2ZI7S/ufvUo3Ml9hsN5 nFsA4Z4p4pMwTCRLnrAXZwovPGUg0tXKBl5gq1GOWR+jaVn6VwMulFPM7DWSqxFC CAtJlsnZr5BpWvswdEXr1yER+zx9JCXacTT2kOC31zWoKjlOfOS7+qs/uQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCOh6lDQ/QlTFFoU7eG3jKnhA/yQMB8GA1UdIwQY MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt1FHe3py ddSfkp5fx1GQ4GQEuBizHLLpa8X2v0o4Ep7eQFOrMYjVXKFYNzFXjDwDV4PFcnxe fd5ThVCKIlEH/y7YjUUYOZ5gcDtleVhABF1WCFdWmtOXcdxP6EiTENoCwPMcHF6F ra+XQmnZxRo7DCGertyl5zuMnNNOPvkrKAFIEWiA+hOdwr3KRlMiKFvTC8Rxa+p2 up84FSBbubEjs/vp7SbUmuoHECkxYWb45pnZnQbNJBrLDU7J3J683lLkV01zyXqC Kf6tSifkwquVDyincvtNUG8Jwos819MVSxaWBstVemdhDLk/OVl3jz0KYguR8th5 +2A/AvrnPcSseA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:59:38 2025 by rpki-client