This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft File: 2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json) Hash identifier: Dxs29+4H54ElSTEBXsJ9jsC6hgoDKzc7aMG3QtyVMns= Subject key identifier: 8C:8C:5C:0F:56:3D:0E:90:9C:4C:4E:35:8F:1E:15:BA:AD:5E:4F:11 Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD Certificate issuer: /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd Certificate serial: 019B3E6D86992F765F789E48255E11CDCF1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft Manifest number: 1785 Signing time: Sun 21 Dec 2025 01:02:03 +0000 Manifest this update: Sun 21 Dec 2025 01:02:03 +0000 Manifest next update: Mon 22 Dec 2025 01:02:03 +0000 Files and hashes: 1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: d2kF0ZmLG0avr/EoAfQX7i7U1bz62stS93U9w7dR+Gk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:86:99:2f:76:5f:78:9e:48:25:5e:11:cd:cf:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd Validity Not Before: Dec 21 01:02:03 2025 GMT Not After : Dec 22 01:02:03 2025 GMT Subject: CN=8c8c5c0f563d0e909c4c4e358f1e15baad5e4f11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3f:88:70:20:0c:31:04:55:3c:de:b2:a5:a9: 61:1b:16:14:26:08:d4:4e:9b:70:6e:50:6b:a2:52: ed:4b:31:d0:3b:c3:a5:69:59:11:ae:cd:83:fa:bf: 66:26:89:e9:82:a9:8f:27:c4:fe:a2:66:9d:57:9f: 57:46:39:57:57:19:64:97:19:88:1c:7b:d3:52:82: f6:2e:89:22:2c:53:6d:56:3e:7a:e4:ab:eb:7b:67: 9e:1c:1b:16:de:2b:80:d0:e1:84:43:5d:d1:37:2e: fb:73:53:a4:d8:d3:a5:84:7f:e4:01:45:e2:35:39: de:cc:f5:8e:67:35:ae:8b:1c:ad:e0:0a:61:f3:9c: 1e:ec:5c:2c:c8:22:85:f0:92:41:4b:a6:81:e2:fb: fa:5b:6b:4d:0e:fb:fc:3d:3f:e2:1f:ab:fc:15:ca: 47:80:8e:17:11:e9:9c:29:a9:73:e9:89:94:c1:fb: aa:f8:54:08:29:33:09:de:09:00:fe:b8:ea:58:68: ad:75:e1:22:25:9c:3a:27:5a:22:32:63:cc:87:b2: ee:6e:3e:3c:4d:eb:a1:52:4c:40:6b:98:e8:be:73: c0:d6:3c:6a:af:59:b7:66:59:4c:14:5e:06:48:a9: 48:89:a2:fe:39:93:7d:90:28:4f:93:43:58:9e:4a: 78:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:8C:5C:0F:56:3D:0E:90:9C:4C:4E:35:8F:1E:15:BA:AD:5E:4F:11 X509v3 Authority Key Identifier: keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:62:56:f7:f7:d1:f6:77:d8:65:f7:77:2a:9e:36:20:55:70: ea:36:af:71:68:25:98:d9:c1:37:de:93:73:21:de:16:a0:1c: cc:f2:d5:7f:6e:79:c1:f0:df:73:fe:5b:0a:e8:c2:73:05:2e: b4:61:72:1f:df:7d:06:4a:ba:9c:32:2b:12:53:a7:9c:86:e8: a7:10:1f:d7:44:5e:33:1e:55:1b:32:6c:0b:27:78:7c:48:29: e3:75:e6:b4:88:25:f0:ba:8c:1a:48:e1:81:10:48:cb:fd:be: 26:d4:2c:70:a6:11:d4:73:3c:0c:bc:2b:30:b8:78:d2:8e:ec: 6f:24:f5:b5:e4:7d:47:b1:f3:e9:5f:ac:fe:41:70:60:f9:d9: 8e:d1:69:89:e0:12:ac:a4:44:2d:d3:74:7c:2f:33:f9:60:e9: 01:80:fb:d8:fa:c3:f4:4c:13:d8:0f:21:08:5b:aa:27:62:49: 64:23:a3:1e:ab:8e:f9:38:77:03:04:ac:96:26:d0:6d:30:09: 8c:ac:2f:15:2c:38:cc:0b:01:9e:81:22:9e:b0:72:fa:39:64: 84:96:6f:57:52:da:4c:f5:d1:15:66:6c:49:cf:e4:a9:8a:bf: 3f:64:84:f8:cd:0d:32:53:16:51:b2:db:ca:cd:bb:7e:ec:79: 4a:4f:cb:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bYaZL3ZfeJ5IJV4Rzc8cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx ZTZhZmQwHhcNMjUxMjIxMDEwMjAzWhcNMjUxMjIyMDEwMjAzWjAzMTEwLwYDVQQD Eyg4YzhjNWMwZjU2M2QwZTkwOWM0YzRlMzU4ZjFlMTViYWFkNWU0ZjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz+IcCAMMQRVPN6ypalhGxYUJgjU TptwblBrolLtSzHQO8OlaVkRrs2D+r9mJonpgqmPJ8T+omadV59XRjlXVxlklxmI HHvTUoL2LokiLFNtVj565Kvre2eeHBsW3iuA0OGEQ13RNy77c1Ok2NOlhH/kAUXi NTnezPWOZzWuixyt4Aph85we7FwsyCKF8JJBS6aB4vv6W2tNDvv8PT/iH6v8FcpH gI4XEemcKalz6YmUwfuq+FQIKTMJ3gkA/rjqWGitdeEiJZw6J1oiMmPMh7Lubj48 TeuhUkxAa5jovnPA1jxqr1m3ZllMFF4GSKlIiaL+OZN9kChPk0NYnkp4ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIyMXA9WPQ6QnExONY8eFbqtXk8RMB8GA1UdIwQY MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWWJW9/fR 9nfYZfd3Kp42IFVw6javcWglmNnBN96TcyHeFqAczPLVf255wfDfc/5bCujCcwUu tGFyH999Bkq6nDIrElOnnIbopxAf10ReMx5VGzJsCyd4fEgp43XmtIgl8LqMGkjh gRBIy/2+JtQscKYR1HM8DLwrMLh40o7sbyT1teR9R7Hz6V+s/kFwYPnZjtFpieAS rKRELdN0fC8z+WDpAYD72PrD9EwT2A8hCFuqJ2JJZCOjHquO+Th3AwSslibQbTAJ jKwvFSw4zAsBnoEinrBy+jlkhJZvV1LaTPXRFWZsSc/kqYq/P2SE+M0NMlMWUbLb ys27fux5Sk/LXQ== -----END CERTIFICATE-----Generated at Sun Dec 21 06:22:46 2025 by rpki-client