This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft File: 2xjQrivPZ9QUonXLOE8tOWCoN70.mft (raw, json) Hash identifier: f81eh/3/aSA5NVV70hS21fpL1dO+q9x0BE8Rs3LtMtI= Subject key identifier: 72:AA:0D:21:5D:32:B0:7C:98:4B:51:42:88:3E:9E:B6:EF:21:A5:14 Authority key identifier: DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD Certificate issuer: /CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd Certificate serial: 019AF577764B7141197436CC3596CBBA4C49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft Manifest number: 0EDB Signing time: Sat 06 Dec 2025 21:00:38 +0000 Manifest this update: Sat 06 Dec 2025 21:00:38 +0000 Manifest next update: Sun 07 Dec 2025 21:00:38 +0000 Files and hashes: 1: 2xjQrivPZ9QUonXLOE8tOWCoN70.crl (hash: oRZnANjzRNjIFaonfD+TUuklBFQlYuJGVdNi2BHm/Xc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:76:4b:71:41:19:74:36:cc:35:96:cb:ba:4c:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd Validity Not Before: Dec 6 21:00:38 2025 GMT Not After : Dec 7 21:00:38 2025 GMT Subject: CN=72aa0d215d32b07c984b5142883e9eb6ef21a514 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:39:2e:99:ed:9c:6e:fd:cc:03:7c:87:44:a9: a7:f6:7d:92:75:1d:36:c1:94:69:d5:d9:ee:ca:38: 93:8a:ba:72:b5:d7:f6:28:3a:8c:4f:a4:85:78:f7: 3e:90:e2:7c:15:81:a9:a5:1a:e7:e5:e4:e6:68:41: 85:a5:1b:87:2b:03:a0:05:2b:fc:ed:85:fa:7e:2c: 4b:0a:e8:66:95:d7:cf:c3:a9:65:4f:b0:96:34:bd: 60:29:54:50:12:9b:29:00:ef:1b:02:20:a0:21:d2: 2a:70:2d:90:c9:cb:42:a8:09:fb:69:23:43:3d:b7: b0:70:d3:a0:0f:3d:32:d7:4b:57:d4:ed:0d:46:84: 12:f8:59:95:50:27:6c:00:81:39:d9:a9:20:af:dd: 91:ae:5b:b8:74:44:ab:83:00:8e:b1:b6:5e:66:16: ac:c1:57:1b:34:1b:d4:35:89:7e:8e:07:15:5a:36: 55:96:a7:03:15:97:8c:5b:42:20:6e:c4:ad:02:4c: 55:22:e2:f6:92:ad:19:aa:c6:bb:a4:e8:d3:26:eb: b8:d9:b7:a9:37:e9:94:54:44:7b:06:d2:84:c7:ff: 43:7e:2b:23:9e:85:e0:61:e2:a2:ff:4c:71:67:40: b8:0f:53:fb:0c:7f:b5:6f:1d:ab:00:b9:8c:74:11: 9a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:AA:0D:21:5D:32:B0:7C:98:4B:51:42:88:3E:9E:B6:EF:21:A5:14 X509v3 Authority Key Identifier: keyid:DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:80:99:32:25:3c:24:b5:51:dd:d0:4d:4e:6a:83:54:da:1e: e4:03:d9:12:4d:9c:29:37:c0:b0:3c:66:06:c4:20:76:52:54: 84:a7:86:3f:bf:3c:cf:c5:80:d8:12:03:e4:a8:fb:fb:b5:87: fd:94:d0:07:a7:35:55:3a:5b:e6:60:a9:cc:79:6c:2e:2c:50: 10:12:e3:3f:b5:05:bf:e3:8c:2d:c3:d8:65:52:a4:14:6e:fb: 78:77:3c:15:e4:31:b4:8a:d3:16:67:69:e9:24:30:9b:a7:a5: bc:b2:76:c3:1d:cc:72:88:0b:b6:b7:b9:09:ab:38:08:58:ae: 9b:00:e8:af:9b:f8:f6:22:27:cc:f3:51:1e:96:0b:b2:e4:05: 27:9e:2c:e0:8f:46:35:cf:e3:09:63:80:2e:f0:31:0a:51:79: cf:05:66:94:c7:04:b8:df:ca:cc:79:2c:66:64:5a:bf:59:89: 95:7f:05:0a:83:17:87:c3:bb:a2:86:e4:f1:25:0e:9a:94:5b: b4:4e:ae:f3:fd:65:ae:66:c7:15:45:f1:cd:f8:65:86:a9:22: 27:db:81:8f:06:55:4f:c8:c3:d2:dd:aa:ca:90:c0:8a:80:58: a6:62:6f:5a:a7:f9:56:22:10:5e:70:5f:42:12:18:af:3b:6a: 3b:3e:c5:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d3ZLcUEZdDbMNZbLukxJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMThkMGFlMmJjZjY3ZDQxNGEyNzVjYjM4NGYyZDM5NjBh ODM3YmQwHhcNMjUxMjA2MjEwMDM4WhcNMjUxMjA3MjEwMDM4WjAzMTEwLwYDVQQD Eyg3MmFhMGQyMTVkMzJiMDdjOTg0YjUxNDI4ODNlOWViNmVmMjFhNTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTkume2cbv3MA3yHRKmn9n2SdR02 wZRp1dnuyjiTirpytdf2KDqMT6SFePc+kOJ8FYGppRrn5eTmaEGFpRuHKwOgBSv8 7YX6fixLCuhmldfPw6llT7CWNL1gKVRQEpspAO8bAiCgIdIqcC2QyctCqAn7aSND PbewcNOgDz0y10tX1O0NRoQS+FmVUCdsAIE52akgr92Rrlu4dESrgwCOsbZeZhas wVcbNBvUNYl+jgcVWjZVlqcDFZeMW0IgbsStAkxVIuL2kq0Zqsa7pOjTJuu42bep N+mUVER7BtKEx/9DfisjnoXgYeKi/0xxZ0C4D1P7DH+1bx2rALmMdBGahQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKqDSFdMrB8mEtRQog+nrbvIaUUMB8GA1UdIwQY MBaAFNsY0K4rz2fUFKJ1yzhPLTlgqDe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQt MGFjZWJhYTY3Yjc5LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQtMGFjZWJhYTY3Yjc5 LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdYCZMiU8 JLVR3dBNTmqDVNoe5APZEk2cKTfAsDxmBsQgdlJUhKeGP788z8WA2BID5Kj7+7WH /ZTQB6c1VTpb5mCpzHlsLixQEBLjP7UFv+OMLcPYZVKkFG77eHc8FeQxtIrTFmdp 6SQwm6elvLJ2wx3McogLtre5Cas4CFiumwDor5v49iInzPNRHpYLsuQFJ54s4I9G Nc/jCWOALvAxClF5zwVmlMcEuN/KzHksZmRav1mJlX8FCoMXh8O7oobk8SUOmpRb tE6u8/1lrmbHFUXxzfhlhqkiJ9uBjwZVT8jD0t2qypDAioBYpmJvWqf5ViIQXnBf QhIYrztqOz7FFA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:57:52 2025 by rpki-client