This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft File: 2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json) Hash identifier: e4+G6+AE/cLAC+siNYMFcEUghdNNirEbOBztrhagFLE= Subject key identifier: 5D:C4:7A:A9:5B:BA:75:81:EC:F5:DA:F7:EA:30:C7:FF:7C:A8:AF:8A Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35 Certificate issuer: /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35 Certificate serial: 019AF4658CDE4ADD4BD93E6765466D1CFC82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 16:01:27 +0000 Manifest this update: Sat 06 Dec 2025 16:01:27 +0000 Manifest next update: Sun 07 Dec 2025 16:01:27 +0000 Files and hashes: 1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: jh+XfASjRFhLnkTLZKGZH5IEw71EKEnouEwdW86c+As=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:8c:de:4a:dd:4b:d9:3e:67:65:46:6d:1c:fc:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35 Validity Not Before: Dec 6 16:01:27 2025 GMT Not After : Dec 7 16:01:27 2025 GMT Subject: CN=5dc47aa95bba7581ecf5daf7ea30c7ff7ca8af8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ae:08:46:2a:99:8f:e7:96:76:36:0b:e7:4a: e6:71:be:01:47:ad:49:7d:38:84:61:0c:0f:a9:ae: 36:b2:6d:5a:99:61:4e:a7:15:96:d1:11:fa:da:3d: fb:70:71:c6:6b:ef:ac:15:e4:c9:e7:24:c5:4c:49: e0:73:9d:09:f0:1d:40:da:ed:8c:9b:de:88:90:12: c6:fa:aa:d5:1d:14:aa:7e:98:03:e9:9d:77:81:4b: 81:a8:ef:b6:64:34:a7:a6:e8:72:db:b8:a2:00:32: d5:62:2a:b4:52:84:a5:bd:53:b4:a9:a5:26:60:53: 74:fe:9e:44:be:c2:13:28:9c:4d:e4:a6:92:41:6a: b9:55:76:05:6c:77:9b:eb:59:0d:45:39:5a:e5:1f: 71:da:23:41:ee:f7:1e:3e:4f:e5:57:ac:b4:01:bf: 96:fb:7f:78:70:46:38:e6:d4:17:fe:ac:3b:bb:1a: 0d:af:e0:d2:15:b5:ef:ee:f3:48:06:2f:61:77:c1: 76:6f:51:10:74:2d:4e:f9:d2:aa:5a:03:8c:09:70: 58:1a:3c:76:82:77:14:e5:b8:1b:36:21:78:74:f0: c7:7f:64:82:1f:cb:2e:76:98:fe:b8:b2:75:2b:1a: e8:ca:e4:0a:a9:74:c0:ff:4b:ad:ae:80:c2:65:db: 15:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:C4:7A:A9:5B:BA:75:81:EC:F5:DA:F7:EA:30:C7:FF:7C:A8:AF:8A X509v3 Authority Key Identifier: keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:f8:e7:01:a0:cf:32:98:0d:1f:8f:ed:02:47:0a:d1:62:1a: 46:0f:d2:1f:c5:58:d8:4d:66:76:41:e7:e1:78:29:57:70:7a: 7e:32:64:4a:e3:10:a6:37:dc:f5:5f:6c:99:1f:d7:b6:77:aa: 52:bb:a9:22:c4:10:95:47:c7:40:c1:6c:40:78:11:fc:f7:d9: 6f:07:91:df:6c:5b:f6:c8:bd:78:82:7c:b1:dd:60:56:81:e4: 11:60:01:1d:2d:2a:7a:f6:18:2c:50:9d:da:a9:fa:08:9a:6b: e8:41:44:22:60:1b:7a:9b:13:9d:c6:a4:69:a4:1e:f0:dc:a8: b8:43:47:3f:f1:b9:c8:08:16:e1:ae:32:c1:ee:c9:3a:74:35: b2:a3:f1:39:d1:1f:af:7d:3d:be:82:fd:c2:d0:47:eb:b0:9c: 5e:31:d8:bd:75:43:e3:34:38:34:e7:9f:3c:c3:64:60:22:d6: 97:01:4c:08:41:25:33:bc:e2:00:e8:29:ce:75:9a:81:02:82: 24:b7:41:17:1b:e4:7c:d9:25:38:4d:e9:1e:96:77:e2:24:da: 4c:2e:f0:fb:8e:8b:39:e0:31:65:8a:aa:cc:a0:05:bf:e1:32: 48:7f:89:b0:b3:0f:17:84:41:3a:49:e0:21:0d:e0:a5:c6:d7: 2d:8d:f2:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZYzeSt1L2T5nZUZtHPyCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3 MTRmMzUwHhcNMjUxMjA2MTYwMTI3WhcNMjUxMjA3MTYwMTI3WjAzMTEwLwYDVQQD Eyg1ZGM0N2FhOTViYmE3NTgxZWNmNWRhZjdlYTMwYzdmZjdjYThhZjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs64IRiqZj+eWdjYL50rmcb4BR61J fTiEYQwPqa42sm1amWFOpxWW0RH62j37cHHGa++sFeTJ5yTFTEngc50J8B1A2u2M m96IkBLG+qrVHRSqfpgD6Z13gUuBqO+2ZDSnpuhy27iiADLVYiq0UoSlvVO0qaUm YFN0/p5EvsITKJxN5KaSQWq5VXYFbHeb61kNRTla5R9x2iNB7vcePk/lV6y0Ab+W +394cEY45tQX/qw7uxoNr+DSFbXv7vNIBi9hd8F2b1EQdC1O+dKqWgOMCXBYGjx2 gncU5bgbNiF4dPDHf2SCH8sudpj+uLJ1KxroyuQKqXTA/0utroDCZdsVhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF3EeqlbunWB7PXa9+owx/98qK+KMB8GA1UdIwQY MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvjnAaDP MpgNH4/tAkcK0WIaRg/SH8VY2E1mdkHn4XgpV3B6fjJkSuMQpjfc9V9smR/Xtneq UrupIsQQlUfHQMFsQHgR/PfZbweR32xb9si9eIJ8sd1gVoHkEWABHS0qevYYLFCd 2qn6CJpr6EFEImAbepsTncakaaQe8NyouENHP/G5yAgW4a4ywe7JOnQ1sqPxOdEf r309voL9wtBH67CcXjHYvXVD4zQ4NOefPMNkYCLWlwFMCEElM7ziAOgpznWagQKC JLdBFxvkfNklOE3pHpZ34iTaTC7w+46LOeAxZYqqzKAFv+EySH+JsLMPF4RBOkng IQ3gpcbXLY3ymQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:23:46 2025 by rpki-client