This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft File: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft (raw, json) Hash identifier: 7H2TFapYcvdCOecw4OADGl4eAEO2zYCGsIQIepTBNHw= Subject key identifier: E7:81:BD:88:4E:70:FD:4A:74:88:C9:43:A2:E5:42:BF:49:89:70:D9 Authority key identifier: D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51 Certificate issuer: /CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51 Certificate serial: 019AF23FDD7555EA49B0970617B796C087EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft Manifest number: 01FE Signing time: Sat 06 Dec 2025 06:01:02 +0000 Manifest this update: Sat 06 Dec 2025 06:01:02 +0000 Manifest next update: Sun 07 Dec 2025 06:01:02 +0000 Files and hashes: 1: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl (hash: 34afdK9AY6DgVE2v8Oj9RoQ2o7KPShRYXrc3ZSYSIvA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:dd:75:55:ea:49:b0:97:06:17:b7:96:c0:87:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51 Validity Not Before: Dec 6 06:01:02 2025 GMT Not After : Dec 7 06:01:02 2025 GMT Subject: CN=e781bd884e70fd4a7488c943a2e542bf498970d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:42:96:10:ee:01:ee:f2:b7:b6:6b:d3:94:2a: 2e:12:87:5d:fd:2e:66:c8:31:47:3a:a8:ac:01:59: ff:7a:67:8a:e3:eb:fa:e9:ae:ed:be:3d:66:fb:fe: c3:6e:6c:03:40:d1:c1:7c:17:22:e9:fd:f4:e3:99: c2:80:33:4d:68:54:37:54:8e:f0:a6:65:44:aa:37: 33:19:32:38:20:0b:df:aa:2a:4e:6e:97:44:08:73: 03:79:bd:9f:c5:c2:75:d5:19:70:63:a3:d4:c6:4d: 6e:2b:d1:10:b8:93:60:72:1e:20:cd:3c:30:c0:d8: d4:1c:20:4e:61:e0:2a:fa:82:9c:06:25:05:d4:b1: 82:d6:a2:70:34:4b:89:d1:bd:a3:a9:01:14:a3:75: c6:67:20:c7:d7:46:4c:91:88:84:6b:84:b2:a2:1d: b0:30:58:e1:e5:4b:cc:4a:02:33:b5:bb:3c:20:f8: bf:e1:ce:ed:74:7b:7c:3a:65:61:49:78:ae:ad:b2: 17:f3:0c:6a:7f:e0:c6:95:d1:e6:ad:8e:51:de:85: e1:03:f8:bc:9c:cb:4c:ae:9e:d8:cf:1e:7b:32:4a: ec:fa:25:42:86:d1:f9:e6:29:92:e6:6d:43:b3:75: 9e:f9:c2:9d:c5:88:6c:0e:a1:e6:2d:22:27:0c:ba: 03:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:81:BD:88:4E:70:FD:4A:74:88:C9:43:A2:E5:42:BF:49:89:70:D9 X509v3 Authority Key Identifier: keyid:D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:19:5c:9a:01:47:39:b9:bc:bb:d3:64:9f:a3:b3:f9:86:31: 10:0a:ec:34:20:ff:ec:92:ce:dc:1c:63:ca:45:6d:19:ab:b5: 00:d2:c5:7d:f2:15:b4:86:ac:ad:50:9c:00:87:eb:6e:10:1c: 42:8b:dd:98:fb:c3:38:37:d9:c7:d2:9e:b4:af:1f:90:1c:cc: 96:91:ed:3e:78:cd:3e:b0:de:78:18:b3:dd:a2:c8:06:5c:14: c0:ac:ea:4a:d9:90:fd:2b:c8:84:82:9a:21:78:85:63:5c:83: b1:ce:b3:e2:33:02:e5:e1:ed:03:8b:b1:19:11:f4:b3:ef:e1: 43:cd:35:b6:6a:3f:02:06:b4:dd:af:bf:02:03:f0:92:d9:7a: f9:a3:e1:26:b5:2e:e1:43:80:a9:67:23:83:3d:76:28:7e:f5: fc:04:2f:d3:48:30:1c:4c:76:73:5b:bf:35:e3:cb:8b:16:3d: 18:c0:3d:2e:62:d9:78:62:b6:3e:7d:e8:96:a3:22:5b:27:51: 33:7a:61:2e:b1:c2:92:4b:37:3c:a9:61:b9:02:59:92:f8:c3: ba:52:b4:e3:e1:06:7c:1a:0a:75:b7:7d:24:57:b5:b2:5c:c4: 66:1f:d7:87:31:62:72:59:97:43:d9:1d:d0:69:b3:67:37:7d: 62:7f:72:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP911VepJsJcGF7eWwIfqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjgyZDJjY2FkNGU0MWE1NTIwOTQ5N2VlMGZlMjdmMzkw MWJiNTEwHhcNMjUxMjA2MDYwMTAyWhcNMjUxMjA3MDYwMTAyWjAzMTEwLwYDVQQD EyhlNzgxYmQ4ODRlNzBmZDRhNzQ4OGM5NDNhMmU1NDJiZjQ5ODk3MGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikKWEO4B7vK3tmvTlCouEodd/S5m yDFHOqisAVn/emeK4+v66a7tvj1m+/7DbmwDQNHBfBci6f3045nCgDNNaFQ3VI7w pmVEqjczGTI4IAvfqipObpdECHMDeb2fxcJ11RlwY6PUxk1uK9EQuJNgch4gzTww wNjUHCBOYeAq+oKcBiUF1LGC1qJwNEuJ0b2jqQEUo3XGZyDH10ZMkYiEa4Syoh2w MFjh5UvMSgIztbs8IPi/4c7tdHt8OmVhSXiurbIX8wxqf+DGldHmrY5R3oXhA/i8 nMtMrp7Yzx57Mkrs+iVChtH55imS5m1Ds3We+cKdxYhsDqHmLSInDLoDpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOeBvYhOcP1KdIjJQ6LlQr9JiXDZMB8GA1UdIwQY MBaAFNhoLSzK1OQaVSCUl+4P4n85AbtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTct NWM3ZTlmZTZlMWE5LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTctNWM3ZTlmZTZlMWE5 LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADhlcmgFH Obm8u9Nkn6Oz+YYxEArsNCD/7JLO3BxjykVtGau1ANLFffIVtIasrVCcAIfrbhAc QovdmPvDODfZx9KetK8fkBzMlpHtPnjNPrDeeBiz3aLIBlwUwKzqStmQ/SvIhIKa IXiFY1yDsc6z4jMC5eHtA4uxGRH0s+/hQ801tmo/Aga03a+/AgPwktl6+aPhJrUu 4UOAqWcjgz12KH71/AQv00gwHEx2c1u/NePLixY9GMA9LmLZeGK2Pn3olqMiWydR M3phLrHCkks3PKlhuQJZkvjDulK04+EGfBoKdbd9JFe1slzEZh/XhzFiclmXQ9kd 0GmzZzd9Yn9yug== -----END CERTIFICATE-----Generated at Sat Dec 6 14:22:29 2025 by rpki-client