This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft File: 2wy7NfYw1Aytd1B_2r03_e3BIQM.mft (raw, json) Hash identifier: mQPe7kgDIBGZSLgmX7/P+6llHoNyGjnEqREdYBWx03g= Subject key identifier: 20:83:89:50:21:99:9E:4E:35:62:7F:6C:3D:ED:E4:D7:8D:58:0C:6D Authority key identifier: DB:0C:BB:35:F6:30:D4:0C:AD:77:50:7F:DA:BD:37:FD:ED:C1:21:03 Certificate issuer: /CN=db0cbb35f630d40cad77507fdabd37fdedc12103 Certificate serial: 019AF12CF86BA538BA169C88116EF3D5A24A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2wy7NfYw1Aytd1B_2r03_e3BIQM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft Manifest number: 0215 Signing time: Sat 06 Dec 2025 01:00:47 +0000 Manifest this update: Sat 06 Dec 2025 01:00:47 +0000 Manifest next update: Sun 07 Dec 2025 01:00:47 +0000 Files and hashes: 1: 2wy7NfYw1Aytd1B_2r03_e3BIQM.crl (hash: htw1r3tzt6O9951OtbJvbjI+nlb9iRw2lIY3WCSozaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft rsync://rpki.ripe.net/repository/DEFAULT/2wy7NfYw1Aytd1B_2r03_e3BIQM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:f8:6b:a5:38:ba:16:9c:88:11:6e:f3:d5:a2:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db0cbb35f630d40cad77507fdabd37fdedc12103 Validity Not Before: Dec 6 01:00:47 2025 GMT Not After : Dec 7 01:00:47 2025 GMT Subject: CN=2083895021999e4e35627f6c3dede4d78d580c6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:51:b8:9a:01:18:91:44:28:44:ff:ac:6c:0b: e8:2f:74:3c:32:9c:b9:95:0e:2d:d6:50:42:cd:67: 33:7d:5a:55:ea:92:81:2c:ee:c3:cb:66:95:a9:f5: d6:ff:f5:53:7c:2d:5e:37:80:e5:45:53:fe:34:61: 47:92:e9:6f:8c:3b:f1:23:7f:fe:49:9a:39:f8:62: c2:ed:a3:6c:de:ce:96:0d:90:47:fe:5f:a6:8b:5a: 3b:f3:12:54:7f:2c:25:d3:1f:18:58:5c:f3:41:20: 10:bf:02:68:40:1d:8e:fe:de:ce:71:29:78:4c:14: 4d:21:a5:1d:0a:9a:7b:c4:70:37:5a:fa:48:cd:74: 22:1d:86:59:57:fc:61:35:aa:9a:e9:b6:3d:58:04: 69:e7:df:ae:2b:80:c6:fd:71:bf:51:a7:dc:28:2a: 36:c7:73:23:99:da:b3:3e:88:46:99:11:6e:61:13: 81:df:3e:60:06:29:2a:9e:d1:22:6d:bd:5f:77:cd: 6c:d9:68:64:8d:37:09:21:28:54:5e:4a:f4:c1:03: 0d:c7:cd:0f:b2:ce:8a:51:c3:c6:20:2c:7e:b2:7c: b1:fe:19:0b:28:e0:b5:34:08:7e:bc:b6:a6:61:31: 48:01:8e:66:2e:bb:cc:c4:95:e8:b4:fd:a3:2c:82: b9:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:83:89:50:21:99:9E:4E:35:62:7F:6C:3D:ED:E4:D7:8D:58:0C:6D X509v3 Authority Key Identifier: keyid:DB:0C:BB:35:F6:30:D4:0C:AD:77:50:7F:DA:BD:37:FD:ED:C1:21:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2wy7NfYw1Aytd1B_2r03_e3BIQM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/414e43-02e1-474c-86b4-2c8e0b497380/1/2wy7NfYw1Aytd1B_2r03_e3BIQM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:43:05:5d:d8:84:7c:f2:fd:37:b1:75:11:2a:84:ce:a2:50: e7:22:d3:99:f6:f7:03:33:1e:66:ef:99:37:3f:61:67:b2:53: f4:52:97:4b:85:a3:1b:af:a8:f6:e2:fb:90:ca:61:60:fe:2d: 1d:3b:c8:91:25:57:73:3f:19:77:aa:98:7e:20:46:c3:de:9c: c8:2c:d0:a3:ad:2c:82:ed:f2:c9:1a:fb:46:bd:5b:9b:b4:5e: 4f:1d:4b:9c:c5:01:be:1d:25:92:18:0e:e4:49:77:e4:5e:e0: 6d:e3:f7:26:78:04:3d:dd:98:c0:72:c9:b2:5b:f7:6f:f6:50: d7:70:9f:ad:c7:0f:e0:55:15:6b:e4:01:e9:eb:5a:60:81:48: 12:4a:ec:6c:0b:09:d7:8d:72:d5:d6:3e:a0:9a:1a:8b:75:ed: 2e:14:00:b0:5b:15:5d:aa:15:97:71:54:4b:cd:8d:58:c2:cf: fd:72:dc:d7:92:de:df:14:65:a9:3c:48:92:91:04:56:67:3f: a4:35:94:da:1d:4b:50:36:c5:ea:15:76:d5:b3:6c:e3:d4:e6: 43:88:42:d7:98:f6:50:80:16:7e:77:6a:c2:e6:b2:1e:68:1e: 76:f7:5b:f2:6b:44:c1:5e:69:d7:a3:87:56:96:a2:93:2f:a4: 2f:cb:89:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLPhrpTi6FpyIEW7z1aJKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMGNiYjM1ZjYzMGQ0MGNhZDc3NTA3ZmRhYmQzN2ZkZWRj MTIxMDMwHhcNMjUxMjA2MDEwMDQ3WhcNMjUxMjA3MDEwMDQ3WjAzMTEwLwYDVQQD EygyMDgzODk1MDIxOTk5ZTRlMzU2MjdmNmMzZGVkZTRkNzhkNTgwYzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1G4mgEYkUQoRP+sbAvoL3Q8Mpy5 lQ4t1lBCzWczfVpV6pKBLO7Dy2aVqfXW//VTfC1eN4DlRVP+NGFHkulvjDvxI3/+ SZo5+GLC7aNs3s6WDZBH/l+mi1o78xJUfywl0x8YWFzzQSAQvwJoQB2O/t7OcSl4 TBRNIaUdCpp7xHA3WvpIzXQiHYZZV/xhNaqa6bY9WARp59+uK4DG/XG/UafcKCo2 x3MjmdqzPohGmRFuYROB3z5gBikqntEibb1fd81s2WhkjTcJIShUXkr0wQMNx80P ss6KUcPGICx+snyx/hkLKOC1NAh+vLamYTFIAY5mLrvMxJXotP2jLIK5JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCCDiVAhmZ5ONWJ/bD3t5NeNWAxtMB8GA1UdIwQY MBaAFNsMuzX2MNQMrXdQf9q9N/3twSEDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnd5N05mWXcxQXl0ZDFCXzJyMDNfZTNCSVFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MTRlNDMtMDJlMS00NzRjLTg2YjQt MmM4ZTBiNDk3MzgwLzEvMnd5N05mWXcxQXl0ZDFCXzJyMDNfZTNCSVFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy80MTRlNDMtMDJlMS00NzRjLTg2YjQtMmM4ZTBiNDk3Mzgw LzEvMnd5N05mWXcxQXl0ZDFCXzJyMDNfZTNCSVFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhkMFXdiE fPL9N7F1ESqEzqJQ5yLTmfb3AzMeZu+ZNz9hZ7JT9FKXS4WjG6+o9uL7kMphYP4t HTvIkSVXcz8Zd6qYfiBGw96cyCzQo60sgu3yyRr7Rr1bm7ReTx1LnMUBvh0lkhgO 5El35F7gbeP3JngEPd2YwHLJslv3b/ZQ13CfrccP4FUVa+QB6etaYIFIEkrsbAsJ 141y1dY+oJoai3XtLhQAsFsVXaoVl3FUS82NWMLP/XLc15Le3xRlqTxIkpEEVmc/ pDWU2h1LUDbF6hV21bNs49TmQ4hC15j2UIAWfndqwuayHmgedvdb8mtEwV5p16OH Vpaiky+kL8uJpQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:18:58 2025 by rpki-client