This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft File: 2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json) Hash identifier: 2B7YqfjGagL0PabWUxEY1kpLkXW3TfnoJpO+BduzdHo= Subject key identifier: 72:B9:2D:6D:58:80:4C:AD:61:5C:EB:E9:00:07:31:6E:83:99:EB:C0 Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 Certificate issuer: /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Certificate serial: 019AF4654733153E6C8D8F6FC0901726A263 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft Manifest number: 13F4 Signing time: Sat 06 Dec 2025 16:01:09 +0000 Manifest this update: Sat 06 Dec 2025 16:01:09 +0000 Manifest next update: Sun 07 Dec 2025 16:01:09 +0000 Files and hashes: 1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: lK2lRe0fzUMbCPoUQ0MYNYoTN+NS+PQUzBQ2Sg/HcOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 16:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:47:33:15:3e:6c:8d:8f:6f:c0:90:17:26:a2:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Validity Not Before: Dec 6 16:01:09 2025 GMT Not After : Dec 7 16:01:09 2025 GMT Subject: CN=72b92d6d58804cad615cebe90007316e8399ebc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:1d:a2:c2:10:76:d7:ea:59:fa:59:ac:f3:b0: cf:d2:bd:7a:e8:77:07:43:13:a2:60:6e:1d:23:b9: 11:d5:b4:ce:ec:54:4e:8c:cc:c5:d7:8e:89:1f:fd: 6d:63:a7:7f:86:4a:11:c3:82:fb:de:05:0c:d5:4e: 88:4e:a9:a4:80:82:b6:f8:ce:0b:62:8f:27:e1:93: cf:d3:17:ca:43:4c:be:a0:11:f8:79:6d:f3:09:25: 25:4e:71:43:10:63:71:37:52:00:41:b0:49:e7:9e: ce:1c:06:5c:55:47:0b:75:76:3c:fe:6d:ff:c0:b9: 23:1b:db:c9:37:06:51:70:42:02:5e:df:cf:3d:28: 7c:63:97:64:45:4a:f5:30:f9:da:f7:ef:8e:dc:60: 82:48:2a:bf:c7:bf:01:8b:ec:10:7b:02:8e:34:91: 4f:b7:23:7b:ab:2f:9b:f5:d0:04:94:2f:83:a5:aa: a7:af:08:87:04:c4:c2:29:ae:b6:fc:de:7f:6c:20: 45:43:7f:4c:ab:82:75:bf:63:2c:34:97:75:35:8b: 7f:ed:60:68:9d:a7:c3:62:d0:36:31:4f:96:94:a2: c9:20:41:0f:c0:c2:96:72:2c:2f:94:65:5d:72:d4: 79:17:14:36:5c:7c:c2:e0:88:15:8a:03:4b:9e:e9: 1e:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:B9:2D:6D:58:80:4C:AD:61:5C:EB:E9:00:07:31:6E:83:99:EB:C0 X509v3 Authority Key Identifier: keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:00:89:31:8a:28:98:9c:cc:42:bd:4c:3a:a5:30:7c:8e:5f: a5:82:fa:9f:ab:07:71:51:60:39:75:17:8d:27:fa:89:53:57: 3f:68:1f:9a:71:8d:0f:4a:36:37:9c:f9:e1:1b:88:ef:2c:b0: 47:a0:3f:3d:9b:33:79:07:47:a9:32:cf:c7:0b:ea:e5:86:c7: b4:4a:28:83:af:b2:0e:46:7e:ca:f9:70:eb:db:a7:6a:e9:30: 5e:9f:bd:20:15:e8:ec:90:ef:22:91:ae:1d:23:84:f8:28:ba: d1:2f:f1:b5:fa:81:c9:f1:be:94:c0:89:8c:c2:9d:61:6b:9c: 09:1c:ce:92:79:d0:a1:28:20:16:6f:c0:f4:a8:f6:17:00:d6: b6:d0:8a:22:bf:59:7f:ba:3a:6f:5d:98:e7:74:cb:9e:8a:18: 69:ce:6a:f0:95:d7:2c:5c:e6:5f:b1:b3:4b:87:a1:37:82:82: 6a:a7:57:62:3e:0d:e9:2e:36:9c:51:71:f9:a3:52:09:c3:53: f3:84:85:68:e5:de:c4:9b:45:91:36:50:22:34:84:dd:7b:ac: cb:7a:0e:6d:c8:24:b8:ca:ee:20:c4:e9:e8:66:09:63:b0:29: 06:9d:48:75:ae:bb:25:e2:35:a3:54:1b:b5:3b:02:7d:91:dc: 10:df:2d:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZUczFT5sjY9vwJAXJqJjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz YWQzZDkwHhcNMjUxMjA2MTYwMTA5WhcNMjUxMjA3MTYwMTA5WjAzMTEwLwYDVQQD Eyg3MmI5MmQ2ZDU4ODA0Y2FkNjE1Y2ViZTkwMDA3MzE2ZTgzOTllYmMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx2iwhB21+pZ+lms87DP0r166HcH QxOiYG4dI7kR1bTO7FROjMzF146JH/1tY6d/hkoRw4L73gUM1U6ITqmkgIK2+M4L Yo8n4ZPP0xfKQ0y+oBH4eW3zCSUlTnFDEGNxN1IAQbBJ557OHAZcVUcLdXY8/m3/ wLkjG9vJNwZRcEICXt/PPSh8Y5dkRUr1MPna9++O3GCCSCq/x78Bi+wQewKONJFP tyN7qy+b9dAElC+DpaqnrwiHBMTCKa62/N5/bCBFQ39Mq4J1v2MsNJd1NYt/7WBo nafDYtA2MU+WlKLJIEEPwMKWciwvlGVdctR5FxQ2XHzC4IgVigNLnukebwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHK5LW1YgEytYVzr6QAHMW6DmevAMB8GA1UdIwQY MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5 LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQCJMYoo mJzMQr1MOqUwfI5fpYL6n6sHcVFgOXUXjSf6iVNXP2gfmnGND0o2N5z54RuI7yyw R6A/PZszeQdHqTLPxwvq5YbHtEoog6+yDkZ+yvlw69unaukwXp+9IBXo7JDvIpGu HSOE+Ci60S/xtfqByfG+lMCJjMKdYWucCRzOknnQoSggFm/A9Kj2FwDWttCKIr9Z f7o6b12Y53TLnooYac5q8JXXLFzmX7GzS4ehN4KCaqdXYj4N6S42nFFx+aNSCcNT 84SFaOXexJtFkTZQIjSE3Xusy3oObcgkuMruIMTp6GYJY7ApBp1Ida67JeI1o1Qb tTsCfZHcEN8twg== -----END CERTIFICATE-----Generated at Sun Dec 7 01:36:26 2025 by rpki-client