This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft File: 2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json) Hash identifier: xQO5y0nXtDjpq2UXK0CS+CfSYeo2FKn5ti9TTUm+zYA= Subject key identifier: C0:8E:1F:98:10:81:E7:C3:53:96:58:72:B3:ED:95:81:D5:4E:1E:85 Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5 Certificate issuer: /CN=da54c820ee5415432c68b013619275ff4c6e6ea5 Certificate serial: 019AF31C4F435A8981E6D14EE4FFB8776AA7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft Manifest number: 07E6 Signing time: Sat 06 Dec 2025 10:01:50 +0000 Manifest this update: Sat 06 Dec 2025 10:01:50 +0000 Manifest next update: Sun 07 Dec 2025 10:01:50 +0000 Files and hashes: 1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: PLE3MpO4FwV2m2TUeSpm2oUJDl/0lNExCe5t5h4tQL0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:4f:43:5a:89:81:e6:d1:4e:e4:ff:b8:77:6a:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5 Validity Not Before: Dec 6 10:01:50 2025 GMT Not After : Dec 7 10:01:50 2025 GMT Subject: CN=c08e1f981081e7c353965872b3ed9581d54e1e85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:93:86:79:e8:7d:aa:85:e5:b9:93:bf:7b:a0: 03:8a:df:ac:c3:89:bd:22:2d:95:04:0a:0b:19:4c: 1c:0f:0b:29:6c:e3:26:a6:0b:96:ae:93:8b:b4:98: 71:27:c9:77:5a:a9:9e:ac:6e:b7:12:33:b7:8c:16: 32:0a:a2:8d:00:03:78:b9:6c:32:e4:67:b5:48:7b: db:5a:a8:f9:d3:d5:e8:ce:22:c7:00:e0:be:e8:4a: 83:38:b2:85:9e:a2:c2:de:55:b3:9c:a1:c0:5f:fb: d3:16:81:ab:9f:63:2e:e2:3d:d2:b1:6d:2f:3a:23: a7:17:74:95:1c:c1:4c:e1:d7:51:6c:3d:34:bd:e5: 43:18:47:1e:91:64:fc:a0:46:7f:37:b0:62:ed:2e: 43:f2:c4:0e:8a:94:f7:cd:3e:72:a7:12:31:15:e3: cb:fa:bc:09:f9:8d:51:8a:de:90:7b:ba:19:cd:7d: 81:f7:f6:50:1f:a5:bb:61:21:6e:9f:1f:12:1f:67: 6b:69:49:54:7c:05:d0:61:83:87:e2:2d:c6:fe:e7: 44:da:70:93:53:d3:08:fc:45:7e:fe:79:08:fb:92: 0d:68:97:d3:12:81:22:ed:7e:05:f6:84:c6:a1:bb: 41:66:a4:ba:40:65:d8:65:1c:30:b1:77:35:5c:d5: d3:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:8E:1F:98:10:81:E7:C3:53:96:58:72:B3:ED:95:81:D5:4E:1E:85 X509v3 Authority Key Identifier: keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:12:e2:36:e1:af:8c:63:37:2c:5c:fd:37:f9:b5:81:8d:e3: 53:52:2f:1f:f9:aa:9c:ff:28:16:df:6c:f4:48:1e:1f:6d:e7: 58:fd:99:39:71:76:8b:fb:e9:2f:8f:dd:c0:82:6f:7d:ec:97: 72:35:5e:1a:c6:96:5a:8d:53:05:37:75:e3:29:44:39:a9:c3: 38:7f:38:8d:1d:c9:5b:04:70:f1:77:cf:be:8b:9d:57:69:ab: 30:8a:9b:70:4e:31:ca:7b:d0:04:ac:9b:63:d0:c2:af:4e:26: f8:a6:3a:40:25:7d:4e:6b:f1:e2:27:11:53:80:c8:ed:bf:f2: 63:b6:df:c5:ca:b6:73:fd:8f:b8:d0:c7:e4:82:57:6b:f4:b6: cd:56:89:45:26:1d:ae:1e:0c:a6:4d:c2:0a:52:2e:34:e2:87: 9d:1a:0a:da:4b:6e:d1:53:b3:9e:75:ae:08:57:b2:23:7b:5a: e7:74:35:27:a4:81:58:f0:12:64:be:5b:14:01:e9:8f:b3:f8: a7:f8:83:50:83:c7:2c:eb:49:d6:57:8c:f9:86:2c:8d:eb:fb: 5c:68:81:08:36:04:f5:86:29:40:0a:1d:84:ef:e6:6a:bd:39: 98:48:45:7b:6b:17:4b:29:0b:c3:2a:4f:15:e4:90:0b:40:3d: dc:1d:81:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHE9DWomB5tFO5P+4d2qnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2 ZTZlYTUwHhcNMjUxMjA2MTAwMTUwWhcNMjUxMjA3MTAwMTUwWjAzMTEwLwYDVQQD EyhjMDhlMWY5ODEwODFlN2MzNTM5NjU4NzJiM2VkOTU4MWQ1NGUxZTg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZOGeeh9qoXluZO/e6ADit+sw4m9 Ii2VBAoLGUwcDwspbOMmpguWrpOLtJhxJ8l3WqmerG63EjO3jBYyCqKNAAN4uWwy 5Ge1SHvbWqj509XoziLHAOC+6EqDOLKFnqLC3lWznKHAX/vTFoGrn2Mu4j3SsW0v OiOnF3SVHMFM4ddRbD00veVDGEcekWT8oEZ/N7Bi7S5D8sQOipT3zT5ypxIxFePL +rwJ+Y1Rit6Qe7oZzX2B9/ZQH6W7YSFunx8SH2draUlUfAXQYYOH4i3G/udE2nCT U9MI/EV+/nkI+5INaJfTEoEi7X4F9oTGobtBZqS6QGXYZRwwsXc1XNXTXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMCOH5gQgefDU5ZYcrPtlYHVTh6FMB8GA1UdIwQY MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABBLiNuGv jGM3LFz9N/m1gY3jU1IvH/mqnP8oFt9s9EgeH23nWP2ZOXF2i/vpL4/dwIJvfeyX cjVeGsaWWo1TBTd14ylEOanDOH84jR3JWwRw8XfPvoudV2mrMIqbcE4xynvQBKyb Y9DCr04m+KY6QCV9Tmvx4icRU4DI7b/yY7bfxcq2c/2PuNDH5IJXa/S2zVaJRSYd rh4Mpk3CClIuNOKHnRoK2ktu0VOznnWuCFeyI3ta53Q1J6SBWPASZL5bFAHpj7P4 p/iDUIPHLOtJ1leM+YYsjev7XGiBCDYE9YYpQAodhO/mar05mEhFe2sXSykLwypP FeSQC0A93B2BEA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:57:11 2025 by rpki-client