This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json) Hash identifier: XmtsYARZK+lvjloLwlXtYSbRtQcy1lsx9nexUUN540E= Subject key identifier: F2:C9:F6:9B:8D:3E:7D:6A:0B:6A:9A:48:CE:C2:CA:EE:8D:1E:A7:9E Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019AF3899D0DADF031BFFD6B59A3A2AEE02D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft Manifest number: 0A25 Signing time: Sat 06 Dec 2025 12:01:13 +0000 Manifest this update: Sat 06 Dec 2025 12:01:13 +0000 Manifest next update: Sun 07 Dec 2025 12:01:13 +0000 Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=) 2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=) 3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=) 4: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=) 5: QBzq9SwT5Mj7Gipr9Se8Luh44tY.roa (hash: G8hbbzFis0gYCX0QYtBRD4Pqznb+xerkkNt98SZq2jU=) 6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: 7bBEaYxmeU0FsR0zppCFE3/IlZEA+YTIBzb8KHkCh0Y=) 7: W8Ti_dXcYalIUeRHiuN7_Pq4Q6k.roa (hash: 4QiUW7JIueqmFCn96lHxs3k9V/e0E2VEpe0b6/Dk6p8=) 8: XmP5gd5RMoI2I-3CuFjmsoadU-A.roa (hash: yTuyaNUFHzFeSHibSr05GdVIbx2NHYDZL76zx1zzku8=) 9: dLmCIA0WBqPvZ0tgv6iuNeMWI4k.roa (hash: YicG4lKEA73qVApeIKJhpm23B3p/oY3KjALkj9qrn/g=) 10: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=) 11: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=) 12: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=) 13: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=) 14: peFNs9o1tsBGwnwboXKeedD2GlM.roa (hash: Dmic12i1kcUbMMXMNmS8BrjxjQvM2y0e2GWo+yQ4WH0=) 15: vQdExQLdiUm5HPW2ned19BID9dw.roa (hash: 8R/4iMjA1jkjQuW17H+B8/zEgk5IKMSv1XvcdZ37ua0=) 16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:9d:0d:ad:f0:31:bf:fd:6b:59:a3:a2:ae:e0:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Dec 6 12:01:13 2025 GMT Not After : Dec 7 12:01:13 2025 GMT Subject: CN=f2c9f69b8d3e7d6a0b6a9a48cec2caee8d1ea79e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e5:f9:c9:a0:35:20:1f:1e:de:68:fc:44:d1: 09:6f:b8:15:c4:98:92:92:01:a5:f2:6d:e5:0e:0e: 88:ad:4b:66:af:64:06:c6:77:8a:15:9f:0f:68:00: 99:06:33:a2:7e:82:aa:84:0f:6e:eb:c5:f7:c9:ff: e7:dc:c5:1c:e1:dd:95:2d:fe:b4:f0:a7:0c:b2:0d: 26:6f:99:bd:f8:27:95:7b:5e:7c:79:af:48:1d:2c: 21:a3:9b:dc:46:cb:58:36:1e:ae:51:8a:50:b6:ce: 7e:84:4b:a7:81:94:9d:cf:1b:3d:23:f2:04:1d:9b: 0a:45:05:29:95:ce:d7:7d:ac:e7:aa:4d:79:f2:2d: 60:85:6a:67:42:2c:22:e2:fe:7b:b7:ac:b8:d0:08: bb:99:35:46:a7:33:31:2d:c6:79:31:8e:02:41:5f: 19:e7:c2:39:66:64:72:a6:fc:3f:42:58:da:da:43: 3f:7a:de:6d:2b:d5:eb:7e:1a:e4:9a:6c:3d:27:4c: 9f:50:48:ab:a9:44:e0:e3:c5:96:b7:61:04:9d:b4: a8:9a:2d:c0:56:30:18:05:75:8b:68:10:f4:1e:db: 08:ec:38:7a:eb:a6:98:52:ad:a8:89:35:25:50:32: 6f:dd:52:ed:52:7e:5f:97:93:f1:26:2a:2b:e8:8a: da:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:C9:F6:9B:8D:3E:7D:6A:0B:6A:9A:48:CE:C2:CA:EE:8D:1E:A7:9E X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:17:f6:bb:3e:7c:cc:8e:1a:d9:ff:13:e7:2d:64:af:0f:69: 81:02:6d:90:82:5e:cf:50:2f:03:ee:b9:12:48:8e:ef:b1:99: 2c:dc:6f:0d:56:e4:1c:42:75:f1:95:ca:e7:b3:75:cc:04:23: 31:57:8a:f7:89:f5:cb:de:0a:77:57:a9:c6:0a:97:ab:bd:61: 8f:03:8d:4d:ad:aa:0f:21:ae:b9:cb:47:b7:9f:55:7c:f9:a1: 14:e8:c5:cb:f2:39:56:fa:21:af:85:d7:74:b7:51:a0:2d:0f: 6d:f8:fa:1c:9d:97:8a:ec:6d:67:ab:f3:90:45:50:4d:c6:32: 12:93:47:a2:9f:e8:71:db:f7:79:4b:7f:7c:a2:2d:c3:df:8d: dd:ff:e0:94:1b:44:f4:52:0c:96:41:3f:41:ae:e5:32:7c:c5: 50:b6:6e:ce:2e:87:b3:c9:35:88:54:26:6d:2d:d6:23:ae:15: 14:b5:0d:ce:53:76:5c:02:c2:0a:ff:78:20:b8:f9:bc:1f:55: 0a:6d:f5:b5:4e:58:2e:fa:be:57:81:00:9d:08:e5:20:7a:71: 15:0b:d9:11:2d:fc:5a:7d:7d:ec:3b:2a:15:4a:2e:51:0e:f8: fd:ae:f2:a2:2d:43:b7:a4:88:08:52:90:9d:0c:60:8a:7b:7e: 60:dc:25:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziZ0NrfAxv/1rWaOiruAtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUxMjA2MTIwMTEzWhcNMjUxMjA3MTIwMTEzWjAzMTEwLwYDVQQD EyhmMmM5ZjY5YjhkM2U3ZDZhMGI2YTlhNDhjZWMyY2FlZThkMWVhNzllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteX5yaA1IB8e3mj8RNEJb7gVxJiS kgGl8m3lDg6IrUtmr2QGxneKFZ8PaACZBjOifoKqhA9u68X3yf/n3MUc4d2VLf60 8KcMsg0mb5m9+CeVe158ea9IHSwho5vcRstYNh6uUYpQts5+hEungZSdzxs9I/IE HZsKRQUplc7Xfaznqk158i1ghWpnQiwi4v57t6y40Ai7mTVGpzMxLcZ5MY4CQV8Z 58I5ZmRypvw/Qlja2kM/et5tK9Xrfhrkmmw9J0yfUEirqUTg48WWt2EEnbSomi3A VjAYBXWLaBD0HtsI7Dh666aYUq2oiTUlUDJv3VLtUn5fl5PxJior6Ira7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPLJ9puNPn1qC2qaSM7Cyu6NHqeeMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARf2uz58 zI4a2f8T5y1krw9pgQJtkIJez1AvA+65EkiO77GZLNxvDVbkHEJ18ZXK57N1zAQj MVeK94n1y94Kd1epxgqXq71hjwONTa2qDyGuuctHt59VfPmhFOjFy/I5Vvohr4XX dLdRoC0Pbfj6HJ2XiuxtZ6vzkEVQTcYyEpNHop/ocdv3eUt/fKItw9+N3f/glBtE 9FIMlkE/Qa7lMnzFULZuzi6Hs8k1iFQmbS3WI64VFLUNzlN2XALCCv94ILj5vB9V Cm31tU5YLvq+V4EAnQjlIHpxFQvZES38Wn197DsqFUouUQ74/a7yoi1Dt6SICFKQ nQxgint+YNwlmg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:50:08 2025 by rpki-client