This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft File: 2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json) Hash identifier: mf1nmNQBzVbkXnzAsnZiNIf2P2B7dpTUi0Sfp8/8Vdg= Subject key identifier: 40:E8:23:D7:57:A8:0C:74:29:7E:8E:85:D8:2B:CB:D5:AC:DB:D6:4A Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22 Certificate issuer: /CN=d87c32e2495e77496fc202b303164ba408e5d122 Certificate serial: 019AF12DC1129B3EC37E4D61065EBBE90A65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft Manifest number: 165C Signing time: Sat 06 Dec 2025 01:01:38 +0000 Manifest this update: Sat 06 Dec 2025 01:01:38 +0000 Manifest next update: Sun 07 Dec 2025 01:01:38 +0000 Files and hashes: 1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: pc7xm63ISjkkUHjBr/HEoV/SoK7qSRIpcqqDpncNlps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c1:12:9b:3e:c3:7e:4d:61:06:5e:bb:e9:0a:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122 Validity Not Before: Dec 6 01:01:38 2025 GMT Not After : Dec 7 01:01:38 2025 GMT Subject: CN=40e823d757a80c74297e8e85d82bcbd5acdbd64a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:86:62:ed:de:00:2c:3a:f7:6d:8f:36:b5:7f: 20:87:a8:42:fe:ff:56:86:f1:d3:2b:07:56:1e:b8: 10:69:c8:29:47:26:78:2f:9f:bf:e6:68:62:6d:d7: 75:6a:f9:c8:49:0b:5f:14:07:7e:b9:29:15:47:ab: f2:c1:cb:ab:9e:94:d0:c1:0a:58:19:5e:0d:f8:4f: 7b:f0:97:c5:52:e4:a4:98:35:5e:b1:a2:e0:2c:ca: 70:98:3c:44:36:2f:67:a2:96:f0:15:25:3b:d0:38: 7e:26:c1:85:a8:95:83:2b:82:fe:9e:43:84:be:e0: 8e:5f:01:90:32:c3:29:2a:cd:cc:04:a9:90:df:a1: 62:4e:c6:71:40:f1:da:20:7c:2a:db:5a:6b:a3:bc: e7:af:02:c6:2f:49:d4:3f:6f:e3:2f:05:66:a8:0a: 37:2c:b1:88:b0:06:5e:f4:9f:d3:b1:f6:a5:b6:04: c6:7b:a0:dc:4d:e7:3c:fe:01:84:d4:cd:58:4c:4c: 4e:15:cb:f0:f0:16:1a:18:0d:ce:48:00:30:dc:bc: d1:1f:59:8b:9f:9b:f4:38:8c:f3:12:bf:85:df:66: e8:d6:f3:6c:2f:4d:0b:21:d5:24:9a:7d:a0:31:35: 24:c3:ae:14:c0:08:0f:21:e8:3b:95:7b:88:32:ca: 53:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:E8:23:D7:57:A8:0C:74:29:7E:8E:85:D8:2B:CB:D5:AC:DB:D6:4A X509v3 Authority Key Identifier: keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:6b:04:10:d4:da:a7:26:ce:4b:32:5c:72:a8:31:49:8c:f5: fe:ea:60:7f:23:fc:de:90:db:d5:75:f7:9e:8e:85:fb:bd:f1: 0b:6b:ef:2a:e9:31:30:5f:fc:0c:30:4f:06:79:f9:47:f7:48: 43:16:b8:d8:ab:e4:e3:1d:99:c2:3e:8d:34:ef:2e:52:16:34: 57:32:84:d0:ca:7e:18:3d:30:ff:2c:df:26:83:93:b6:fe:e3: e6:fb:ae:67:47:df:c1:ca:69:f8:df:9e:be:87:d9:8a:73:cb: f8:52:78:72:88:11:9c:22:a1:c6:38:92:ac:29:41:29:93:6c: 53:d2:10:d1:1d:2e:46:ef:bc:dc:e7:a7:7f:b5:cb:09:24:d3: c4:4c:87:87:89:42:7b:1f:74:41:92:4d:4f:fb:42:97:13:87: 62:9e:c3:2a:03:cb:31:ae:fa:7f:96:92:a9:dc:ca:e3:78:c7: c3:7b:76:67:b2:bb:a0:07:fd:e0:e5:40:43:e2:01:84:d9:0f: bc:0a:78:38:91:26:e9:f7:b5:f1:2f:78:82:39:ef:ed:9b:51: aa:71:e5:14:87:48:e3:36:fb:a2:03:3c:b9:db:f2:ad:02:7c: 62:f3:76:9e:b4:ab:22:af:b1:a8:d9:6b:9f:ff:fd:5e:a1:c8: 62:ae:57:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcESmz7Dfk1hBl676QplMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl NWQxMjIwHhcNMjUxMjA2MDEwMTM4WhcNMjUxMjA3MDEwMTM4WjAzMTEwLwYDVQQD Eyg0MGU4MjNkNzU3YTgwYzc0Mjk3ZThlODVkODJiY2JkNWFjZGJkNjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoZi7d4ALDr3bY82tX8gh6hC/v9W hvHTKwdWHrgQacgpRyZ4L5+/5mhibdd1avnISQtfFAd+uSkVR6vywcurnpTQwQpY GV4N+E978JfFUuSkmDVesaLgLMpwmDxENi9nopbwFSU70Dh+JsGFqJWDK4L+nkOE vuCOXwGQMsMpKs3MBKmQ36FiTsZxQPHaIHwq21pro7znrwLGL0nUP2/jLwVmqAo3 LLGIsAZe9J/TsfaltgTGe6DcTec8/gGE1M1YTExOFcvw8BYaGA3OSAAw3LzRH1mL n5v0OIzzEr+F32bo1vNsL00LIdUkmn2gMTUkw64UwAgPIeg7lXuIMspTOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEDoI9dXqAx0KX6Ohdgry9Ws29ZKMB8GA1UdIwQY MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1 LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGsEENTa pybOSzJccqgxSYz1/upgfyP83pDb1XX3no6F+73xC2vvKukxMF/8DDBPBnn5R/dI Qxa42Kvk4x2Zwj6NNO8uUhY0VzKE0Mp+GD0w/yzfJoOTtv7j5vuuZ0ffwcpp+N+e vofZinPL+FJ4cogRnCKhxjiSrClBKZNsU9IQ0R0uRu+83Oenf7XLCSTTxEyHh4lC ex90QZJNT/tClxOHYp7DKgPLMa76f5aSqdzK43jHw3t2Z7K7oAf94OVAQ+IBhNkP vAp4OJEm6fe18S94gjnv7ZtRqnHlFIdI4zb7ogM8udvyrQJ8YvN2nrSrIq+xqNlr n//9XqHIYq5XnA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:13:54 2025 by rpki-client