This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.mft File: 2gBH2sju-JRNeMG3omhowD4s5GY.mft (raw, json) Hash identifier: v02/ZlUsB2IxSN5bdsr0X+6/AfjGTRm70vBmcVFl3Dk= Subject key identifier: 6D:AD:65:FA:9C:9E:7D:84:0D:86:FE:75:64:64:55:ED:56:62:7C:BA Authority key identifier: DA:00:47:DA:C8:EE:F8:94:4D:78:C1:B7:A2:68:68:C0:3E:2C:E4:66 Certificate issuer: /CN=da0047dac8eef8944d78c1b7a26868c03e2ce466 Certificate serial: 019AF0BF30A23E5D11FE62A4120AF91FC505 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gBH2sju-JRNeMG3omhowD4s5GY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.mft Manifest number: 1762 Signing time: Fri 05 Dec 2025 23:00:52 +0000 Manifest this update: Fri 05 Dec 2025 23:00:52 +0000 Manifest next update: Sat 06 Dec 2025 23:00:52 +0000 Files and hashes: 1: 2gBH2sju-JRNeMG3omhowD4s5GY.crl (hash: iD5q3/ak2JM1gACYEahDyhTojfq2gJ+adELEWD+BT38=) 2: zOidZa_WBKrrVFNvnxbTNUXsqyA.roa (hash: c6CaCJCPxyhkXhFJHJ0Gvk/jlU50dgYSjedGTRGmMqY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.mft rsync://rpki.ripe.net/repository/DEFAULT/2gBH2sju-JRNeMG3omhowD4s5GY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:30:a2:3e:5d:11:fe:62:a4:12:0a:f9:1f:c5:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da0047dac8eef8944d78c1b7a26868c03e2ce466 Validity Not Before: Dec 5 23:00:52 2025 GMT Not After : Dec 6 23:00:52 2025 GMT Subject: CN=6dad65fa9c9e7d840d86fe75646455ed56627cba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:53:dc:cf:b1:d8:a2:3d:2f:0b:30:bb:9f:90: 4d:6e:5a:69:a4:c4:91:9d:6e:b5:c2:e1:bc:a4:e6: 8c:11:6e:aa:ce:7d:50:30:d0:57:91:7b:c2:12:dc: 28:86:82:6f:bf:ab:6b:f7:cd:18:e2:2c:45:a6:26: 68:70:24:7f:30:f5:d9:f8:34:ae:e4:ae:b5:08:58: 91:24:39:fd:35:de:0b:be:25:59:4c:e7:ad:48:f6: bd:bc:6a:a5:92:21:e5:19:82:ed:50:37:62:b0:eb: 23:16:d1:72:6b:53:47:a3:43:2d:86:44:e3:9b:d6: ab:db:1b:c7:f5:5e:1c:7c:4e:45:2c:19:df:2a:eb: df:e1:a0:c1:04:08:e9:2b:75:ba:2b:26:77:12:d4: 1f:1c:05:6f:c2:e9:9f:9d:b4:9f:b7:33:e6:38:52: e8:e0:b7:5a:94:aa:be:47:50:1c:96:05:ca:1e:40: 1d:9e:c2:7e:86:ef:52:8f:7e:1b:83:ce:6f:3b:74: b9:dc:92:a3:3f:f1:7e:23:38:e5:1d:2e:83:6b:1d: bb:b5:99:21:89:ea:81:d5:6e:0a:23:9b:4f:9d:fb: 75:56:0b:20:43:49:76:0e:78:73:5e:b6:4c:cb:2e: 8c:a3:75:3c:f7:6e:75:fb:ab:6f:55:17:3a:6a:32: 36:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:AD:65:FA:9C:9E:7D:84:0D:86:FE:75:64:64:55:ED:56:62:7C:BA X509v3 Authority Key Identifier: keyid:DA:00:47:DA:C8:EE:F8:94:4D:78:C1:B7:A2:68:68:C0:3E:2C:E4:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gBH2sju-JRNeMG3omhowD4s5GY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:8b:77:c6:5a:3f:b1:d9:62:90:55:89:8f:10:59:fa:98:79: d6:ee:ce:10:51:82:ea:2e:e2:6f:92:8e:0d:f8:2f:3f:09:88: 88:7a:57:37:81:18:4d:2a:e4:08:f1:b0:8f:20:f3:94:24:c5: c0:da:d0:cc:ec:ed:cd:af:fd:cd:48:5f:d5:9f:4f:5a:ef:93: 2d:80:29:98:eb:b9:c4:cc:40:13:09:80:f0:3c:2d:b9:d7:2e: 87:d0:70:72:94:46:1e:9a:66:f0:9c:0d:2f:df:7f:65:c8:38: f7:15:8d:7a:0b:b2:e6:94:9f:66:0a:a1:f9:7a:a6:59:8e:25: f5:bb:a1:f8:94:e9:7f:52:51:16:c1:56:97:82:30:81:3f:40: 3f:c7:74:51:ae:e6:eb:3a:51:55:2d:c4:64:ee:71:1b:04:1a: e2:b1:85:08:ec:fc:86:b3:ff:16:98:51:2f:bd:3a:80:0c:45: db:4a:c7:12:cd:54:f4:52:7d:ff:e8:7b:84:a3:da:49:c4:90: 13:1d:1b:1e:30:e4:1d:23:22:f2:07:18:7f:52:9a:18:aa:c7: e9:1a:cc:a6:a4:a2:20:df:e8:ba:38:3d:13:a6:e3:24:c5:a0: 2c:8b:8d:35:5c:bc:19:8f:4a:d4:36:3d:cd:92:01:4a:72:08: fb:60:a9:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvzCiPl0R/mKkEgr5H8UFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhMDA0N2RhYzhlZWY4OTQ0ZDc4YzFiN2EyNjg2OGMwM2Uy Y2U0NjYwHhcNMjUxMjA1MjMwMDUyWhcNMjUxMjA2MjMwMDUyWjAzMTEwLwYDVQQD Eyg2ZGFkNjVmYTljOWU3ZDg0MGQ4NmZlNzU2NDY0NTVlZDU2NjI3Y2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lPcz7HYoj0vCzC7n5BNblpppMSR nW61wuG8pOaMEW6qzn1QMNBXkXvCEtwohoJvv6tr980Y4ixFpiZocCR/MPXZ+DSu 5K61CFiRJDn9Nd4LviVZTOetSPa9vGqlkiHlGYLtUDdisOsjFtFya1NHo0MthkTj m9ar2xvH9V4cfE5FLBnfKuvf4aDBBAjpK3W6KyZ3EtQfHAVvwumfnbSftzPmOFLo 4LdalKq+R1AclgXKHkAdnsJ+hu9Sj34bg85vO3S53JKjP/F+IzjlHS6Dax27tZkh ieqB1W4KI5tPnft1VgsgQ0l2DnhzXrZMyy6Mo3U89251+6tvVRc6ajI2eQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG2tZfqcnn2EDYb+dWRkVe1WYny6MB8GA1UdIwQY MBaAFNoAR9rI7viUTXjBt6JoaMA+LORmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmdCSDJzanUtSlJOZU1HM29taG93RDRzNUdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83Nzk1OWEtNDFkZS00NmJlLWE1ZjEt YWM5YzhhNTBmMjRlLzEvMmdCSDJzanUtSlJOZU1HM29taG93RDRzNUdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy83Nzk1OWEtNDFkZS00NmJlLWE1ZjEtYWM5YzhhNTBmMjRl LzEvMmdCSDJzanUtSlJOZU1HM29taG93RDRzNUdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi4t3xlo/ sdlikFWJjxBZ+ph51u7OEFGC6i7ib5KODfgvPwmIiHpXN4EYTSrkCPGwjyDzlCTF wNrQzOztza/9zUhf1Z9PWu+TLYApmOu5xMxAEwmA8Dwtudcuh9BwcpRGHppm8JwN L99/Zcg49xWNeguy5pSfZgqh+XqmWY4l9buh+JTpf1JRFsFWl4IwgT9AP8d0Ua7m 6zpRVS3EZO5xGwQa4rGFCOz8hrP/FphRL706gAxF20rHEs1U9FJ9/+h7hKPaScSQ Ex0bHjDkHSMi8gcYf1KaGKrH6RrMpqSiIN/oujg9E6bjJMWgLIuNNVy8GY9K1DY9 zZIBSnII+2Cp9g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:25:20 2025 by rpki-client